Data Encryption | MediBridgeX Docs

MediBridgeX employs military-grade encryption methodologies to protect Protected Health Information (PHI) both in transit and at rest.

In Transit

All API traffic must be routed over HTTPS. We enforce TLS 1.3 (with fallback to TLS 1.2) using strong cipher suites. Any request made over unencrypted HTTP will be immediately dropped at the Edge before reaching the application layer.

At Rest

All data stored in our PostgreSQL databases, including FHIR resources and audit logs, is encrypted at rest using AES-256. Database volumes are encrypted at the block level, and sensitive individual fields (such as Social Security Numbers) undergo an additional layer of application-level encryption before being written to disk.

BYOK (Bring Your Own Key)

Enterprise Dedicated customers have the option to configure Bring Your Own Key (BYOK) via AWS KMS or Azure Key Vault, granting you absolute cryptographic control over your tenant's data.