Trust

Security at Premier Medsolutions.

Every line of code we ship handles patient data. We treat that responsibility as a first-class engineering constraint.

Compliance

  • HIPAA-aligned. Business Associate Agreement signed with every covered entity.
  • SOC 2 Type II audited annually by an independent third party.
  • HITRUST CSF preparedness program in progress.

Data protection

  • AES-256 encryption at rest.
  • TLS 1.3 in transit. Modern cipher suites only.
  • Customer data isolated by tenant. No cross-tenant queries.
  • Backups encrypted, geographically replicated, and tested quarterly.

Access controls

  • SSO via SAML and OIDC. Required for all production access.
  • Hardware-key MFA required for all engineering and support staff.
  • Just-in-time access for production with full audit logging.

Disclosure

We welcome responsible disclosure of security issues. Email security@premiermed.com with details, reproduction steps, and your preferred contact method. We aim to acknowledge reports within one business day.