Skip to main content
  • PHI never leaves the tenant boundary
  • PHI is not stored in managed cache (volatile, not compliant)
  • PHI is not logged in application logs (Winston has a PHI redaction filter)
  • PHI fields are encrypted at the column level
  • Phone and email are hashed for search; the cleartext is never queryable
  • Backups are encrypted with the same KEK as live data