Security & privacy
Security engineered for sensitive medical data.
Tenant isolation
Each clinic is isolated at the application and database layers via PostgreSQL row-level security.
Encrypted secrets
Sensitive integration credentials are encrypted at rest.
Signed links
Patient access uses signed, expiring, revocable links.
Audit logs
Clinical, financial and support actions are logged for accountability.
Backups
Daily backups with periodic restore testing.
HTTPS only
All traffic is encrypted over TLS.