Built to the standard a national health record demands.
The registry is a system of record for the federal healthcare ecosystem. Every control, log, and disclosure path is designed for that responsibility.
HIPAA / HITECH
Administrative, physical and technical safeguards mapped to 45 CFR §164.
DEA EPCS
Electronic prescribing of controlled substances with two-factor identity proofing.
State PMPs
Bidirectional sync with state Prescription Monitoring Programs.
SOC 2 Type II
Continuous controls monitoring across security, availability and confidentiality.
21st Century Cures
USCDI v3 data classes and FHIR R4 APIs for patient access and interoperability.
Audit ledger
Append-only, hash-chained record of every access, write and AI inference.
Who can see what
Strict, role-based access — enforced in the database.
- Patients see only their own visits, prescriptions, and consent disclosures.
- Doctors see records for patients in their active care relationship and cohort.
- Pharmacies see only prescriptions routed to them and the dispense audit trail.
- Administrators see de-identified analytics by default; named records require a logged warrant or BAA-bound request.