EMS OPS HUB← Home
Security & Compliance HIPAA-Aware

Healthcare-grade security posture.

EMS Ops Hub is engineered for protected health information from day one. Encryption in transit and at rest, role-based access, audit logging, and BAA-ready operations for qualifying U.S. healthcare partners.

TLS 1.2+ · AES-256HIPAA-Aware WorkflowsRBAC · MFA · PasskeysServer-Side Audit LogsU.S.-Based InfrastructureBAA-Ready Operations

Security pillars

Encryption Everywhere
TLS 1.2+ on every connection. AES-256 at rest across managed storage. Secrets stored in managed vaults — never in client code.
HIPAA-Aware Workflow Design
Protected health information (PHI) handling is engineered into dispatch, ePCR, billing, and admin surfaces. PHI minimization, redaction utilities, and access boundaries are first-class.
Role-Based Access Control
Granular roles for dispatch, crew, billing, and administrators. Optional MFA and passkey enrollment for elevated roles.
Audit Logging
Server-side audit trail across PCR, billing, dispatch, and admin actions. Logs are retained per policy and available to qualifying partners under BAA.
U.S.-Based Infrastructure
Hosted on managed U.S. cloud regions with regional redundancy and managed observability.
BAA-Ready Operations
A Business Associate Agreement is available for qualifying healthcare partners covering operational handling of PHI.
Encryption

In transit & at rest.

  • TLS 1.2+ on every client and server connection.
  • AES-256 at rest across managed storage.
  • Managed secrets — API keys and credentials stored in managed vaults, never in client bundles.
  • U.S.-based hosting with regional redundancy.
Audit Logging

Every sensitive action is logged.

  • PCR & billing create / edit / submit events with actor, timestamp, and surface.
  • Dispatch & admin actions including role changes and access escalations.
  • Anomaly signals for off-hours edits, bulk exports, and unusual access patterns.
  • Export available to qualifying partners under BAA on request.
Supporting Documentation

Request compliance documents

Available to qualifying partners and investors under standard NDA. Email admin@emsopshub.com or click any document below.

Request
Security Overview
High-level description of platform security posture and controls.
Email Compliance →
Request
BAA Template
Business Associate Agreement template for qualifying partners.
Email Compliance →
Request
Infrastructure Summary
Hosting regions, encryption, access boundaries, and observability.
Email Compliance →
Request
Data Handling Notes
PHI minimization, retention, and redaction practices.
Email Compliance →
Request
Audit Logging Details
Audit trail scope, retention, and export availability.
Email Compliance →
Request
Due-Diligence Packet
Bundled documentation for investor / partner review.
Email Compliance →

Frequently asked questions

Is EMS Ops Hub HIPAA certified?+
HIPAA is a regulatory framework, not a certification body. EMS Ops Hub is engineered with HIPAA-aware workflow design and operates under a BAA with qualifying partners that handle PHI.
Where is data hosted?+
On U.S.-based managed cloud infrastructure with encryption in transit and at rest.
How do you handle PHI?+
PHI minimization across surfaces, encrypted storage, role-based access, redaction utilities, and audit logging on PCR / billing actions.
Do you sell or share data?+
No. Customer and patient operational data is not sold or shared with third parties for marketing.
Can we run a security review?+
Yes — email admin@emsopshub.com to request a security overview, BAA, and supporting documentation.

Ready for a security review?

Email our compliance team to request a security overview, BAA template, or full due-diligence packet.

Contact Compliance