Security and compliance, by design.
GeriCloud handles protected health information on a HIPAA-aligned AWS architecture. Security built in, not bolted on.
We operate as a Business Associate to covered-entity practices. Business Associate Agreements (BAAs) are signed with every customer.
Amazon Cognito user pools with MFA and TOTP support. Every session is authenticated and time-limited.
Data encrypted at rest and in transit via AWS KMS.
DynamoDB point-in-time recovery, AWS Backup, and S3 encryption.
AWS WAF and API access logging. Anomalous patterns surface in alerts.
Isolation enforced on every database query. One tenant cannot reach another's data.
Built on AWS Amplify. Data in DynamoDB and Aurora PostgreSQL. OpenSearch for activity search. All services deployed with geo-redundant backup.