Skip to content
SECURITY

Built like the audit is tomorrow.

HIPAA posture isn't a checkbox page here — it's the architecture. Every claim below is verifiable in the platform.

Platform safeguards

  • HIPAA compliant — AWS Business Associate Agreement in place
  • Encrypted at rest and in transit
  • Postgres row-level security enforces tenant isolation
  • Separation-of-duties enforcement on financial actions
  • Tamper-evident audit trail on every record change

Minimum necessary, by default

Client-facing surfaces show authorized hours — never consumption. Caregiver and client identities render as first name + locality unless a role explicitly needs more.

42 CFR 441.301(c)(3)Minn. Stat. § 256B.85Minn. Stat. § 245D
A signed BAA comes standard.
Every tier, every tenant. AWS BAA in place upstream. Questions → compliance@systemax.app