Security & Trust
Security Built for Underwriting Data
Submissions carry PII, financials, loss history, and broker relationships. Here's how WriteRisk protects them.
Architecturally isolated — not just access-controlled.
Each customer runs in a separate environment: databases, encryption keys, and storage. No shared tables, models, or inference. Your data is physically inaccessible to other customers.
We never train on your submissions.
AI is trained on public insurance data and anonymized benchmarks — not your submissions, decisions, broker data, or loss runs.
Immutable, regulator-ready audit trails.
Every extraction, recommendation, override, and rule trigger is time-stamped and linked to source documents. Reconstruct any decision chain in seconds — for E&O, regulatory inquiry, or capacity audit.
Encrypted in transit and at rest.
TLS 1.3 in transit. AES-256 at rest. Customer-specific keys, rotated on schedule.
SOC 2 Type II — Certification In Progress.
Designed for SOC 2 Type II from day one. Formal audit underway; expected certification Q2 2026. For vendor reviews, we share architecture docs, access policies, and incident response — security@usewriterisk.com.
Explainable to your team, carrier, and regulator.
Every recommendation is source-cited. Referrals and declines show which rule fired, which field triggered it, and what threshold applied — auditable in plain English.
Security documentation, vendor questionnaires, or architecture review — security@usewriterisk.com. We respond within one business day.
Contact Security Team