Security & compliance
Designed for hospital deployment from day one. Every architectural decision is BAA-compatible (no BAAs are currently executed); every clinical read/write is audited.
Data architecture
- Multi-tenant isolation: every clinical row carries an
org_id; row-level access enforced at the SQLAlchemy session layer; cross-tenant data flow impossible by query construction. - Encrypted at rest: Postgres on Neon (managed encryption); object storage on Cloudflare R2 with SSE-S3.
- Encrypted in transit: TLS everywhere, HSTS on the marketing surface, JWT-secured API.
- PII redaction layer: regex-based redaction (phone, email, SSN, MRN) runs before every LLM call. Synthetic data passes through unchanged; the redactor is exercised continuously so it works the day a BAA arrives.
- Per-org budget caps: LLM spend caps prevent runaway costs in the event of abuse or bug.
Audit logging
Every clinical read/write writes an audit_logs row with actor, action, target, timestamp, and structured payload. Available actions include:
handoff.create,handoff.read,handoff.list,handoff.analyzegap.review(with from/to status, edits, reviewer notes)audio.finalize,questions.regenerateeval_set.create,eval_set.seal,eval_run.start
Audit logs are exportable as CSV via /audit/export (org-owner only) for institutional review.
Access controls
Authentication via NextAuth (email magic link). Authorization via per-org membership roles:
- Owner: all org operations, member management, billing.
- Clinician: create + analyze handoffs, review gaps.
- Reviewer: read-only review of handoffs and gaps.
- Annotator: eval-set annotation (no clinical access).
JWT tokens are short-lived (15 minutes) and signed with HS256. The API verifies signature, audience, and issuer on every request.
Vendor BAA matrix
All vendors on the clinical path will sign Business Associate Agreements before any PHI flows. No BAAs are currently executed — the platform runs against synthetic and deidentified data only until the first hospital pilot signs vendor BAAs. The matrix below shows current execution status, not aspirational coverage.
| Vendor | Role | BAA |
|---|---|---|
| Anthropic | Claude (primary LLM) | Enterprise tier requiredBAA available on Enterprise tier |
| OpenAI | GPT-5 (cross-model eval), Whisper (transcription fallback) | Enterprise tier requiredBAA available on Enterprise tier |
| Deepgram | Audio transcription (Nova-3-Medical) | Enterprise tier requiredRequired Enterprise tier |
| Together AI | Llama 3.x (cross-model eval) | Verify per engagementVerify per-engagement; some plans BAA-able |
| Cloudflare R2 | Audio object storage | Enterprise tier requiredBAA available on Enterprise tier |
| Neon | PostgreSQL (managed) | BAA availableBAA available on paid tiers |
| Vercel | Web app hosting | Enterprise tier requiredBAA available on Enterprise tier |
| Fly.io | API hosting | BAA availableBAA available |
| Langfuse | LLM call tracing | Enterprise tier requiredBAA available on Enterprise tier |
| Resend | Email magic-link auth | Verify per engagementEmail is generally a covered channel; verify scope |
| Sentry | Error tracking | Enterprise tier requiredBAA available on Enterprise tier; configure scrubbing |
Data tier matrix
Hando's evaluation strategy uses four data tiers, ordered by access cost. Each tier de-risks the next.
| Tier | Purpose | PHI | IRB |
|---|---|---|---|
| Tier A — MIMIC-derived synthetic | First-cheap-signal real-clinical-language eval | No (deidentified before leaving credentialed environment) | Not required (uses PhysioNet DUA) |
| Tier B — Published deidentified corpora | Real handoff structure (I-PASS materials, journal case studies) | No | Not required (license-tracked use) |
| Tier C — IRB-approved local data | Gold-standard validation on real institutional handoffs | Yes (HIPAA Safe Harbor deidentified) | Required (retrospective protocol) |
| Tier D — Prospective design partner pilot | Clinical impact validation in real workflow | Yes (under signed BAA + DUA) | Required (prospective protocol) |
Regulatory positioning
Hando is designed as a Clinical Decision Support tool that surfaces gaps for clinician review and does not directly influence patient diagnosis or treatment. Under the 21st Century Cures Act and the FDA's CDS Software guidance, such tools may be exempt from device classification when:
- Not intended to acquire, process, or analyze a medical image or signal.
- Intended to display, analyze, or print medical information.
- Intended to provide recommendations to a healthcare provider.
- Intended to enable the provider to independently review the basis for the recommendations.
Hando is designed to satisfy all four criteria. This positioning will be confirmed with regulatory counsel before any clinical deployment.
Ready for procurement review?
We work with quality and safety leadership at academic medical centers. Reach out to start a security review.
Get started