Enterprise Grade
Clinical Security
Our platform operates exclusively in heavily regulated healthcare environments. We combine robust encryption, continuous monitoring, and strict data governance to ensure complete patient privacy.
HIPAA & PHI Governance
We strictly adhere to the Health Insurance Portability and Accountability Act. We sign comprehensive Business Associate Agreements (BAAs) with all covered entities before data exchange begins.
Zero-Knowledge Encryption
All Protected Health Information (PHI) is encrypted at rest using AES-256 and in transit using TLS 1.3 protocol. Encryption keys are managed through AWS KMS.
Immutable Audit Trails
Every action taken within the platform, from patient generation to form completion and export, is logged in a secure, tamper-proof repository to support internal and external audits.
Data Residency & Tenancy
We operate exclusively within hardened US-Based AWS data centers. Enterprise clients have access to isolated database tenancy, meaning your patient data is physically and cryptographically decoupled from other clinic networks.
Incident Response
24/7/365 active threat monitoring. Our dedicated InfoSec team operates with a strictly documented 1-hour critical breach disclosure sequence.
Security FAQs
Are you fully HIPAA compliant?
Yes. Our Wellness Life is fully HIPAA compliant. We sign comprehensive Business Associate Agreements (BAAs) with all covered entities, encrypt all PHI at rest and in transit, and enforce strict access controls to ensure patient data is never compromised.
Can we configure SSO / SAML for our staff?
Absolutely. We support massive enterprise deployments enforcing strict identity governance. We integrate directly with Okta, Azure AD, Microsoft Entra, and Google Workspace via SAML 2.0 and OIDC protocols.
What is your data retention policy?
We retain screening data only as long as an active BAA is in place. Upon contract termination, all PHI is cryptographically wiped from our primary and disaster recovery servers within 30 days, generating a certificate of destruction.
Need to pass a security review?
Our Information Security team is ready to complete your vendor due diligence questionnaires and provide our architectural diagrams under NDA.