Skip to main content

iReports Data Security and AI Usage Overview

Updated

This article addresses common client questions regarding how data is handled within iReports, including what information is extracted from iManage and how the AI functionality operates. The approach is designed with strict data minimization and security principles to ensure client data remains protected at all times.

 

1. Data Extraction and Storage

What data is extracted

iReports connects to iManage (Cloud or on-premise) to extract metadata only. This process is strictly limited and does not involve accessing or downloading any document content.

The metadata extracted includes:

  • Workspace and folder metadata
  • Document metadata (excluding document content)
  • User and group information
  • Types, classes, and custom fields (e.g., Custom1–Custom30)
  • Security metadata for workspaces, folders, and documents

This information is used solely to enable reporting, analytics, and data insights within iReports.

 

What data is NOT collected

iReports does not collect or access:

  • Document content or file bodies
  • Email content or attachments
  • Any data stored within documents
  • Client files or sensitive document-level information beyond metadata

At no point does iReports open, read, or download documents from iManage.

 

Where the data is stored

Once extracted, metadata is stored in a staging database located within the client’s environment (typically on-premise or client-controlled infrastructure).

  • The location, access control, and security policies of this database are fully determined by the client
  • iReports does not impose external storage requirements
  • All metadata remains within the client’s controlled environment

 

2. AI Data Usage

iReports includes optional AI-assisted functionality designed to simplify query creation. This feature is built with strict safeguards to ensure that client data is never exposed.


How the AI works

Schema-Only Understanding

The AI is trained only on the structure (schema) of iReports data tables.

  • It understands table names, relationships, and field structures
  • It does not have access to any actual client metadata


Query Generation Process

When a user enters a request such as:

“Find all matters for Client ABC”

The following occurs:

  1. Only the text of the user’s prompt is sent to the AI
  2. The AI generates a corresponding SQL query based on schema knowledge
  3. The query is returned to the user
  4. The query executes locally within the client’s database

 

What data is sent to the AI

  • Only the user’s input prompt (text)

 

What data is NOT sent to the AI

The following data is never transmitted to the AI:

  • Metadata from iManage
  • Any data stored in the iReports database
  • Document content (never collected by iReports)
  • Emails or attachments (never collected by iReports)
  • Security or user metadata

 

Key Data Protection Principles

  • No metadata leaves the client environment
  • No document content is accessed or processed
  • AI operates only on user-provided prompts
  • All query execution occurs within the client’s database

 

Summary

iReports is designed with a metadata-only architecture and client-controlled data storage model. The system ensures:

  • Strict separation between metadata and document content
  • Full client control over data storage and security
  • No exposure of client data to AI systems
  • Minimal data usage aligned with reporting requirements

This approach allows clients to leverage powerful reporting and AI-assisted query generation while maintaining full confidence in the security and protection of their data.

Comments

0 comments

Please sign in to leave a comment.

Powered by Zendesk