Security &
Compliance
Your patients trust you with their data. We take that responsibility seriously. HIPAA compliance, encryption, and audit trails — built in, not bolted on.
End-to-End Encryption
All data encrypted in transit (TLS 1.3) and at rest (AES-256). Your patient data is always protected.
HIPAA Compliance
Full HIPAA compliance built into every feature. We handle the technical safeguards so you can focus on care.
BAA Included
Business Associate Agreement included with every plan at no extra cost. Required for HIPAA compliance.
Audit Logs
Complete audit trail of every action — logins, record access, modifications, exports. Tamper-proof logging.
Role-Based Access Control
Granular permissions let you control exactly who can see and do what. Front desk vs. provider vs. admin roles.
Two-Factor Authentication
Protect accounts with 2FA. Required for admin accounts, optional for all users.
Automated Backups
Daily encrypted backups with 30-day retention. Point-in-time recovery available.
SOC 2 Type II
Enterprise-grade security controls audited annually. Trust and verify.
GDPR Compliant
Data processing compliant with GDPR. Data residency options available for international practices.
Incident Response
24/7 security monitoring with defined incident response procedures and breach notification protocols.
Secure Infrastructure
Hosted on enterprise cloud infrastructure with DDoS protection, WAF, and network isolation.
Data Portability
Export all your data at any time. CSV, JSON, and PDF exports for all records.
Questions About Security?
Our security team is happy to discuss compliance requirements and provide our security documentation.