Enterprise-Grade Security

Your Patients' Data is Safe with Us

Petdentx is designed from the ground up for the strictest healthcare data regulations on earth. Compliance isn't an add-on — it's the foundation.

Certifications & Compliance

HIPAA

Health Insurance Portability and Accountability Act

GDPR

General Data Protection Regulation (EU)

SOC 2 Type II

System and Organization Controls

ISO 27001

Information Security Management

Cambodia DPL

Cambodia Data Protection & E-Commerce Law

Security Architecture

End-to-End Encryption

All data is encrypted in transit using TLS 1.3 and at rest using AES-256. No exceptions.

Strict Tenant Isolation

Multi-tenant architecture with row-level security. A lab can only ever see the minimum data required to process a specific order.

Role-Based Access Control

Granular permissions mean every user sees only what their role requires. Admins control access down to individual fields.

Immutable Audit Trails

Every significant action is immutably logged. Logs cannot be deleted or altered.

Infrastructure Security

Hosted on enterprise-grade cloud infrastructure with automatic failover, daily backups, and 99.9% uptime SLA.

Breach Detection

Real-time anomaly detection, automated alerting, and a documented incident response plan with defined RTO/RPO targets.

Data Residency

Choose where your data lives. We support data residency in Southeast Asia, EU, and US regions.

Penetration Testing

Regular third-party penetration tests and vulnerability assessments. Results are reviewed quarterly.

HIPAA-Compliant Data Sharing

Cross-tenant data sharing follows a strict minimum-necessity principle.

1

Minimum Necessary Access

When a clinic sends a lab order, the lab receives only the data required to process that specific order — no medical history, no unrelated records.

2

Patient De-identification

Sensitive identifiers can be stripped from cross-tenant data transfers, ensuring HIPAA Safe Harbor de-identification where required.

3

Consent Management

GDPR-compliant consent records track what data was shared, with whom, when, and under what legal basis.

4

Right to Erasure

Data deletion workflows support GDPR's right to erasure requests, with cascading deletion across all tenant copies of a patient record.

Security at a Glance

TLS 1.3 in transit
AES-256 at rest
Row-level tenant isolation
Role-based access control
Immutable audit logs
Daily automated backups
MFA for all admin accounts
99.9% uptime SLA
Third-party pen testing
GDPR consent management
Data residency options
Incident response plan

Questions About Our Security?

Our security team is happy to answer questions or provide documentation for your compliance review.

Contact Security Team Start Free Trial