Enterprise-Grade Security.
Zero Compromises.
Sentinel Health is built from the ground up to protect personal health information. Every layer of our stack is designed for compliance, auditability, and trust.
PIPEDA
Canadian Privacy Law
- Data residency in ca-central-1
- Consent management framework
- Breach notification protocols
- Privacy impact assessments
HIPAA
US Health Data Compliance
- BAA with all sub-processors
- PHI encryption at rest and in transit
- Minimum necessary access principle
- Regular risk assessments
SOC 2 Type II
In ProgressSecurity & Availability
- Annual third-party audit
- Access controls and monitoring
- Change management procedures
- Incident response protocols
AES-256 Encryption at Rest
All PHI encrypted in the database and file storage using industry-standard AES-256 encryption.
TLS 1.3 in Transit
All data encrypted between client, server, and third-party services using the latest TLS protocol.
Role-Based Access Control
Granular permissions enforced at the API and database layer. Every role scoped to minimum necessary access.
Audit Logging
Every access to PHI is logged with user, timestamp, IP address, and action for complete traceability.
MFA Enforcement
Multi-factor authentication required for all clinical and admin roles. Supports TOTP and WebAuthn.
Automated Backups
Daily encrypted backups with 30-day retention and point-in-time recovery for disaster scenarios.
Hosted in Canada. Built for Isolation.
Sentinel Health runs on AWS ca-central-1 (Montreal) inside a private VPC. No database is publicly accessible. All traffic routes through a Caddy reverse proxy with automatic SSL certificate management, and application processes are managed by PM2 for zero-downtime deployments.
Found a Vulnerability?
We take security reports seriously. If you've discovered a potential vulnerability, please disclose it responsibly by contacting our security team directly.
security@sentinelhealth.co →