Security Is Not a Feature.
It Is the Foundation.
Every layer of Forensic Notes is built to protect the integrity of your documentation. Encryption, digital signatures, audit trails, and access controls are not add-ons. They are core to how the platform works.
Free consultation · No obligation · Honest answers
Your Data Is Encrypted at Every Stage
From the moment data enters Forensic Notes to the moment it is exported, every byte is protected by industry-standard encryption.
Encrypted at Rest
All data is encrypted using 256-bit AES encryption. Your case files, notes, and attachments are protected even if physical storage media were ever compromised.
Encrypted in Transit
Every connection uses TLS 1.2 or higher. Data moving between your device and our servers is encrypted end-to-end, preventing interception or eavesdropping.
Encrypted Exports
Downloaded forensic notebooks are cryptographically signed PDF documents. Each export includes a SHA-512 digital signature that proves the content has not been altered since creation.
Prove Every Note Is Authentic and Unaltered
Forensic Notes uses cryptographic signatures and blockchain anchoring to create an independently verifiable chain of integrity for every record.
SHA-512 Digital Signatures
Every note is signed at creation using SHA-512 cryptographic hashing. Any modification to the original content is instantly detectable, providing courtroom-grade proof of integrity.
Trusted Timestamps
Each note receives a server-side timestamp at the moment of creation. This proves exactly when a record was made, which is critical for contemporaneous documentation requirements.
Private Blockchain Anchoring
Digital signatures are anchored to an immutable private blockchain ledger. This creates an independent, tamper-proof record that exists outside the application database.
Independent Verification
Anyone can verify the authenticity of a forensic notebook without needing access to Forensic Notes. The verification process is built into every exported PDF document.
Control Who Sees What, Down to the Notebook Level
Sensitive investigations require strict access boundaries. Forensic Notes gives administrators full control over who can access, edit, and export case data, with multi-factor authentication enforced across every account.
Role-Based Access Control
Assign Investigator, Supervisor, and Admin roles with distinct permission levels. Control exactly who can create, view, edit, and export case data across your organization.
Multi-Factor Authentication
Enforce MFA across your entire team. Every login requires a second verification factor, significantly reducing the risk of unauthorized access from compromised credentials.
Granular Permissions
Configure notebook-level sharing, team access controls, and case-specific permissions. Sensitive investigations stay compartmentalized to authorized personnel only.
Complete Accountability
Every action in Forensic Notes is permanently recorded. No exceptions.
Every Action Is Logged. Every Record Is Permanent.
Forensic Notes maintains a comprehensive, immutable audit trail for every user and every action. This is not optional. It is built into the foundation of the platform.
- Every note creation, edit, and deletion is permanently logged
- All user logins and access events are recorded with IP addresses
- Export and download activity is tracked per user and per notebook
- Administrative actions (role changes, permission updates) are audit-logged
- Audit records are immutable and cannot be modified or deleted by any user
Built on Enterprise-Grade Infrastructure
Your data is hosted in independently audited facilities with redundant backups and disaster recovery procedures.
SOC 2-Compliant Data Centers
All cloud infrastructure is hosted in SOC 2 Type II certified data centers. These facilities maintain rigorous controls for security, availability, and confidentiality.
Redundant Backups
Data is backed up across geographically separated facilities. Automated backup procedures ensure your data is recoverable in the event of any infrastructure failure.
On-Premise Deployment
For agencies with strict data residency requirements, Forensic Notes can be deployed entirely on your own infrastructure. Contact us to discuss on-premise options.
How Forensic Notes Aligns with Industry Standards
We use precise language below because we believe procurement teams deserve honest answers. Each badge describes our actual relationship to the standard, not a marketing claim.
Federal Rules of Evidence
Digital signatures, timestamps, and audit trails are specifically designed to help your documentation meet the authentication and reliability requirements under FRE 901(b)(9).
SOC 2 Type II
Our hosting infrastructure is SOC 2 Type II certified, meaning independent auditors have verified that our data center provider maintains rigorous security and availability controls.
ISO 17025
Forensic Notes supports the documentation, traceability, and chain-of-custody requirements outlined in ISO 17025 for forensic laboratory and digital forensic workflows.
CJIS Security Policy
Encryption at rest, encryption in transit, MFA, audit logging, and role-based access controls align with CJIS Security Policy technical requirements for criminal justice data.
GDPR
Forensic Notes incorporates privacy-by-design principles consistent with GDPR. Users control their data, and our platform supports data portability and deletion requests.
PIPEDA
As a Canadian company, we operate in accordance with PIPEDA requirements for the collection, use, and disclosure of personal information in commercial activities.
Transparency note: Forensic Notes distinguishes between security capabilities built into our platform and third-party certifications obtained by our infrastructure providers. Where we say "designed to support" or "aligned with," we mean our platform includes the technical controls relevant to that standard. We do not claim certifications we have not earned. If you have specific compliance questions, please contact us for a direct, detailed answer.
Security Questions
Have Specific Security Requirements?
We understand that procurement teams need clear, direct answers. Contact us and we will provide the exact technical details your review requires.
Honest answers · No sales pressure · Technical detail available