Digital health compliance, made simple e

The Platform that makes health projects compliant instantly

The platform provides of a set of modules to make your digital health project GDPR or HIPAA compliant. It allows you to solve the most complex and risky compliance tasks, enabling you to deliver your project globally.

Let's talk

Health data security lets you safely store and encrypt all your health data, such as structured medical records, scans or patient-doctor chats. It works like a standard storage service, while ensuring highest compliance standards, eliminating risks, and letting you focus on your application.

Data encryption: ensure compliance with EU and US regulations and medical standards (e.g. GDPR, HIPAA, DVG, NHS Security Toolkit, HDS, etc). It takes one API call to store your data with secure record level encryption.

Pseudonymisation and de-identification: encrypt parts of your health records or personal identifiers. De-identification relieves you from privacy implications. Our data architect can give you an assessment and help design your setup.

Secure user management and data sharing

Plug and play sign-up, authentication and session management with our OAuth2.0 as a Service. The service also implements flexible record-level access control for compliant data sharing among users and applications. This gives you all the granularity you need to implement compliant data storage.

Identity Management: implement user signup, session management, audit logs, monitoring and data access authorisation.

Granular access control: define flexible access control policies for users or groups on single documents or collections. No programming is needed.

Secure and compliant data sharing: securely share data among applications and users, while ensuring compliance with EU and US laws.

Verifiable Audit Logs and monitoring

Implement immutable, verifiable and legally-valid logging for your project. The audit log service is designed to meet all compliance and medical standards. You can create custom events, in addition to the Platform modules which automatically create compliant logs. Logs can be queried via API to define alerts.

Ensure accountability: Audit Log module meets all the requirements of GDPR and HIPAA. They are also sanitised to ensure they don’t leak sensitive data.

Query, monitor or export logs: You can search for specific logs, trace back events by type, create alerts, view all events over a time window or generate an audit-ready export.

Comply with medical standards: audit logs meet the requirements of GDPR Art. 25 & 32, HIPAA 164.312(b) and FDA 21 CFR ch.11, DICOM, etc.

User Consent management

The consent management module allows you to collect, store, query and update consents of your users. Consent is often the legal basis for storing personal data and is a key part of GDPR. Our system makes it easy for your users to view the consents they gave, and modify or withdraw them at any time.

Compliant storage and history: ensure legal validity of consents. Keep details of every user consent you collect in your product to know exactly what each user accepted at any moment.

Keep consents synchronised: query or update user preferences instantly. Updates keep legally valid history for auditing purposes and demonstrate data subject right implementation (e.g. Right to be Forgotten).

Wählen Sie Ihr Setup

Wir bieten Cloud- oder On-Premise-Installationen an
Sie behalten immer die volle Kontrolle über Ihre Daten, wie bei jeder anderen verwalteten DB

Cloud, ready to go

DSGVO- und HIPAA-Compliance auf Anhieb! Mit der mandantenfähigen Cloud-Instanz von brauchen Sie nichts einzurichten oder zu konfigurieren. ist eine skalierbare, zuverlässige und sichere Plattform, die umgehend Compliance mit allen Datenschutzgesetzen bietet.


Keine Setup, Compliance ab Tag 1
Skalierbare volumenbasierte Preisgestaltung
DSGVO- und HIPAA-Compliance garantiert

Individualisierte On-Premise-Installation

Wenn Sie spezielle technische, regulatorische oder geschäftliche Anforderungen haben, können wir Ihnen eine benutzerdefinierte Installation von auf Ihrem eigenen Server oder Ihrer Cloud-Instanz anbieten. Die Implementierung dauert nur wenige Stunden über unsere automatisierten Docker-basierten Installationen.


Dedizierter Einsatz in jeder Cloud oder bei jedem Hosting-Provider
Verhandelbarer Festpreis pro Lizenz oder Projekt
Personalisierte technische und Compliance-Unterstützung

Want to learn more?