PHItag
Sign InGet Started
Context:Production-US-East
Last Sync: PENDING

Guest Access

Identity Pending

Enterprise Trust Center

PHItag is a stateless governance engine. We manage your cloud integrity without ever touching your patient data.

HIPAA COMPLIANT
BAA AVAILABLE
ZERO-PHI ARCHITECTURE
AES-256 ENCRYPTED

Our "No-Data" Guarantee

Unlike traditional tools, PHItag is a Control Plane. We connect to your Azure environment via secure Service Principals to manage Tags and Metadata only. Your PHI (Protected Health Information) remains safely within your Azure Tenant, satisfying the strictest HIPAA data residency requirements.

Data Privacy & Architecture

  • Zero-PHI Footprint: We never store patient data
  • Metadata Only: We only access & store resource tags
  • Encryption at rest (AES-256) for all configuration
  • TLS 1.3 Encryption for all API communications

Azure Access Control

  • Least-Privilege Service Principal (RBAC) access
  • Scoped access to specific Azure Subscriptions only
  • Audit logs for every tagging action taken
  • Credential rotation and secret management

Compliance & Auditing

  • Signed BAA (Business Associate Agreement) available
  • Strict employee access controls (Least-Privilege)
  • Annual mandatory HIPAA & Cyber-security training
  • Continuous vulnerability monitoring

Vulnerability Disclosure

We appreciate the global security community. If you've discovered a vulnerability, please reach out to us. We offer safe harbor for researchers acting in good faith.

Contact Security Team

Our Triage Promise

Reports are triaged within 24 hours. We provide transparent updates throughout the remediation process and credit researchers for their work.