1.Overview

The compliance and security framework is fundamental to Sque's architecture, protecting sensitive client information while ensuring regulatory compliance.

From firm-level data isolation and encryption through audit trails, ethical walls, regulatory compliance standards, and emergency access procedures, Sque provides enterprise-grade security infrastructure designed for the legal profession's confidentiality and ethical obligations.

2.Compliance & Security Guides

Explore the guides below for detailed instructions on each area:

  • Data Isolation, Encryption, and Access Controls — Foundational security architecture for client data protection.
  • Audit Trails, Compliance Reporting, and Ethical Walls — Documenting compliance and preventing conflicts of interest.
  • Compliance Standards, Data Governance, and Emergency Access — Regulatory requirements and data lifecycle management.

Frequently asked questions

Each firm operates in an isolated tenant environment with tenant-specific encryption keys. Firm databases are completely separate with no shared tables or cross-firm data access—even through system error or vulnerability.

All data is encrypted in transit using TLS 1.2+ and at rest in databases and Briefcase. Encryption keys are stored in a separate key management system, never alongside encrypted data, with access restricted to authorized personnel.

Sque meets SOC 2 Type II compliance with annual third-party audits, GDPR compliance for European firms with data residency options, HIPAA-ready architecture for health information, and security architecture supporting professional liability insurance requirements.

When conflicts are identified, conflicted attorneys are automatically prevented from accessing adverse matters. The system screens email and chat communications, removes conflicted attorneys from adverse matter distributions, and logs and reports any wall violation attempts.