Case studies
Sanitized engagement summaries from our active practice. Names and identifying details have been removed at authoring time; nothing on this page is published without the client's written sign-off. If a study reads like your situation, the contact form is the right next step.
Privileged-data infrastructure rebuild
What mattered
A litigation hold three years prior had exposed the firm's storage to wider discovery than counsel was comfortable with; the partners wanted privileged + work-product material on infrastructure that produces a different per-client access scope by construction, not by policy.
What we shipped
Rearchitected the firm's matter storage so per-matter access scopes are enforced at the storage layer, not the application layer. Every cross-matter query is impossible to formulate from the application code; the type system refuses to compile a query that crosses scopes. Rebuilt the partner / associate role separation along the same line.
Outcome
The firm's malpractice carrier reduced the policy premium on the strength of the audit. A subsequent litigation hold scope was answered in one paragraph instead of a forensic engagement.
HIPAA-grade infrastructure scaled to 12 practitioners
What mattered
Existing EHR vendor's audit posture had degraded after acquisition; the practice owner wanted a fallback that satisfied both HIPAA and a pending state-level reporting requirement, on infrastructure they actually understood.
What we shipped
Built a parallel chart-storage layer with the audit posture the practice required, deployable alongside the legacy EHR. Federated mail filtering with rule-by-rule explainability; donor / patient / billing scopes architecturally separated.
Outcome
Practice passed a state-level audit on the first try. Time-to-audit-response dropped from weeks to a one-day engagement.
Source-confidentiality posture for an active investigation
What mattered
Journalists working a multi-month investigation needed source-handling infrastructure that survives both technical compromise and legal subpoena — a substrate where the relevant data either does not exist or carries no probative weight.
What we shipped
Built a tiered storage posture: communications inside the editorial scope are end-to-end encrypted by construction; metadata that escapes to logs is structurally minimal. Federated rule-based filtering replaced opaque categorization on the editorial mail flow.
Outcome
Investigation was published. No subpoenas have surfaced; a separate counsel review confirmed the substrate would not be probative if subpoenaed today.