Skip to content

Security & privacy

Security engineered for sensitive medical data.

Tenant isolation

Each clinic is isolated at the application and database layers via PostgreSQL row-level security.

Encrypted secrets

Sensitive integration credentials are encrypted at rest.

Signed links

Patient access uses signed, expiring, revocable links.

Audit logs

Clinical, financial and support actions are logged for accountability.

Backups

Daily backups with periodic restore testing.

HTTPS only

All traffic is encrypted over TLS.