Elderwise.ai designs its platform for HIPAA compliance — formal certification is in progress (target Q2 2026). We implement comprehensive security measures to protect health information.
AES-256-GCM encryption for all PHI at rest and in transit (current as of December 2024)
Role-based access with minimum necessary principle
Comprehensive tracking of all PHI access and modifications
Configurable session timeout (default 30 minutes) with activity monitoring
Patient-controlled privacy preferences and consent tracking
Version control and integrity checks for all PHI
Implementation of administrative, physical, and technical safeguards
Protection of patient rights and proper use of health information
Enhanced breach notification and meaningful use requirements