PHI Vault

Encrypted vault for every identifier

All 18 HIPAA identifiers stored, encrypted, tokenized. Access requires authentication, reason codes, and fires an immutable audit event.

Get Started →API Docs

AES-256

Encryption standard

TLS 1.3

In-transit security

HSM

Key storage

90 days

Key rotation cycle

Enterprise-grade vault

Built for the security requirements of the most regulated industry on earth.

AES-256 at Rest

All PHI encrypted with AES-256-GCM at rest. Hardware security modules store encryption keys. Zero plaintext in storage.

Tokenized Access

PHI never returned as a direct reference. Every read returns a scoped token. Token revocation propagates in under 100ms.

Petabyte Scale

Purpose-built for healthcare data volumes. Automatically shards as your patient base grows. No storage limits on Enterprise.

Retention Policies

Automated data lifecycle management. Configure retention per data type. Secure deletion certified under NIST 800-88.

Multi-Region

3-region replication for 99.99% availability. Data sovereignty controls for GDPR. Choose your data residency region.

Zero-Knowledge

HaaS staff cannot read PHI. Field-level encryption guarantees. Customer-managed keys on Enterprise tier.

Simple retrieval API

One endpoint to retrieve PHI. Requires authentication, reason code, and requestor ID — all automatically logged.

Authentication required

Reason code mandatory

Access logged automatically

Scoped token revocation

Rate limiting per-key

GET /v1/vault/{token}

{
  "data": {
    "name": "Jane Smith",
    "dob": "1985-03-12",
    "ssn": "***-**-1234",
    "insurance_id": "BC123456"
  ,
  "access_log_id": "log_01HV...",
  "accessed_at": 1716220800
}

Keep your PHI safe

Secure vault live in minutes. No infrastructure to manage.

Get Started Security Overview