Built MedTech-first. Secured for the enterprise.
Security and data protection are foundational to how ShakeIQ works – not an afterthought bolted onto a consumer-grade tool. Here’s how we think about it and what we commit to in writing.
Four promises we make to every customer.
This is how we think about your data – from the moment it enters ShakeIQ to the moment you decide to take it somewhere else.
Your data is yours.
Ownership never transfers to ShakeIQ – not during the contract, not at renewal, not on termination. You can export it on request, and we’ll permanently delete it when you leave.
You choose where it lives.
Multi-tenant SaaS with region-by-region residency for most customers. For enterprises with strict sovereignty requirements, the full ShakeIQ stack deploys inside your own cloud – and your data never leaves your perimeter.
It doesn’t train our AI.
No training. No fine-tuning. No cross-customer data mixing – ever. Your content is used to serve your users, and nothing else. Not by us, not by our vendors.
It’s walled off.
Strict tenant isolation across database, service, and identity layers. Rep-private data stays with the rep; enterprise data flows cleanly to the enterprise. Enforced by architecture, not by trust.
How our architecture makes it happen.
Our foundational architecture is inherently secure – your knowledge and your data are yours, not the LLMs’. And our controls and contractual commitments turn each promise into verifiable reality.
Strict tenant isolation
Per-tenant encryption keys and segregation at the database, service, and identity layers. No cross-tenant access paths in the platform, and no cross-tenant mixing in any AI model, embedding, or vector store.
Encryption end-to-end
TLS 1.2+ for data in flight. AES-256 for data at rest. Secrets held in vault – never in code, config, or logs. Local device storage encrypted by the OS.
Enterprise identity & access
SSO with your identity provider, multi-factor authentication, biometrics on mobile. Fine-grained role-based access controls what each user can see, do, share, and export.
Rep-private data segregation
Scoped identity tokens keep a rep’s private notes isolated from the enterprise data store. An optional zero-rep-data mode is available for organisations that don’t want private notes retained server-side at all.
Continuous monitoring
Anomaly detection across identity, session, and API activity. Session expiration, remote logout, and structured audit logging of every rep and admin action.
Documented export & deletion
Data export available on request. Permanent deletion from production and backup systems within documented retention windows on termination. Ownership does not transfer at any point.
Secure knowledge fabric you control
We don’t train LLMs on your knowledge – we use them to navigate it. The structured fabric stays in your environment, under your control. Security isn’t a layer on top; it’s how the architecture works.
Data and IP loss protection by design
Generic AI sends your queries and supporting content to a third-party LLM. ShakeIQ doesn’t. The LLM only sees what your structured knowledge layer hands it. Your data – and the institutional knowledge built on top of it – never leaves your environment.
Built for healthcare-grade data.
MedTech commercial conversations sit close to the patient. Clinical context, procedure notes, call recaps, and rep observations all carry PHI risk in ways generic SaaS platforms never anticipated. ShakeIQ is engineered for that reality from the ground up.
PHI detection, before AI
Inbound content is screened for protected health information before it reaches any AI model or vector store. Detected PHI is redacted or blocked in line with HIPAA’s Security Rule safeguards – not bolted on after the fact.
Nothing persisted that shouldn’t be
We don’t store, transmit, or retain PHI we don’t need. Sanitized content only moves forward into analytics, intelligence, and coaching surfaces – and no PHI is ever used to train or fine-tune AI models.
Traceable, auditable, defensible
Every PHI-bearing input is logged with detection and handling detail – giving your privacy, security, and compliance teams a clear, auditable trail from first capture through final disposition.
Deployment that fits your risk profile.
We don’t force one model. Choose the deployment that fits your infrastructure, data residency, and threat-surface requirements.
Multi-tenant SaaS
Fully managed by ShakeIQ on enterprise-grade cloud infrastructure, with strict per-tenant isolation, continuous updates, and region-by-region rollout for data residency. The fastest path to value, and the one most customers choose.
SaaS appliance in your cloud
Deploy the full ShakeIQ stack inside your own cloud environment. Same product, same controls, data never leaves your perimeter – ideal for enterprises with strict sovereignty or residency requirements.
Common questions.
The things CISOs, security teams, and procurement teams ask us most often. For anything not answered here, we’ll walk through the specifics in your security review. Regulatory and policy questions – HIPAA, Sunshine Act, claims, and more – live on our Compliance page.
No. No training, no fine-tuning, no cross-customer data mixing. Your data is used solely to serve your users, and you retain full ownership at all times.
Strict multi-tenant isolation across our database, service, and identity layers, with per-tenant encryption. No cross-tenant access paths, no cross-tenant data mixing – including in any AI model, embedding, or vector store.
Our security controls are built to align with SOC 2 and ISO 27001 standards. We’re happy to walk through our current posture, audit roadmap, and specific control documentation as part of a security review.
ShakeIQ runs on enterprise-grade cloud infrastructure with strict tenant isolation and per-tenant encryption. We support region-by-region rollout for data residency, and enterprise customers can choose the SaaS-appliance deployment to keep all data inside their own cloud.
You can export your data on request, and we will permanently delete it from our production and backup systems within documented retention windows. Ownership never transfers to ShakeIQ at any point.
Security deep-dives are part of every ShakeIQ evaluation. When you schedule a demo, let us know your security team needs to be involved, and we’ll come prepared with architecture, controls, and documentation tailored to your environment.
Bring your security team to the demo.
Tell us what your CISO, security, and procurement teams need to see – and we’ll structure the demo to walk through it alongside the product.