Technology that ensures
GDPR and HIPAA compliance technology makes your applications GDPR and HIPAA compliant out of the box. app architecture schema

Health data security and storage

Health data is especially sensitive and so it must be stored securely. Typically, the minimum requirement is to use application-level encryption and pseudonymization. These are complex technologies to implement properly. However, the API makes implementation as simple as making an API call.

Health data receives specific legal protections under GDPR, HIPAA and other laws. By using you will ensure you are compliant with all the technical requirements of these laws.

Integrate with your existing DB

You won't need to rewrite your DB, or change your tech stack. The API can be added progressively, using one of our SDKs. We can give you expert advice on which services you need and how to integrate them in your existing application.


Implement pseudonymization

Pseudonymization or de-identification is a powerful technique for data protection. Indeed, both GDPR and HIPAA mandate its use. Implementing pseudonymization correctly is a technical challenge. However, with you can implement it in minutes.


User identity management

Proper user management is critical for any application. This is often referred to as authentication, authorisation and accounting (AAA). Collectively, these ensure that your application is secure and that only authorised users can access data. The API offers:

  • OAuth2.0 as a Service for authentication and session management
  • Granular access controls for documents and resources
  • Detailed logging and an immutable audit trail (essential legal requirements)

Authentication and access

Implement user management in no time with our API. OAuth2.0 provides a standard approach for user authentication and access control policies. also provides monitoring of active sessions, failed authentication and many other accountability requirements.


Consent management offers a simple API to store and update user consents according to GDPR and HIPAA requirements. In addition, our service provides dynamic plugins for all your apps. Contact us for more information or to arrange a demo of the API or


Audit trail

GDPR and HIPAA impose strict accountability requirements. Our service makes it trivial to log every access and operation on sensitive health data, as well as related aspects like consents and RTBF requests. acts as a trusted third-party providing a non-modifiable, legally valid and transparent audit log.


You choose the setup

We offer cloud or custom installations
You always retain full control over your data as with any other managed DB

Cloud, ready to go

GDPR and HIPAA compliance instantly! With the multi-tenant cloud instance you don't need to setup or configure anything. is a scalable, reliable, secure platform that offers instant compliance with all data protection laws.

Key features

No setup, compliant from day 1
Scalable volume-based pricing
GDPR and HIPAA compliance guaranteed

Custom install to suit your needs

If you have specific technical, regulatory or business requirements, we can provide a custom installation of on your own server or cloud instance. Deployment takes just a few hours via our automated Docker-based installations.

Key capabilities

Dedicated deployment on any cloud or hosting provider
Negotiable fixed pricing per-license or project
Personalized technical and compliance support

Case Studies

Want to learn more?