Security built for legal practice

Protecting client information isn't optional. Here's how Jurisdox keeps your data safe.

“Legal professionals handle some of the most sensitive information imaginable—family breakdowns, financial details, end of life wishes. We take that responsibility seriously.”

Data protection

Enterprise-grade security for your practice.

Australian Data Residency

All Jurisdox data is stored in Australian data centres. Client information never leaves Australia.

Encryption

TLS 1.3 encryption in transit and AES-256 encryption at rest. Your data is protected at every stage.

Access Controls

Role-based access controls, comprehensive audit logging, and two-factor authentication.

Following the December 2024 regulatory guidance

Jurisdox is designed to align with the joint statement on AI from NSW, Victorian, and WA legal services regulators.

Confidentiality protected

Client data is not sent to public AI services. We use private AI infrastructure with strict data handling.

Lawyers must ensure AI systems protect client confidentiality and privilege.

Human judgment preserved

AI generates drafts; attorneys make decisions. No autonomous actions—you approve everything.

The exercise of independent judgment remains the lawyer's responsibility.

AI outputs verified

Complete audit trails are maintained. Every AI-generated document is clearly marked and reviewed.

Lawyers must review and take responsibility for work product created with AI assistance.

Cost efficiency maintained

AI should benefit clients through efficiency. Jurisdox helps you serve more clients at lower cost.

Efficiency gains from AI should be reflected in value delivered to clients.

Human-in-the-loop is fundamental, not a feature

Every AI-generated document in Jurisdox requires attorney review before it can be used. This isn't an optional setting—it's how the system is designed. AI assists; you decide.

Privacy practices

Your data

  • You own your data—always
  • Request deletion at any time
  • Export your data in standard formats
  • Clear data retention policies

AI training

Your data is not used to train AI models.

Period.

Your client information, intake conversations, and generated documents are never used to train AI models. This is a firm commitment.

Security practices

How we build and operate securely.

Development security

  • Secure coding practices and code review
  • Dependency scanning and updates
  • Environment separation (dev/staging/production)
  • Automated security testing

Operational security

  • Comprehensive access logging
  • Incident response procedures
  • Regular security reviews
  • Backup and disaster recovery

Certifications

Working toward industry-recognised security certifications.

SOC 2 Type II

In Progress

Security, availability, and confidentiality controls audit.

ISO 27001

Planned

International standard for information security management.

We're also researching NSW Law Society trust accounting certification requirements for future features.

Questions about security?

We're happy to discuss our security practices in detail.

Contact us