Security & Architecture
Scout by Plansight
Security, architecture, and compliance overview for executive and IT security review.
Security, architecture, and compliance overview for executive and IT security review.
Scout is an AI-powered support assistant that helps Plansight users find answers, watch training videos, and explore guided walkthroughs — all without leaving the app.
Scout runs on independent infrastructure with zero access to Plansight's database, servers, or user credentials.
TLS 1.2+ in transit, AES-256 at rest, AES-256-GCM for API keys, bcrypt for passwords. No plaintext secrets anywhere.
Every infrastructure provider (Vercel, Neon, Anthropic) is SOC 2 Type II certified.
Scout is a read-only support tool connected to Plansight via a single <script> tag. The blast radius of any Scout compromise is limited to support conversation history. It cannot be used as a vector to access Plansight's core application, customer data, or infrastructure.
How Scout connects to Plansight and its supporting services. Note the clear isolation boundary.
A clear picture of what Scout can see, what it stores, and what it cannot access.
First name, email, and user ID — passed from the Plansight app via the embed snippet. Used only for greeting personalization and conversation attribution.
Questions typed by the user in the chat widget. Sent to the Scout backend, used to search the knowledge base, and passed to Claude for answer generation.
| Data | Storage | Purpose |
|---|---|---|
| Questions & AI responses | Neon PostgreSQL (encrypted at rest) | Analytics, quality improvement |
| User name, email, user ID | Neon PostgreSQL | Conversation attribution |
| Feedback (thumbs up/down) | Neon PostgreSQL | Response quality tracking |
| Resource requests | Neon PostgreSQL | Content gap identification |
| Session history | Neon PostgreSQL | Conversation continuity |
Every component of the Scout stack runs on SOC 2 Type II certified infrastructure.
| Component | Provider | Certification | Details |
|---|---|---|---|
| Backend | Vercel | SOC 2 Type II | Serverless Node.js functions. Auto-scales, no persistent servers. Global edge network with automatic TLS. |
| Database | Neon | SOC 2 Type II | Serverless PostgreSQL. Data encrypted at rest (AES-256). Hosted on AWS US-West-2. Automatic backups. |
| AI Model | Anthropic | SOC 2 Type II | Claude Haiku 4.5 via API. ~$0.005 per question. Anthropic does not train on API data. No customer data retained after response. |
| Knowledge Base | UserGuiding | SOC 2 Type II | Read-only API access to help articles. No write access. No customer data shared. |
| Videos | Wistia | SOC 2 Type II | Read-only access to training video catalog. Videos served via Wistia CDN. |
| Source Code | GitHub | SOC 2 Type II | Private repository. Only authorized personnel have access. No Plansight source code stored. |
Data protection at every layer of the stack.
All communication uses TLS 1.2+ enforced by Vercel. No unencrypted HTTP traffic is accepted. HSTS headers are set automatically.
Neon PostgreSQL encrypts all data at rest using AES-256. Backups are also encrypted. No plaintext data on disk.
All third-party API keys stored in the database are encrypted using AES-256-GCM with authenticated encryption and per-record initialization vectors. Decryption requires a server-side master key that never leaves the server environment.
Admin passwords are stored as bcrypt hashes with a cost factor of 10. Original passwords are never stored or logged.
All secrets are stored as Vercel environment variables, encrypted at rest by Vercel, and never committed to source code.
| Variable | Purpose | Exposure |
|---|---|---|
ANTHROPIC_API_KEY | Claude AI access | Server-side only |
ENCRYPTION_KEY | AES-256-GCM master key for DB encryption | Server-side only |
DATABASE_URL | PostgreSQL connection string | Server-side only |
USERGUIDING_API_KEY | Knowledge base search | Server-side only |
How the AI model is configured and what it can and cannot do.
Anthropic does not use API inputs or outputs to train models. This is guaranteed by their API Terms of Service and SOC 2 certification.
Scout uses a controlled system prompt that instructs the AI to only answer from provided knowledge base articles and their embedded video transcripts. It cannot make up information or access external systems.
The AI generates text responses only. It cannot execute code, access databases, call APIs, browse the internet, or perform any actions beyond generating a text answer.
The AI only has access to help articles from the UserGuiding knowledge base and spoken transcripts from embedded Wistia training videos. It has zero access to customer data, policy information, financial records, or any Plansight business data.
Anthropic does not retain API request data after generating a response. There is no conversation memory on Anthropic's side between requests.
The only integration point is a single <script> tag. Nothing else.
Clear separation of responsibilities and access levels.
| Role | Access | Scope |
|---|---|---|
| Steve Overton Product Owner |
Full admin access | GitHub repo, Vercel dashboard, Neon database, all API keys, Slack notifications |
| Plansight Developers Frontend Team |
Embed snippet only | They add a <script> tag to the Plansight frontend. No access to Scout backend, database, or API keys. |
| End Users Plansight Customers |
Chat widget only | Can ask questions and browse help content. Cannot access other users' conversations or any admin functions. |
| Anthropic (Claude) AI Provider |
API access only | Receives questions and knowledge base context. Cannot access Scout database, infrastructure, or any Plansight systems. |
How Scout aligns with common compliance frameworks.
| Requirement | Status | Details |
|---|---|---|
| SOC 2 | All Providers Certified | Vercel, Neon, Anthropic, GitHub — all SOC 2 Type II |
| Data Residency | US-Based | Database in AWS US-West-2. Vercel edge functions execute in nearest US region. |
| GDPR | Compliant | Minimal PII collected. Conversation data can be deleted on request. No EU data processed unless EU users interact. |
| HIPAA | Not Applicable | Scout does not process, store, or transmit protected health information (PHI). Only software support questions. |
| PCI DSS | Not Applicable | No payment data is processed or stored. |
| Encryption in Transit | TLS 1.2+ | Enforced by Vercel on all endpoints. HSTS headers set automatically. |
| Encryption at Rest | AES-256 | Neon PostgreSQL encrypts all data at rest. API keys double-encrypted with AES-256-GCM. |
How to monitor, respond to, and disable Scout if needed.
Vercel provides real-time function logs, error tracking, deployment history, and usage analytics. All API errors are logged with full context.
Any Vercel deployment can be rolled back to a previous version with one click. Previous deployments are preserved indefinitely.
Scout can be instantly disabled by removing the <script> tag from the Plansight frontend, or by deactivating the tenant in the Scout database. No redeployment needed.
Scout sends real-time Slack notifications for new conversations, negative feedback, resource requests, and support tickets. Configurable per channel.
Three independent kill switches, any one of which immediately stops all Scout functionality:
is_active = false in the tenants table. All API requests return 404.How Scout satisfies each applicable Plansight internal security policy, mapped to TSC controls.
| Policy Requirement | Scout Compliance |
|---|---|
| 4.a.iv — Approved AI services must be paid organizational services under contract | Anthropic Claude is accessed via paid API subscription with organizational account. Compliant |
| 4.a.v — Approved AI services must provide contractual assurances that data is not used to train models | Anthropic's API Terms of Service explicitly state that API inputs/outputs are not used for model training. SOC 2 Type II certified. Compliant |
| 4.b.ii — AI use must be limited to the minimum data necessary | Scout only sends the user's support question and relevant help articles to Claude. No customer data, policy data, PHI, or financial data is ever transmitted. Compliant |
| 4.c.i — Each job must be handled in an isolated model instance | Each Claude API call is stateless — Anthropic does not maintain context between requests. There is no persistent model instance. Each question is processed in complete isolation. Compliant |
| 4.c.ii — Upon completion, the model instance must be discarded | Claude API requests are fire-and-forget. Anthropic does not retain request data after generating a response. No data persists on Anthropic's side. Compliant |
| 4.c.viii — PHI and PII must not be submitted unless management has explicitly approved | Scout only submits user-typed support questions, knowledge base articles, and embedded video transcripts to Claude. No PHI is ever submitted. The only PII is the user's first name (for greeting personalization), which is minimal and non-sensitive. No employer data, policy data, SSNs, DOBs, or health information is accessible to Scout. Compliant |
| 4.c.v — Users must not enable vendor training, data sharing, or model improvement features | Anthropic API does not have opt-in training features. The API is contractually excluded from training by default. No configuration needed. Compliant |
| Policy Requirement | Scout Compliance |
|---|---|
| 4.e — IT vendors must undergo a risk assessment; a valid SOC 2 can be used instead of a full assessment | All Scout vendors hold current SOC 2 Type II certifications:
• Anthropic (Claude AI) — SOC 2 Type II • Vercel (hosting) — SOC 2 Type II • Neon (database) — SOC 2 Type II • GitHub (source code) — SOC 2 Type II Compliant |
| 4.a — Vendors must not access information security assets until a contract with security controls is signed | All vendor relationships are under paid subscription agreements with security terms. No vendor has direct access to Plansight's information security assets. Compliant |
| 4.f — Vendors must ensure organizational records are protected, safeguarded, and disposed of securely | Scout data is encrypted at rest (AES-256) and in transit (TLS 1.2+). Neon provides automatic encrypted backups. Data can be deleted on request. Compliant |
| Policy Requirement | Scout Compliance |
|---|---|
| 3.a — Systems must use AES-256 with 256-bit keys |
• Database encryption at rest: AES-256 (Neon/AWS)
• API key encryption: AES-256-GCM with 256-bit key, authenticated encryption with per-record IVs • Transit encryption: TLS 1.2+ with AES-256 cipher suites Compliant |
| 3.f.iv — Key rotation at least once every 12 months | Encryption keys are stored as Vercel environment variables and can be rotated at any time. A rotation schedule should be established. Action Required |
| 3.f.i-iii — Key management with access control, secure storage, and backup | Keys are stored in Vercel's encrypted environment variable system with role-based access. Only the project owner (Steve Overton) has access. Compliant |
| Data in Scout | Classification | Rationale |
|---|---|---|
| Knowledge base articles | Public | Already published on help.plansight.com. Public by nature. |
| User name & email | Internal Use | Basic contact info for conversation attribution. Not sensitive. Available to all employees. |
| Support questions & answers | Internal Use | Questions about software usage. No customer data, PHI, or policy information. |
| API keys & credentials | Restricted | Third-party API keys encrypted with AES-256-GCM. Stored encrypted at rest. Access limited to system owner only. |
Plansight's core platform handles PII, PHI, employer data, and policy information. None of this data is accessible to Scout. Scout is architecturally isolated from the Plansight database and infrastructure. The only data Scout receives is:
There is no mechanism — technical or otherwise — for Scout to access Plansight customer data, employer records, plan details, census data, or any PHI. The systems are completely separate.
Items to address for full policy alignment before production deployment.
Per AI Policy 4.a.ii, add "Anthropic Claude API (Scout chatbot)" to the organization's approved AI services registry. Document the SOC 2 report as the risk assessment artifact per Vendor Management Policy 4.e.ii.
Per Encryption Policy 3.f.iv, set a 12-month rotation schedule for the Scout ENCRYPTION_KEY. Document the rotation procedure and assign an owner.
Register Vercel, Neon, and Anthropic as IT vendors per Vendor Management Policy. File SOC 2 reports for each. All three hold current SOC 2 Type II certifications.
Per AI Policy 4.c.viii, obtain written management approval confirming that Scout's limited use of PII (user name and email for personalization) meets contractual, privacy, and security requirements. Note: no PHI is involved.
Configure scout.plansight.com as the production domain. This provides a branded URL and allows domain-based CORS restrictions to replace the current open CORS policy.