Built for healthcare privacy from day one
Patient data is sensitive, and we treat it that way. Security and compliance are foundational to how we build — not afterthoughts.
HIPAA-compliant by design
Our products are built to meet HIPAA requirements for handling protected health information (PHI).
Encryption in transit & at rest
All data is encrypted using industry-standard protocols, both while moving across networks and while stored.
Audit logging
Every access and action against patient data is logged, giving you a complete and reviewable trail.
Access controls
Role-based access and least-privilege principles ensure people only see the data they need.
Your data never trains AI models
We do not use your patients' data to train foundation models. Your data stays yours.
Business Associate Agreements
We sign BAAs with covered entities and business associates as part of onboarding.
SOC 2 in progress
We are actively pursuing SOC 2 Type II certification as we scale. If your organization has specific security or compliance requirements, we're happy to walk through our practices in detail.
Questions about security?
Talk to our team about HIPAA, BAAs, data handling, or your specific requirements.