Ora AI Data Privacy & Security

A reference for medical schools evaluating Ora for student use.

Last updated May 2026

Ora brings safe, secure, capable AI to medical education: an adaptive platform schools can deploy with confidence to help students excel.

AI raises reasonable questions about training, retention, and institutional control. We respect your institution's proprietary content and your students' data. Neither is ours to use beyond serving the student in the moment.

Ora is built to handle every privacy and security question the right way: by contract, by design, and in practice.

Summary

No training on your data, ever. Not by Ora, not by our AI providers. Contractually enforced.
Encrypted in transit and at rest. TLS 1.2+ on the wire, AES-256 in storage.
FERPA-aligned.Ora operates as a "school official" under the school-official exception and will sign a tailored DPA.
Choice of AI provider, with zero data retention on every option:
- Default: Google Cloud Vertex AI (Gemini)
- Microsoft Azure OpenAI Service (same platform as Copilot). HIPAA BAA included, FedRAMP High.
Maximum Privacy add-ons for institutions that want more:
1. Confidential computing via Tinfoil. Hardware-attested secure enclaves with cryptographically verifiable zero retention. No human, not even Ora, can see student data during AI processing.
2. Disable AI document upload entirely at the tenant level. Uploaded student material never reaches an AI model.

1Default Protections

Applies to every Ora user, on every tier.

We never train on your data

Ora does not use any user data (prompts, uploads, responses, behavior) to train, fine-tune, or improve any AI model. Ever. Your data powers the feature you're using in the moment and nothing else.

Our AI providers can't either

Ora's AI inference runs on Google Cloud Vertex AI (Gemini)by default. Under Google Cloud's terms for Vertex AI Generative AI services:

Prompts, files, and responses are contractually prohibitedfrom being used to train or improve any Google or third-party model. (See Google's Vertex AI Generative AI Service-Specific Terms.)
Ora's Vertex AI deployment is configured for zero data retention (ZDR). Google does not log, cache, or store prompt or response content beyond the immediate request lifecycle.

The underlying Google Cloud infrastructure operates under SOC 2 Type II, ISO 27001 / 27017 / 27018, HIPAA, and FedRAMP Moderate.

Encryption

In transit: TLS 1.2+ on every connection.
At rest: AES-256 encryption on all stored files by default.

You control your data

Users (and institutions on behalf of their users) can request deletion of any data at any time. Deletion is permanent, including from backups within our standard retention window.

What we don't do

We do not sell or license user data. Third parties that handle user data do so as subprocessors of Ora, under enterprise terms that prohibit them from using your data for any purpose other than providing the service, including model training. We do not run ads or use student data for advertising of any kind.

Independent audit

Ora is preparing for a SOC 2 Type IIaudit, with target completion in 2026. We're happy to share scope and roadmap details with your security team on request.

2FERPA Alignment

When Ora serves an institution:

School Official Exception.We act as a "school official with a legitimate educational interest" under FERPA, using education records only to perform the institutional service you've engaged us for.
No re-disclosure. We do not redisclose personally identifiable information from education records to any third party without authorization, except as required by law.
Institutional control.Your institution retains ownership of, and control over, its students' education records inside Ora.
Data Processing Addendum. Ora will execute a FERPA-aligned DPA, including the standard school-official, no-redisclosure, deletion, and audit-cooperation terms.

3Choice of AI Provider

Ora's default AI backend is Google Cloud Vertex AI (Gemini). For institutions with specific requirements, the inference backend is configurable under an institutional contract:

Microsoft Azure OpenAI Service. Runs OpenAI models (GPT-4, GPT-5) inside Microsoft Azure (the same enterprise platform that powers Microsoft Copilot). For institutions standardized on Microsoft 365 / Entra.
- No use of customer prompts, completions, or fine-tuning data to train Microsoft or OpenAI models.
- Zero Data Retention.Microsoft does not log, cache, or store prompt or response content (Modified Abuse Monitoring enabled on Ora's Azure subscription).
- HIPAA BAA included by default under the Microsoft Online Services Data Protection Addendum.
- FedRAMP High authorized.
Tinfoil (confidential computing). Hardware-attested secure enclaves. See §4, Option A.

All supported backends operate under enterprise no-training, no-retention terms.

4Maximum Privacy (Institutional Add-Ons)

For institutions with elevated privacy requirements, Ora offers two add-ons that can be enabled independently or together, per-tenant or per-.edu domain.

Option A

Confidential Computing via Tinfoil

Cryptographic, hardware-level guarantees that no human (including Ora, including the model provider) can see student data while AI is processing it.

AI inference for your tenant is routed through Tinfoil, a confidential-computing platform that runs models inside hardware-attested secure enclaves (NVIDIA Confidential Computing GPUs + TEEs).

Hardware-enforced privacy. Data is decrypted only inside a secure enclave that even the host operator cannot inspect.
Verifiable, not just promised.Tinfoil's infrastructure is open-source and SOC 2 compliant, and the zero-retention guarantee can be cryptographically attested.

Tradeoff to know. Tinfoil runs the leading open-source models(Llama 3.3, Gemma 3, GPT-OSS) inside its enclaves rather than Gemini. Every Ora feature still works the same way. Frontier closed models keep a small lead on the very hardest reasoning tasks, but on medical curriculum and clinical content that gap is rarely noticeable in practice.

Option B

Disable AI Document Upload (per `.edu`)

The simplest, strongest guarantee: uploaded documents never touch an AI model.

When enabled for your institution's domain, Ora will:

Disable AI-assisted features that ingest user-supplied files (PDFs, slides, notes, etc.) for any user on your .edu domain.
Leave the rest of Ora's curriculum content, practice questions, and study tools fully functional. None of those involve student-uploaded material being sent to AI.

Tradeoff to know. The only feature students lose is the upload-your-own-PDF shortcut. Every other Ora feature still works, and students keep AI help on the full curriculum and study library. A minor efficiency cost for Ora's most restrictive privacy configuration.

5Comparison at a Glance

Capability	Default (User)	Institutional
No training on user data	Yes	Yes
TLS 1.2+ / AES-256 encryption	Yes	Yes
FERPA-aligned DPA	No	Yes
Underlying AI model	Gemini	Gemini, Azure OpenAI, or Tinfoil (configurable)
Hardware-enforced inference privacy (Option A)	No	Available
AI never sees student uploads (Option B)	No	Available

"Available" rows are the Maximum Privacy add-ons (see §4). Either or both can be enabled per institution.

6Contact

For DPA execution, security review, or to enable any of the institutional options described above:

Email: support@oraai.com

We're happy to complete a HECVAT, SIG-Lite, or your institution's own security questionnaire on request.