Security & Trust

Enterprise-grade security for healthcare.

Your patients trust you with their data. We take that responsibility seriously with best-in-class security, compliance, and data protection.

Compliance & Certifications

Full HIPAA compliance with BAA execution for all customers. Administrative, physical, and technical safeguards in place.

Business Associate Agreement included on all paid plans. Executed during onboarding at no additional cost.

Infrastructure

Built for healthcare from day one.

US-based data centers with multi-AZ redundancy. All data encrypted at rest (AES-256) and in transit (TLS 1.3).

Complete data separation between organizations. Each tenant operates in an isolated environment with dedicated encryption keys.

Full activity logging for compliance and forensics. Every data access, modification, and export is recorded with timestamps.

Granular permissions and SSO support. Control who can access what across your organization with fine-grained role definitions.

Data Protection

AES-256 at rest, TLS 1.3 in transit

All data is encrypted using industry-standard algorithms, both when stored and when transmitted between systems.

Automatic scrubbing in logs and error reports

Protected health information is automatically redacted from application logs, error reports, and monitoring systems.

Automated daily with point-in-time recovery

Automated daily backups with point-in-time recovery capability. Backups are encrypted and stored in a separate AWS region.

Documented IR plan, 24-hour notification

Documented incident response plan with defined escalation paths. Affected customers notified within 24 hours of confirmed breach.

Roadmap

We are always expanding our compliance posture to meet the needs of the most demanding healthcare organizations.

HITRUSTIn Progress

FedRAMPPlanned

Our security team is available to discuss your compliance requirements, review our policies, and answer any questions about how we protect your data.

HIPAA Compliant · BAA Available