Security and trust

The security a law firm is held to.

Client data is handled to the standard the bar and HIPAA demand: enterprise agreements, encryption, per-firm isolation, and a human who approves before anything leaves the firm.

How client data is handled

Your matters, held to a privileged standard.

Client files are the most sensitive data a firm holds. They are handled that way: under enterprise agreements, encrypted end to end, and isolated so your work never mixes with another firm's.

  • Enterprise agreements with the model provider govern every request
  • Encrypted in transit and at rest
  • Zero data retention: the provider keeps nothing once a request completes
  • Never used to train any model, yours or anyone else's
  • Your firm's data is isolated to your firm, walled off from every other firm
A human in the loop

Delta prepares the work. Your team approves it.

Delta does the drafting and the legwork, but it does not act on the firm's behalf without a person. A human reviews and approves before anything leaves the firm, and autonomy is earned one task at a time.

01

Delta drafts and prepares.

It gathers the records, builds the chronology, and drafts the letter, then stops at the edge of your firm.

02

A person on your team approves.

Nothing leaves the firm until someone reads it and signs off. The final send is always a human decision.

03

It earns autonomy task by task.

As it proves reliable on a kind of work, you can let it run further on that work. Trust is granted, never assumed.

Grounded in your file

Answers you can trace back to the record.

Delta works from the facts in your matter, not from a general impression of what a case like yours usually says. Every answer cites the document it came from, so you can check the source yourself.

Every answer is grounded in your real matter, not a general guess
It cites the source, so you can open the document behind any claim
It works from the facts in your file, it does not invent them
You can verify every answer against the record it came from
Compliance

The paperwork your risk-conscious partner will ask for.

The specifics that matter when a firm signs off on a new tool: a BAA when you handle health information, the controls your ethical duties require, and a record of everything that happened.

A BAA is available.

For firms handling protected health information, a Business Associate Agreement is available covering PII and PHI.

Built around Rule 1.6.

Encryption, per-firm isolation, no training on your data, and a full audit trail support your reasonable-efforts obligation to protect client information under ABA Rule 1.6.

A complete audit trail.

Every action Delta takes is logged: timestamp, document accessed, query made, answer generated, and sources cited. The trail is exportable for bar review.

Questions

Security questions

Does CaseDelta use third-party AI models like OpenAI?

Yes, and we are direct about it, the same way Clio and MyCase are. Delta runs on enterprise AI models used under strict agreements: your data is never used to train any model, never retained by the provider once a request completes, and never sold or shared. Every matter is isolated to your firm, with a full, exportable audit trail.

How does this support ABA Rule 1.6?

Rule 1.6 requires lawyers to make reasonable efforts to prevent unauthorized disclosure of client information. That is exactly what this is built for: encryption in transit and at rest, per-firm data isolation, enterprise agreements with no retention and no training, a human who approves before anything leaves the firm, and a complete audit trail of every action.

What happens to my data if I cancel?

Your data is yours. You can export everything before canceling, and after cancellation your data is permanently deleted from CaseDelta's systems within 30 days.

Who can see my firm's data?

Only authorized users at your firm. Every firm's data is isolated from every other firm, and no CaseDelta employee accesses your case data without explicit authorization. The enterprise AI Delta uses never retains your data and never trains on it.

See exactly how your data is handled.

Bring the questions your risk-conscious partner would ask. We will walk through the controls, the agreements, and the audit trail in a fifteen-minute demo.