PIPEDA Compliant
All patient data stored exclusively on Canadian servers. Full compliance with federal and provincial privacy legislation.
Enterprise-Grade Security
Security you can show your inspector.
Every technical safeguard, compliance certification, and data protection measure — documented in one place.
Canadian Data Residency
Your patients' data never leaves Canada.
Toronto & Montréal
Canadian data centres. Full sovereignty.
Canadian Data Residency
PHI stored in Canadian data centres only.
PIPEDA Built In
Compliance is non-negotiable.
Compliance Certifications
Multi-Factor Authentication
TOTP-based two-factor authentication for all accounts. Required for admin and supervisor roles, protecting access to sensitive PHI.
AES-256 Encryption
Every piece of protected health information is encrypted at rest and in transit. Zero plaintext PHI anywhere.
Immutable Audit Logs
Tamper-proof audit trails for every action, streamed to append-only S3 storage every 5 minutes. PHI access is logged separately. Export-ready for provincial inspections.
Fail-Closed Architecture
If backend systems become unavailable, revoked tokens are automatically rejected and sensitive operations halt — never silently degrade.
Deep Health Monitoring
Real-time database and cache health checks. Graceful shutdown with in-flight request draining. Multi-instance leader election prevents duplicate processing.
Separate Signing Keys
Access tokens, refresh tokens, and MFA challenge tokens are each signed with a distinct HS256 key. A compromise of one key cannot be used to forge the others — defence in depth for every login.
Instant Session Invalidation
Changing a user's email, role, privilege, or disabling MFA immediately terminates every existing session for that account. Revoked staff can't keep a stale tab open.
Log & Error Redaction
Every log record and Sentry event is filtered before it leaves the app. Bearer tokens, cookies, passwords, SSN, date of birth, and health card numbers are replaced with [REDACTED] — PHI never reaches disk or third-party monitoring.
Multiple layers. No single point of failure.
Defense-in-depth security architecture protecting every layer of your data.
Infrastructure
Canadian cloud infrastructure with shared Redis connection pool, background task queue, multi-instance leader election, deep health checks, and graceful shutdown.
Authentication
JWT with short-lived access tokens (30 min) and rotating refresh tokens (7 days). Access, refresh, and MFA challenge tokens each sign with their own HS256 key. bcrypt password hashing, constant-time comparison (no account-existence oracle), account lockout after 5 failed attempts, and strict CORS (shared-namespace preview domains blocked by default).
Authorization
Role-based access control with a centralized privilege helper — every admin-gated
endpoint funnels through one policy function, so a new management role is a one-line
update, not a cross-repo hunt. Multi-tenancy isolation: organization data is
architecturally separated. token_version invalidates every session when an
account's trust surface changes.
Data Protection
AES-256 field-level encryption at rest, TLS 1.3 in transit, PHI never appears in application logs. Uploaded images are validated by magic bytes and re-verified to reject polyglot / malformed files.
Audit & Monitoring
Immutable audit trail for every sensitive operation, streamed to append-only S3 storage (7-year retention under Object Lock). PHI read access logged separately. All log records and Sentry events are scrubbed for Bearer tokens, authorization headers, passwords, and PHI fields before they leave the app. Automated alerts for failed logins, account lockouts, and anomalous access patterns.
Incident Response
If something goes wrong, we're ready.
Detection
Automated monitoring detects anomalous access patterns in real time. Security team is alerted within minutes.
Containment
Affected systems are isolated immediately. Incident response team activates the documented IR plan.
Notification
Affected organizations notified within 72 hours as required by PIPEDA. Regulatory authorities notified where required.
Documentation Available
For organizations requiring detailed security documentation for vendor assessment, compliance reviews, or board approval.
Security Architecture Whitepaper
PIPEDA Compliance Statement
Data Processing Agreement
Audit Log Export Guide
Subprocessor List
Incident Response Plan
Have specific security requirements?
Talk to us. We work with compliance officers and IT teams every day.
Book a Security Review Call →