How CadCan Protects Your Patients' Data

For dental offices, privacy officers, and regulatory review — plain language

WHEN YOU SEND A FILE STEP 1 Your Office Sends a File Scan, X-ray, photo, or PDF The connection uses HTTPS with TLS 1.3 — the same encryption standard your bank uses online. Your login is verified before any data is accepted. Each office can access only their own cases and patients. ✓ Encrypted in transit STEP 2 Arrives — Never Stored Raw Held in server memory only The file arrives at CadCan's servers and stays in memory. It is not written to disk in any readable form at any point. Within the same operation, a brand-new random key is generated specifically for this file. ✓ Plaintext never touches disk STEP 3 Scrambled With a Unique Key 🔐 AES-256 encryption applied The file is scrambled using AES-256, the same standard used by governments and banks. Each file gets its own fresh key — no two files share a key. The key is then locked inside a separate master key. ✓ Unique key per file STORED AT REST File Storage Vault Holds the scrambled copy of every file — photos, scans, X-rays, PDFs The vault contains only encrypted data. Without the key, it is unreadable. A breach of this vault alone does not expose any patient information. Key Storage — Kept Separate from the Vault Each file's key is locked inside a master key that lives only in server configuration Not in the database. Not in file storage. Only on the server that processes requests. Breaking into the file vault and the key store are two separate problems — by design. WHEN YOUR DESIGNER RETRIEVES A FILE STEP 4 Designer Requests a File 🔑 Identity and access verified The designer logs in with their own credentials. The system confirms they are assigned to this specific case before any data is retrieved. ✓ Access controlled per case STEP 5 Server Decrypts in Memory Unscrambled inside the server The server retrieves the scrambled file and the locked key. It unlocks the key, then uses it to unscramble the file — all inside server memory. The unscrambled version is never stored — it goes straight through. ✓ Decrypted only in transit STEP 6 Designer Receives the File Downloaded over encrypted connection The readable file is delivered directly to the designer over the same encrypted HTTPS connection. Once delivered, the decrypted version is discarded from the server — not saved anywhere. ✓ Encrypted in transit, not stored Patient Records Also Protected Patient names, dates of birth, and clinical notes in the database are encrypted at the record level — separately from file encryption. Lab staff working on design see cases without patient identifying information where the work does not require it. A database breach does not expose readable patient names or dates of birth. ✓ Database-level encryption

What encryption means in practice

  • • A patient scan stored on our servers looks like random noise to anyone who accesses the storage directly
  • • The key that makes it readable is stored separately — in a different system, under a different lock
  • • An attacker who breaks into file storage gets scrambled bytes they cannot use
  • • Every file has its own unique key — one compromised key affects one file, not all files

Who can access your files

  • • Only verified accounts with explicit access to a specific case can download its files
  • • Dental offices access only their own cases and patients — no cross-office visibility
  • • Designers are assigned per case — they cannot browse other offices' cases
  • • Every download is logged with the user, time, and case — a full audit trail is maintained

About this document

  • • This describes how the system is designed and what we have verified in testing
  • • It is not a legal guarantee — no technology eliminates risk entirely
  • • For technical architecture documentation, contact CadCan directly
  • • System design reviewed and updated as part of pre-launch security testing on synthetic data
Disclaimer: This document describes the design and verified behavior of the CadCan system as of the date of publication. It is not a legal guarantee of security or compliance, and no technology eliminates risk entirely. CadCan is designed to meet PHIPA requirements for a Canadian healthcare software provider handling dental laboratory workflows.