Security

Enterprise controls designed for healthcare operations — encryption, RBAC, and auditability.

HTTPS across application and API endpoints with modern TLS at the edge and managed certificates on Azure.

Company vs platform portals, custom roles, and least-privilege defaults for billers, BCBAs, and admins.

Authentication, exports, settings changes, and administrative actions recorded for review.

Automated multi-company isolation tests and guards on every company-scoped API path.

Password policies, failed-login lockout, and MFA-ready authentication architecture.

Database backup jobs and restore request workflows for platform operators.