Clear Diagnostix
Get started for FREE!

Please confirm

Security & trust

Patient data deserves serious infrastructure.

Clear Diagnostix is the system of record for some of the most sensitive moments in your patients' lives. We treat that responsibility with the rigor your compliance team expects.

Talk to security Get started for FREE

Data in transit

TLS 1.2+ on every connection — for people using the product and for automated system updates.

Data at rest

AES-256 encryption for stored records, files, and the information behind your workspace.

Role-based access

Owners, coordinators, doctors, and partners each see only what they need.

Audit trails

Every record view, edit, payment, and message leaves a trace your admins can review.

Secure file pipeline

Signed, expiring URLs for every patient document upload and download.

Global hosting

EU and US regions available. Data residency for enterprise customers.

Compliance

Built around how healthcare regulators actually think.

Clear Diagnostix is healthcare-aware by default. We sweat the parts most B2B SaaS skips — minimum necessary access, breach notification flows, vendor management, and patient consent.

HIPAA-conscious workflows

Built around minimum-necessary access, audit trails, and BAAs with subprocessors.

GDPR-aware data handling

Lawful-basis tracking, data subject access flows, and EU hosting for EU operators.

SOC 2 — in progress

Type I targeted for completion. Security questionnaires welcome at any time.

Stripe — verified

PCI handled by Stripe. Clear Diagnostix never sees raw card numbers.

Subprocessor transparency

Public list of subprocessors. Notice before introducing new ones.

Vulnerability disclosure

Coordinated disclosure program for security researchers.

Application security

  • Continuous dependency scanning
  • Strong CSRF, XSS, and CSP defaults
  • Brute-force and abuse rate-limiting
  • Secret rotation and least-privilege keys

Operational security

  • MFA required for all internal staff
  • Single sign-on for production access
  • Quarterly access reviews
  • Encrypted, monitored audit log retention

Patient data practices

  • Records visible only to authorized staff
  • Per-doctor scoped access on shared cases
  • Configurable retention policies
  • Deletion on request, with audit

Ready when you are

Send us your security questionnaire.

We're happy to walk procurement, IT, and clinical leadership through how Clear Diagnostix handles patient data and meets your compliance bar.

Get started for FREE Talk to sales