Trust, engineered

Paranoid by design. Audited by default.

AI in healthcare only works if every action is accountable. MedOp logs everything, gates the dangerous stuff, and hands you the off switch.

HIPAA-aligned audit trail

Every PHI access is logged with who, what, and when in a tamper-evident trail. Agent or human — no exceptions, no gaps.

Encryption at rest and in transit

All PHI is AES-256 encrypted at rest and TLS 1.3 in transit. Encryption keys are managed with strict rotation policies.

TOTP-gated prescribing

Controlled actions like eRx require fresh time-based OTP from a human provider. AI agents cannot prescribe without human confirmation.

Encrypted backups, daily

Automatic encrypted snapshots with geographically distributed storage and tested restore paths. RTO under 4 hours.

Role-based access control

Front desk, billers, and providers each see exactly what their role requires. Granular permission sets, not all-or-nothing access.

Per-agent kill switches

Disable any agent instantly, practice-wide, from the admin console. No support ticket. No waiting period.

Tenant isolation

Multi-tenant architecture with strict data isolation. No cross-practice data leakage. Verified by automated tests on every release.

1,538 tests per release

Continuous eval gates, drift checks, and tenant-isolation audits run against every deployment before any code reaches production.

Business Associate Agreement

MedOp signs a BAA with every practice. HIPAA requires it — we make it standard, not optional.

Security questions, answered directly

Is MedOp HIPAA compliant?

MedOp is designed to support HIPAA compliance. We sign a Business Associate Agreement (BAA) with every practice, maintain a HIPAA-aligned audit trail for all PHI access, encrypt data at rest and in transit, and implement access controls required by the HIPAA Security Rule.

Where is PHI stored?

PHI is stored in encrypted form in US-based cloud infrastructure. Data never leaves US borders. Encryption at rest uses AES-256; encryption in transit uses TLS 1.3.

Can AI agents access PHI without permission?

Agents operate within strict role-based access control. Each agent type has a defined scope of data access, and all PHI access is logged in the audit trail regardless of whether it was an agent or human action.

What happens if I want to stop using MedOp?

You can export your data in standard formats at any time. MedOp supports FHIR-compliant data export. Your data is yours.

Ready to review the full security posture?

We'll walk you through our audit trail, BAA, and security controls in your demo.

Book a security walkthrough →