Data Protection laws impose strict requirements

Check which are the compliance requirements defined by EU/GDPR and US/HIPAA


Requirements related to your hosting environment and infrastructure.


What you need to design, implement, and document to ensure compliance.


Documentation, policies, privacy risk assessments and legal tasks.

Check how solves compliance tasks for you

Physical Technical Admin
Step 1: start building your App
Physical Technical Admin
Step 2: sign-up to
Physical Technical Admin
Step 3: send a document via API
Physical Technical Admin
Step 4: performs authentication & authorization
Physical Technical Admin
Step 5: encrypts and indexes the data for search
Physical Technical Admin
Step 6: stores securely your data, keys, and indexes
Physical Technical Admin
Step 7: returns the result (in milliseconds)
Physical Technical Admin
Step 7: get the compliance documentation and checklists

Administrative requirements: filling the gap.


In addition to the documentation you still need to define your privacy policy and terms and conditions for your service.

The team can assist you also in finding the right consultant and help within its network of lawyers and partners in all EU Member States and in the US.

contact us.
Image provides much more guarantees than typical clouds

In terms of legal responsibility, gives you much more than a classical Cloud provider since it covers also technical requirements, such as your health sensitive data storage and protection.

Keep in mind also that with you can achieve application (or record) level encryption, where an attacker can't access to your health data if he violates your Applications.


The service that decode security & compliance for you


Each API call uses HTTPS/TLS to protect data transfers, while all documents at rest are encrypted using AES-256. Each user has different encryption keys, stored on different locations.

Access Control

Flexible and granular access control policies can be setup via the API to define access rights for single users or groups of users to single documents or collections of documents.


Daily incremental backups of all data. Backups are encrypted using AES-256 algorithms and transferred to a different physical location.

Audit log

Control who accesses your data, when it was accessed, and from where. Logs are legally valid and non-modifiable.

API security

We provide one-per-customer physical server (or more) at your service. We provide only the state of the art in terms of security and power.

Intrusion detection

Constant (24/07) security monitoring of API behavior, attacks, and any anomaly in the system. Technology partially developed also in the C3ISP EU innovation project.

Certified even for medical grade software

Certified ISO 13485

The ISO 13485 is the de facto mechanism to demonstrate compliance to regulations such as the new EU Medical Device Regulation (MDR), that came into force in May 2017. certification saves your time and money providing you all necessary guarantees that are required for building your medical grade applications. If your suppliers are not ISO 13485 certified, then you must put in place necessary procedures, tests, monitoring activities, and documentation to demonstrate their compliance, before going to the market. Download the certificate here.

Certified ISO 9001

The ISO 9001 certification means that established, maintains and improves constantly the organizational structure, responsibilities, procedures, processes, and resources to consistently satisfy ISO 9001 quality requirements. ISO 9001 is a necessary certificate for all service providers in the medical context where end products (medical devices or software) must be ISO 13485 certified. Download the certificate here.

Certified ISO 27001

ISO 27001 is a security management standard that specifies security management best practices and comprehensive security controls following the ISO 27002 best practice guidance. implements all controls and constantly improves its Security Management System, exceeding the requirements and keeping its services always at state of the art level in terms of security best practices. Download the certificate here.


Learn all you need to know about software, security and compliance. Become a security expert

Download eBook

Do our COMPLIANCE TEST and get "Compliance in the EU" guide for free. Discover what you need to implement to be compliant

Start your test now

Ready to start?