We protect your clinic's data the same way we help you protect your patients' data.
All data is encrypted in transit using TLS 1.3 and at rest using AES-256 encryption. Your clinic data is never stored in plain text.
All data is stored exclusively on Canadian servers. We never transfer your data outside of Canada.
All PHIPAGuard accounts support MFA. We require it for admin accounts and strongly recommend it for all users.
PHIPAGuard follows SOC 2 Type II security practices covering availability, confidentiality, and security.
We conduct third-party penetration testing and security audits annually to identify and fix vulnerabilities.
Every action taken inside PHIPAGuard is logged with a timestamp and user ID so you always have a full audit trail.
If you discover a security vulnerability, please report it responsibly to our security team.
Contact Security Team