Patient data is protected using strong encryption both in transit and at rest. All data transmitted between systems uses modern TLS protocols (TLS 1.2 and TLS 1.3) with current cipher suites such as AES-256-GCM and ECDHE for forward secrecy, while stored data is encrypted using AES-256. Access to patient data is governed by role-based access control (RBAC) enforcing least-privilege access, and data is logically segmented by customer to prevent cross-tenant exposure. Security controls, access activity, and operational processes are independently reviewed through annual SOC 2 and HITRUST e1 compliance assessments to verify that appropriate safeguards remain in place.