Privacy & Security

PHI never leaves your hardware. That's not a policy — it's the architecture.

The core principle

Most clinical software is built around a cloud SaaS model: your patient data flows to a vendor's servers, you sign a Business Associate Agreement (BAA), and you trust that the vendor's controls are sufficient. MedFlight Ops takes a different approach.

Every component of MedFlight Ops runs inside a Docker container on hardware your organization controls — a tablet, a workstation, or a server at your base. Patient data is written to a local database. It never leaves that container over the network.

What this means for your BAA exposure

A BAA is required when a vendor creates, receives, maintains, or transmits PHI on your behalf. Because MedFlight Ops never receives or transmits your PHI — it only processes it locally on your hardware — your BAA surface area is significantly reduced.

You are not adding another cloud vendor to your compliance inventory. You are adding a software package, similar to how you would evaluate any on-premises application.

Architecture summary

  • On-premises deployment Runs as a Docker Compose stack on hardware you own and manage.
  • Local database only PostgreSQL runs inside the container. No replication to external systems.
  • No outbound PHI The application makes no network calls that carry patient data. AI features use only de-identified metadata.
  • No vendor data access MedFlight Ops has no administrative access to your deployment. There is no back door, no telemetry pipeline, no usage data collection.
  • Air-gappable The stack can run fully offline after initial setup. Suitable for environments with restricted network access.

SOC 2 roadmap

We are targeting a SOC 2 Type I audit in Q3/Q4 2026. Because the on-premises architecture eliminates the hardest cloud-side controls (data transmission security, vendor access controls, cloud storage encryption), the audit scope is narrower than a typical SaaS product.

We will share the audit report with customers and prospects when it is complete.

Questions?

If you are a compliance officer, IT director, or privacy officer evaluating MedFlight Ops, we are happy to walk through the architecture in detail. Reach out to schedule a call.