Approved documents
Start with non-regulated or explicitly approved documents such as policies, procedures, blank forms, manuals, checklists, and sample packets.
Data handling
This pilot policy describes how customer documents should be handled before public launch.
Start with non-regulated or explicitly approved documents such as policies, procedures, blank forms, manuals, checklists, and sample packets.
Protected information includes items such as medical records, Social Security numbers, account numbers, tax records, private legal matter details, employee discipline records, and customer identifiers. Do not upload these unless the customer has approved the use case and safeguards.
Uploaded files are encrypted at rest before they are written to storage. They are meant to be used through BusinessVault, so the stored files should not open as normal readable documents from the storage folder.
Backups include database records, encrypted document storage, and search data. Restore tests should be run before onboarding customers.
Before public launch, customer export and deletion procedures should be documented and tested for each workspace.
When enhanced answers are enabled, selected document excerpts may be sent securely to a cloud AI provider. Documents marked Sensitive or Regulated stay private-only unless explicitly approved.