Security is not optional in healthcare.
Every layer of Nexum is built with security and compliance at the foundation — not bolted on as an afterthought.
Multi-Tenant Isolation
Casbin RBAC with 18 resources and 5 configurable roles. Complete data isolation between organizations. Every API request is scoped and authorized.
Data Encryption
AES-256 encryption at rest and TLS 1.3 in transit. No PHI in URLs or application logs. All sensitive data is encrypted end-to-end.
Authentication
Split JWT cookies for XSS protection, bcrypt password hashing, and secure session management. Defense in depth at every layer.
Infrastructure
GCP Cloud Run — SOC 2 and ISO 27001 certified infrastructure. Auto-scaling, zero-downtime deploys, and built-in DDoS protection.
Compliance
HIPAA-ready architecture with full audit logging on all data access. Business Associate Agreement available for all customers.
SOC 2 Readiness
Currently pursuing SOC 2 Type II certification. Our architecture and processes are designed from the ground up for enterprise-grade compliance.
Need more details?
Request our security whitepaper or review our Business Associate Agreement.