How is your note taking more compliant than other services?

Knapsack is designed with compliance at its core, ensuring that all notes taken meet the highest industry standards for data protection and regulatory requirements. Unlike other services, Knapsack offers end-to-end encryption, including enabling transcripts are saved automatically for Books and Records requirements. For enterprise clients, we enable organizations to maintain a clear record of access and changes for compliance purposes. Furthermore, we are working to integrate our platform seamlessly with existing compliance tools to streamline oversight and reporting.

How does Knapsack ensure data privacy?

Knapsack employs state-of-the-art encryption for data at rest and in transit, ensuring that your information is secure from unauthorized access. We also prioritize zero-knowledge architecture, meaning we never have access to the contents of your files or notes. Knapsack undergoes regular penetration testing and adheres to GDPR, HIPAA, and CCPA guidelines to provide peace of mind for data privacy.

How does Knapsack support FINRA compliance?

Knapsack offers robust tools to support FINRA compliance, including automated archiving of notes, activity logs, and communication records. These features ensure that all necessary records are securely stored in a tamper-proof format and are easily retrievable during audits. Knapsack also provides tools to flag non-compliant content, helping financial advisors proactively adhere to FINRA's strict regulatory standards.

Can Knapsack provide customized compliance solutions?

Yes, Knapsack offers tailored compliance solutions to meet the unique needs of your organization. Our platform can be configured to align with your specific regulatory environment, whether it's SEC, FINRA, HIPAA, or international data protection laws. We also provide APIs and integration options for enterprise customers to work seamlessly with your existing compliance and governance systems.

How can I trust that Knap Inc does not have access to the files and emails I share with Knapsack?

Knapsack employs a zero-knowledge architecture, which ensures that we cannot access or view your data under any circumstances. All files and emails are encrypted on your device before they are stored or transmitted, and only you hold the keys to decrypt them. Additionally, our SOC 2 compliance and regular third-party audits provide further assurance that your data remains private and secure.

Compliance and Security

At Knap, your trust is our top priority. We understand that data security and privacy are critical to our users, and we are committed to meeting the highest standards in these areas. The foundation for this is our privacy policy.

Illustration of a lone hiker in a lush field

SOC2 & HIPAA-Compliant

Current Compliance

We are proud to be HIPAA-compliant, ensuring that sensitive health data is protected in accordance with the strictest regulations. This demonstrates our ongoing commitment to safeguarding personal and confidential information.

We are also proud to be SOC 2 - Type 1 compliant and are undergoing an observation period to be SOC 2 - Type 2 compliant. For users who use cloud inference, we use Groq, who are already SOC 2 Type 2 compliant.

Our compliance team has 30 years of experience working on security and compliance. This represents an area of ongoing investment for us.

The Knap security program is led by IT and Security Senior Leadership and is responsible for the following areas:

Application Security
Infrastructure and Network Security
Compliance
Privacy
Corporate Security
Physical Security

Our employees are required to attend annual security awareness training and are informed of their security responsibilities.

Talk to Our Team

Placeholder Text

Future Proofing

Ongoing Efforts

In addition to HIPAA, we are actively working towards full compliance with:

SOC 2 Type 1 and 2: To ensure we maintain strong controls over security, availability, and confidentiality.
CCPA: So we meet the privacy rights and data protection standards expected in California and beyond.
GDPR: Aligning with the rigorous privacy requirements for protecting user data in the European Union

Talk to Our Team

Have Questions? Let's Talk

We actively engage with our users to ensure our compliance efforts align with the industry’s most trusted standards. Your feedback plays a vital role in shaping how we prioritize and implement security measures, and we are always ready to listen to your concerns.

Get in touch

Secure by Design

Knap never stores your files to the cloud. After looking through local files, the Knapsack app will send snippets of documents, along with your prompt, to a SOC2 compliant inference cloud called Groq for processing. These snippets and prompts are immediately deleted after your response is returned.

Read the Whitepaper

Frequently Asked Questions

Download

Keep your data out of the clouds

Use pre-built AI automations on your data without uploading your files to a server.

Have Questions?

Please reach out if you have questions, we're always happy to chat.