Skip to main content

Security & compliance

12 layers between an attacker and your patient's record

Defence-in-depth means every single layer has to fail before harm happens. Here's what we run.

The 12 layers

1

Network

TLS 1.3 · TURN over TLS · IP allowlist for admin · WAF.

Prevents: Eavesdropping · MITM · admin endpoint discovery

2

Authentication

OAuth + email-password · 2FA mandatory clinical and admin · biometric optional · session rotation.

Prevents: Credential theft · session hijacking

3

Database authorisation

Row-level security per tenant_id and role.

Prevents: Cross-tenant data leak via SQL injection or app bug

4

API authorisation

Policy layer on every endpoint · scope checks.

Prevents: Privilege escalation via API misuse

5

UI authorisation

Role-gated rendering · feature-flag visibility.

Prevents: Accidental exposure of features outside permission scope

6

Encryption at rest

Encrypted volumes · separate keys for biometric and KYC vaults · KMS-managed.

Prevents: Disk theft · backup leak

7

File scanning

ClamAV on every upload · quarantine on suspicion.

Prevents: Malware delivery via documents

8

Integrity chain

SHA-256 envelope hashes all PHI events · tamper-evident.

Prevents: Silent data tampering

9

Watermarking

Dynamic per-viewer watermark on every PHI render · screenshot attribution.

Prevents: Untraceable leaked screenshots

10

Audit log

9 append-only tables · immutable at the DB role level.

Prevents: Internal misuse going undetected

11

Anomaly detection

ML on access patterns · flags unusual contact-view bursts · off-hour PHI access.

Prevents: Insider threats · compromised accounts

12

Break-glass

Super admin PHI access requires reason + two-person approval + separate audit log · time-bounded.

Prevents: Super admin abuse

Regulatory compliance

ABDM / ABHA

Ayushman Bharat health-stack integrated. FHIR exchange.

IMC telemedicine

Indian Medical Council guidelines enforced — license verification, scheduled-drug gating, cross-border patient rules.

HIPAA-aligned

Audit log, role-based access, encryption at rest + in transit. BAAs available.

DPDP (India)

Consent capture, deletion requests, data-fiduciary obligations.

GDPR (EU)

Export / delete / restrict workflows for European patients.

NABH / JCI

Hospital accreditation tracker for compliance teams.

Have a security question?

Email [email protected] — we run a coordinated-disclosure program and respond within 48 hours.