VetStack
FeaturesPricingFree ToolsBlogFAQContact
Sign inGet started free

Security

Built like a health record system, not a side project.

HIPAA does not technically apply to veterinary medicine. We built VetStack as if it did, because your patients' records deserve the same care as human ones.

HIPAA-grade security
SOC 2 certified sub-processors

HIPAA-grade. SOC 2 sub-processors.

Our infrastructure providers (Supabase, Vercel, AWS) are independently SOC 2 Type II certified.

Encrypted everywhere

Audio, transcripts, and notes are encrypted at rest with AES-256 and in transit with TLS 1.2+. Database backups are encrypted too.

Practice-level isolation

Your clinic's data is fenced off at the database layer using row-level security. No other practice can read your records.

Strict access controls

Infrastructure access uses single sign-on and two-factor authentication. No shared admin accounts, no production access from personal laptops.

Audit logs on everything

Every read and write to a clinical record is logged with the user, timestamp, and action. Logs are retained for one year.

Never used to train AI

Your audio, transcripts, and notes are never used to train AI models. Our model providers are contractually bound to the same.

Your data, on your terms

Audio is auto-deleted after 90 days (one year on Solo+). You can export everything or wipe your account from Settings at any time.

Where your data lives

VetStack runs on AWS US-East infrastructure through Supabase (database, storage, authentication) and Vercel (application hosting). Both vendors are independently SOC 2 Type II certified.

Who we share data with

We share data only with the service providers required to run VetStack: Deepgram for audio transcription, Anthropic for SOAP note generation, Supabase for storage, Clerk for authentication, Stripe for payments, and Resend for transactional email. Each provider is contractually bound to handle your data securely and never train AI models on it.

We do not sell your data to anyone, for any purpose.

Reporting a security issue

If you believe you have found a security vulnerability in VetStack, please report it through our contact page. We respond to all security reports within one business day.

Full details in our privacy policy.
VetStack

AI-powered SOAP note generation for veterinarians. Save time, see more patients.

HIPAA-grade security
SOC 2 certified

Our technology follows HIPAA-grade security practices, uses industry best practices, and auto-deletes audio recordings after 90 days.

Company

AboutPricingFree ToolsBlogSecurityFAQContact

Legal

PrivacyTermsCookiesAcceptable Use

Stay in the loop

New tools, product updates, and clinical workflow ideas, straight to your inbox. No spam.

© 2026 VetStack. All rights reserved.