Trust

trust center

CX Assist is your trusted partner in secure customer communications. We are unwavering in our commitment to protecting your data and ensuring privacy across all voice and data interactions. Our rigorous security posture is underpinned by enterprise-grade AWS infrastructure, industry-leading best practices, and adherence to globally-recognized security and privacy frameworks.

As a practice, we go beyond compliance to proactively identify and mitigate risks, continuously enhancing our security measures. This not only safeguards your sensitive customer data but also helps you meet your regulatory obligations effectively across healthcare, legal, and other high-trust sectors.

This Trust Center provides a detailed overview of our data security and privacy measures, including our commitment to risk management, best practices, and continuous improvement in AI-powered communications.

Compliances

SOC 2 Type II

In Progress – Expected completion Q1 2026 Independent audit of our security, availability, processing integrity, confidentiality, and privacy controls.

ISO 27001

In Progress – Expected completion Q2 2026 International standard for information security management systems, ensuring systematic approach to managing sensitive information.

GDPR

Compliant Full compliance with European General Data Protection Regulation for all customer data processing and storage.

HIPAA

Compliant Healthcare Insurance Portability and Accountability Act compliance for protected health information in healthcare communications.

Trusted By

{

Recently set up my clinic and the team has been fantastic. From set up to advice and excellent remote receptionist support I’m not sure were my clinic would be without you. You always work so passionately to make sure our patients get the best experience and insight and they really are reaping the rewards from your efforts! Thank you!!

5
Laetitia Denholm
{

I’ve recently engaged the services of Clinic Assist to support my clinics during a receptionist dry spell. To date Kate has restored my faith in VA companies and continues to over deliver at every oppurtunity! The feedback from pateints is very positive too!

5
Stuart Rudd
{

Excellent – seamlessly integrated with our practice. The girls are highly trained and specialised. Couldn’t recommend them more.

5
Claire Roderick

Security Controls

Continuously monitored across 85+ security controls

Voice & Communication Security

– End-to-end call encryption (AES-256)

– Secure VoIP transmission protocols

– Real-time call monitoring and recording

– Voice data anonymization capabilities

– View 8 more controls

Data Protection

– Regional data storage via AWS RDS

– Automated data backup and recovery

– Data retention policy enforcement

– Customer data segregation

– View 11 more controls

AI & Machine Learning Security

– AI model access controls

– Training data protection

– Bias detection and mitigation

– Model versioning and rollback

– View 4 more controls

Infrastructure Security

– AWS multi-region deployment

– Network segmentation and firewalls

– DDoS protection via CloudFront

– Intrusion detection systems

– View 14 more controls

Access Management

– Multi-factor authentication (AWS Cognito)

– Role-based access controls

– Regular access reviews

– Privileged account monitoring

– View 6 more controls

Compliance & Governance

– Regular security assessments

– Incident response procedures

– Vendor risk management

– Employee security training

– View 18 more controls

Infrastructure & Technology

Our technology roadmap includes:

AWS Foundation

– AWS RDS for secure, regional database storage

– AWS Cognito for identity and access management

– CloudFront CDN for secure, fast content delivery

– GuardDuty for intelligent threat detection

– Route 53 with built-in DDoS protection

Telecommunications Security

– Custom Asterisk framework with security hardening

– Encrypted SIP communications

– Secure call routing and load balancing

– Real-time call quality monitoring

AI Security

– Secure AI model deployment and management

– Data anonymization for AI training

– Continuous model monitoring and validation

– Ethical AI governance framework

Resources

Continuously monitored across 85+ security controls

12 Policies

  • Information Security Policy
  • Data Protection and Privacy Policy
  • Incident Response Policy
  • AI Ethics and Governance Policy
  • View 8 more policies

8 Certifications

  • AWS Security Best Practices
  • Telecommunications Security Standards
  • AI Safety Guidelines
  • Healthcare Data Protection
  • View 4 more certifications

4 Technical Documents

  • Security Architecture Overview
  • Data Flow and Processing Guide
  • Encryption Standards Documentation
  • Business Continuity Plan

Frequently Asked Questions

How is my customer data protected during AI processing?

All customer interactions are encrypted end-to-end, and our AI models process data in secure, isolated environments. Personal data is anonymized for AI training purposes, and we maintain strict data segregation between clients.

Where is my data stored and can I control the location?

Data is stored in AWS RDS with regional options available. UK businesses can ensure data remains within UK data centers, while we’re expanding to additional regions for local compliance requirements.

How do you ensure HIPAA compliance for healthcare communications?

Our platform includes built-in HIPAA safeguards including encrypted communications, audit logging, access controls, and business associate agreements. All staff undergo HIPAA training and certification.

What happens if there's a security incident?

We have a comprehensive incident response plan with 24/7 monitoring, immediate containment procedures, and transparent communication. All incidents are logged, investigated, and reported according to regulatory requirements.

How can I monitor the security of my account?

Your dashboard includes real-time security monitoring, access logs, and compliance status. We provide regular security reports and immediate alerts for any unusual activity.

What certifications are you working toward?

We’re actively pursuing SOC 2 Type II (Q1 2026) and ISO 27001 (Q2 2026) certifications. We also maintain ongoing compliance with GDPR and HIPAA requirements.