Privacy & Security

Data Minimization

• Default to feature extraction on‑device for speech; avoid storing raw audio unless explicitly consented.
• Collect only necessary sensors; make each permission clear and revocable.

Security Controls

• TLS 1.2+, AES‑256 at rest, KMS‑managed keys.
• RBAC/ABAC with least‑privilege; periodic access reviews.
• Secrets via environment variables and managed secret stores; rotation policy.
• Audit logging for all admin/PHI touches.

Compliance

• HIPAA/HITECH principles (BAA with cloud vendors as required).
• GDPR: DPA, SCCs where applicable; user export/delete workflows.
• Model governance: data lineage, reproducibility, bias reporting.

Risk Management

• Threat modeling (STRIDE), regular pen‑tests, SAST/DAST.
• Incident response runbook, RTO/RPO targets, backups with restoration drills.