Security Architecture
Built for a world where data privacy is patient safety
Software for the movement needs to be built differently. We're reimagining what's possible when you start from scratch and put privacy first. We use end-to-end encryption and zero-knowledge architecture—patient health information is encrypted on your device before it reaches our servers. We don't have the keys. We can't decrypt the data. Privacy-first isn't a feature. It's our foundation.
Understanding our End-to-End Encryption
Encrypted before it reaches us, unreadable when it gets here
How We Lock Ourselves Out
256-bit AES-GCM
Industry-leading 256-bit AES-GCM encryption that makes patient information computationally infeasible to decrypt without proper keys using current technology.
Zero-Knowledge Architecture
Data encrypts on your device before it ever reaches our servers. We don't have access to the encryption keys, and we can't decrypt the data even if we wanted to.
Unique Keys Per Operation
Each encryption action uses a unique data key. This limits exposure by design. If one key were ever compromised, it would only affect a single piece of data—not your entire dataset.
Secure Key Management
Your encryption keys are never stored in plain text. We use industry-standard key wrapping techniques and store encrypted keys separately from encrypted data. Only authenticated and authorized clinic staff can access the keys needed to decrypt.
Security isn't an add-on — it's the baseline. Built to protect patient autonomy through uncompromising privacy.
Beyond Encryption
Understanding our Layered Security
From access control to audit trails - Protection beyond encryption is built into every access point.
Application Layer
Role-Based Access Control
Granular permissions ensure that team members only access what they need. Define roles and permissions that match your clinic's workflow.
No Long-Lived API Tokens
We never use long-lived API tokens that could be compromised. All authentication uses short-lived tokens that automatically expire.
Enforced Password Requirements
Strong password policies with minimum complexity requirements, password rotation, and protection against common vulnerabilities ensure account security.
Row-Level Security
Database queries are automatically scoped to your clinic's data only. Even at the database level, data isolation prevents cross-clinic access.
Multi-Factor Authentication Options
Optional TOTP and WebAuthn authentication (including hardware security keys like YubiKey) provide enhanced security for user accounts.
Automatic Session Termination
Sessions automatically expire after periods of inactivity, requiring re-authentication to prevent unauthorized access from unattended devices.
Account Lockout Protection
Automatic account lockout after failed login attempts prevents brute force attacks and unauthorized access attempts.
Comprehensive Audit Logs
Every action in the system is logged and auditable. Track who accessed what data and when, ensuring full accountability. We also have full auditing on our infrastructure
Infrastructure Layer
Encryption at Rest and in Transit
All data stored on our servers is encrypted at rest and in transit using industry-standard encryption protocols, providing multiple layers of protection.
Secure Data Keys
Data encryption keys are themselves encrypted with unique wrapping keys, following the principle of defense in depth.
Private Subnet
Our infrastructure runs in private subnets with no direct internet access. All connections are routed through secure gateways with strict firewall rules.
Roles Based Access Controls
Infrastructure access uses IAM roles with principle of least privilege. No static credentials, only temporary session tokens with specific permissions.
Regular Key Rotations
Encryption keys and credentials are automatically rotated on a regular schedule to minimize exposure window and maintain security hygiene.
YubiKey Requirement for Infrastructure Access
All infrastructure access requires hardware security keys (YubiKey). Multi-factor authentication with physical tokens prevents unauthorized access.
Automated Testing Suite
Comprehensive test suite runs on every deployment, catching security regressions and ensuring code quality before changes reach production.
Cross-Region Backup Replication
Automated encrypted backups are replicated across multiple geographic regions, ensuring data durability and disaster recovery capabilities.
24/7 System Monitoring
Continuous monitoring with automated alerting ensures we're immediately notified of any issues, maintaining system health and security around the clock.
DDoS Protection
DDoS protection shields our infrastructure from distributed denial-of-service attacks, ensuring service availability and reliability.
Regular Security Audits
We conduct regular security audits of our infrastructure and policies to identify and address potential vulnerabilities.
Infrastructure & Compliance
HIPAA Compliance
Our infrastructure and processes are designed to meet HIPAA requirements for protecting electronic protected health information (ePHI). We'll sign BAAs with all clinic partners and maintain the technical, physical, and administrative safeguards required by law.
Single Data Sub-Processor
We minimize your risk by using only a single, carefully vetted data sub-processor for hosting infrastructure. Fewer third parties means fewer potential attack vectors.
Automated Testing
Our entire API is covered by automated security and functionality tests that run with every code change. This ensures that security controls remain intact as we add new features.
Continuous Data Protection
Your data is automatically backed up daily, with every change tracked in real-time. If something goes wrong, we can restore your data to almost any moment in time—like rewinding to just before a mistake happened. All backups are encrypted and stored in multiple locations for safety.
High Availability Architecture
Our infrastructure is designed for 99.9% uptime. We use redundant systems, load balancing, and automatic failover to ensure your clinic can always access the tools you need.
Our Security Principles
🛡️ Defense in Depth
We implement multiple layers of security controls, so if one layer fails, others are still protecting your data.
🔒 Principle of Least Privilege
Users and systems only get access to what they absolutely need. This minimizes the impact of any potential security breach.
🔍 Transparency
We're open about our security practices and happy to discuss our architecture with technical decision-makers at your clinic.
⚡ Security by Design
Security isn't an afterthought. It's built into every feature from the ground up, not bolted on later.
🎯 Continuous Improvement
Security is never “done.” We continuously monitor threats, update our defenses, and improve our systems.
👥 Human-Centered Security
Security controls that are too complex don't get used. We design security that works for real humans in real clinical settings.