Enterprise security. Audit-ready.
Every layer designed for the healthcare trust model. SOC 2 Type II, HIPAA, HITRUST — covered.
Security controls
AES-256 Encryption
All PHI encrypted at rest with AES-256-GCM. TLS 1.3 enforced in transit. Hardware security modules for key storage. Automatic key rotation every 90 days.
BAA Included on Signup
Business Associate Agreement executed automatically on account creation. No separate legal negotiation. Covers all 18 HIPAA identifiers. Countersigned PDF delivered instantly.
Immutable Audit Logs
Cryptographically signed audit trail. Every PHI access requires reason code. 7-year retention. Export to Splunk, Datadog, or any SIEM. Tamper detection alerts.
Breach Response
$10M cyber insurance. Dedicated breach response team. Notification within 24 hours of discovery. Automated containment procedures. Post-incident forensics.
Infrastructure Isolation
Dedicated VPC per tenant. PHI workloads isolated from control plane. No shared compute for PHI processing. AWS GovCloud available for regulated workloads.
Zero-Knowledge Architecture
HaaS employees cannot read PHI. Field-level encryption means decryption only happens on authorized access. Customer-managed encryption keys available on Enterprise.
By the numbers
Infrastructure you can stake your reputation on.
Ready to trust your PHI to us?
Request our full security report — shared under NDA within 1 business day.