Chino.io lets you safely store and encrypt all your health data, such as structured medical records, scans or patient-doctor chats. It works like a standard storage service, while ensuring highest compliance standards, eliminating risks, and letting you focus on your application.
Data encryption: ensure compliance with EU and US regulations and medical standards (e.g. GDPR, HIPAA, DVG, NHS Security Toolkit, HDS, etc). It takes one API call to store your data with secure record level encryption.
Pseudonymisation and de-identification: encrypt parts of your health records or personal identifiers. De-identification relieves you from privacy implications. Our data architect can give you an assessment and help design your setup.
Plug and play sign-up, authentication and session management with our OAuth2.0 as a Service. The service also implements flexible record-level access control for compliant data sharing among users and applications. This gives you all the granularity you need to implement compliant data storage.
Identity Management: implement user signup, session management, audit logs, monitoring and data access authorisation.
Granular access control: define flexible access control policies for users or groups on single documents or collections. No programming is needed.
Secure and compliant data sharing: securely share data among applications and users, while ensuring compliance with EU and US laws.
Implement immutable, verifiable and legally-valid logging for your project. The Chino.io audit log service is designed to meet all compliance and medical standards. You can create custom events, in addition to the Platform modules which automatically create compliant logs. Logs can be queried via API to define alerts.
Ensure accountability: Audit Log module meets all the requirements of GDPR and HIPAA. They are also sanitised to ensure they don’t leak sensitive data.
Query, monitor or export logs: You can search for specific logs, trace back events by type, create alerts, view all events over a time window or generate an audit-ready export.
Comply with medical standards: audit logs meet the requirements of GDPR Art. 25 & 32, HIPAA 164.312(b) and FDA 21 CFR ch.11, DICOM, etc.
The Chino.io consent management module allows you to collect, store, query and update consents of your users. Consent is often the legal basis for storing personal data and is a key part of GDPR. Our system makes it easy for your users to view the consents they gave, and modify or withdraw them at any time.
Compliant storage and history: ensure legal validity of consents. Keep details of every user consent you collect in your product to know exactly what each user accepted at any moment.
Keep consents synchronised: query or update user preferences instantly. Updates keep legally valid history for auditing purposes and demonstrate data subject right implementation (e.g. Right to be Forgotten).
We offer cloud or custom installations
You always retain full control over your data as with any other managed DB
Cloud, ready to go
GDPR and HIPAA compliance instantly! With the Chino.io multi-tenant cloud instance you don't need to setup or configure anything. Chino.io is a scalable, reliable, secure platform that offers instant compliance with all data protection laws.
Custom install to suit your needs
If you have specific technical, regulatory or business requirements, we can provide a custom installation of Chino.io on your own server or cloud instance. Deployment takes just a few hours via our automated Docker-based installations.