Encrypted vault for every identifier
All 18 HIPAA identifiers stored, encrypted, tokenized. Access requires authentication, reason codes, and fires an immutable audit event.
Enterprise-grade vault
Built for the security requirements of the most regulated industry on earth.
AES-256-GCM + Envelope Encryption
Every form submission stored as an AES-256-GCM encrypted JSONB blob. Each form has its own AWS KMS data key — a compromised key for one form cannot decrypt any other form's records.
Tokenized Access
Your app receives a record_id token — never raw PHI. Access requires a secret key (sk_live_...), authentication, and a reason code. Every read fires an immutable audit log event.
Petabyte Scale
Purpose-built for healthcare data volumes. Automatically shards as your patient base grows. No storage limits on Enterprise.
Retention & Right to Erasure
Audit logs retained indefinitely (HIPAA requires 6 years minimum). Soft-delete support for patient right-to-erasure (HIPAA §164.524) — records flagged deletedAt, excluded from queries while preserving the audit trail.
Multi-Region Replication
All data in AWS us-east-1 (Multi-AZ RDS) by default. Self-hosted deployment supports any AWS region. Data residency controls available for compliance requirements.
Zero-Knowledge
HaaS staff cannot read PHI. Field-level encryption guarantees. Customer-managed keys on Enterprise tier.
Simple retrieval API
One endpoint to retrieve PHI. Requires authentication, reason code, and requestor ID — all automatically logged.
Keep your PHI safe
Secure vault live in minutes. No infrastructure to manage.