The Harvey Word Add-In allows users to modify Word documents by editing existing text or adding new content. Suggestions can be generated through user prompts or by analyzing uploaded precedents to identify relevant clauses.
The add-in follows the same stringent security and data privacy standards as the Harvey web application, including ISO 27001 certification and SOC 2 Type II compliance. For full details, visit our Trust Center at https://trust.harvey.ai.
FAQ
Q: What is the difference between the Word Add-In and a Plug-In?
A Word Add-In like Harvey’s is a web-based extension built with HTML, CSS, and JavaScript. It leverages Harvey’s secure platform infrastructure for processing, enabling robust security protocols and compatibility across platforms.
A Word Plug-In, by contrast, is developed with COM technology (e.g., C# or VB.NET), it is installed locally, offering deeper integration options. However, Plug-Ins are limited to desktop use, more complex to deploy, and carry higher security risks due to their reliance on local system resources.
Q: What documents or system files does the Word Add-In have access to?
Harvey's Word Add-In only accesses the content in the document the user currently has open. It cannot access other documents on the user's device, or other files owned by their company or colleagues within Microsoft 365.
When making revisions: The add-in processes only the text explicitly highlighted by the user and any content uploaded as precedent.
When drafting new content: Harvey looks at 50 characters before and after the cursor, to provide context for formatting and language, though we're limited to examining the current paragraph only. This may change in the future.
When using Playbooks functionality: The entire active document is processed so Harvey can apply your custom Playbook ruleset across each section.
Access to the document ends when the document is closed or the add-in is exited. Users must activate the Word Add-In separately for each document they wish to use Harvey with.
Q: How does the Harvey Word Add-In process data?
The Add-In utilizes the same infrastructure as Harvey’s web application. Download the latest Architecture Diagram from our Trust Center at https://trust.harvey.ai.
Q: Is data accessed by the Word Add-In encrypted?
The Add-In applies the same encryption standards as the Harvey web application.
Data in Transit: Secured using HTTPS and TLS 1.2 or higher to ensure protection during transmission.
Data at Rest: Encrypted with AES-256 or higher, providing strong security for stored data.
Q: How are users authenticated when opening the Word Add-In?
The Harvey Word Add-In uses the same authentication method configured for your Harvey workspace. Users log in with their Harvey credentials, including single sign-on (SSO) via SAML if enabled for your workspace.
To access the Add-In, users must also have specific permissions granted by Harvey, even after downloading it. Harvey administrators should work with their account team to designate which team members should have access. In 2025, Harvey will allow administrators to manage Add-In permissions directly through the Harvey web application, eliminating the need for external coordination.
Q: Administrator Visibility and Audit Logging
All activity within the Harvey Word Add-In is visible to your organization’s Harvey administrators through the Workspace History and Usage dashboards.
Additionally, this activity is streamed to the History and Audit Log API endpoints, enabling programmatic tracking and integration with your internal systems. You can access detailed API documentation here: https://developers.harvey.ai.
If you don’t currently have an API key and would like one for monitoring purposes, please reach out to your Harvey account team.
Q: Do Harvey’s existing compliance certifications apply to the Add-In?
Yes, Harvey’s ISO 27001 and SOC 2 Type II compliance certifications extend to the Word Add-In. The same infrastructure independently audited to achieve these certifications is used for processing data within the Add-In. You can access these certifications and other compliance documentation at any time in our Trust Center: trust.harvey.ai.
In addition, Microsoft applies rigorous validation processes to all Office Add-Ins, ensuring adherence to strict security and quality standards. For more details, you can review Microsoft’s Certification Policies & Publishing Requirements.
Deployment Options
Please consult your Harvey account team to determine the best deployment method for your organization. Additional instructions can be found here.
We support the following options:
Microsoft 365 Admin Center (Preferred): Centrally deploy the Word Add-In to specific users, groups, or the entire organization.
Approved Add-In Catalogs: Curate a private catalog for employees to browse and install approved add-ins.
Software Distribution Systems (e.g., SCCM, Intune): Automate deployment using tools like SCCM or Intune. Harvey can provide deployment packages or scripts to assist.
Self-Installation: Users can download the Word Add-In directly from the Microsoft App Store.
Sideloading: Distribute the manifest file for manual installation in Word.
Local Deployment: Install the Word Add-In locally via MSI package or manifest file.
For further assistance, please contact [email protected]