Clear Diagnostix
Book demo

Security & trust

Patient data deserves real engineering.

Clear Diagnostix is the system of record for some of the most sensitive moments in your patients' lives. We treat that responsibility the way your compliance team would design it.

Talk to security Book demo

Data in transit

TLS 1.2+ on every connection — patient, doctor, partner, and webhook traffic.

Data at rest

AES-256 encryption for all stored records, files, and database content.

Role-based access

Owners, coordinators, doctors, and partners each see only what they need.

Audit trails

Every record view, edit, payment, and message is logged and queryable.

Secure file pipeline

Signed, expiring URLs for every patient document upload and download.

Global hosting

EU and US regions available. Data residency for enterprise customers.

Compliance

Built around how healthcare regulators actually think.

Clear Diagnostix is healthcare-aware by default. We sweat the parts most B2B SaaS skips — minimum necessary access, breach notification flows, vendor management, and patient consent.

HIPAA-conscious workflows

Built around minimum-necessary access, audit trails, and BAAs with subprocessors.

GDPR-aware data handling

Lawful-basis tracking, data subject access flows, and EU hosting for EU operators.

SOC 2 — in progress

Type I targeted for completion. Security questionnaires welcome at any time.

Stripe Connect — verified

PCI handled by Stripe. Clear Diagnostix never sees raw card numbers.

Subprocessor transparency

Public list of subprocessors. Notice before introducing new ones.

Vulnerability disclosure

Coordinated disclosure program for security researchers.

Application security

  • Continuous dependency scanning
  • Strong CSRF, XSS, and CSP defaults
  • Brute-force and abuse rate-limiting
  • Secret rotation and least-privilege keys

Operational security

  • MFA required for all internal staff
  • Single sign-on for production access
  • Quarterly access reviews
  • Encrypted, monitored audit log retention

Patient data practices

  • Records visible only to authorized staff
  • Per-doctor scoped access on shared cases
  • Configurable retention policies
  • Deletion on request, with audit

Ready when you are

Send us your security questionnaire.

We're happy to walk procurement, IT, and clinical leadership through how Clear Diagnostix handles patient data and meets your compliance bar.

Book demo Talk to sales