Trust Center

Security & Compliance

Last updated: June 16, 2026

On This Page

Need a BAA?

Enterprise hospital systems requiring Business Associate Agreements can contact our compliance officer.

Contact Compliance

Security Philosophy

Protecting healthcare logistics networks requires continuous vigilance and secure-by-default architecture. We prioritize container isolation, data protection at all levels, and robust backup protocols, ensuring your pharmacy operates reliably and securely.

Infrastructure & Cloud Hosting

MedInvento is hosted on industry-leading enterprise cloud infrastructure (Amazon Web Services), built with multiple layers of system isolation:

  • Isolated Environments: Multi-tenant configurations employ logical container sharding. Your inventory files, invoices, and sales metrics run in private namespaces.
  • Firewalls & VPC: Cloud instances are enclosed in Private Virtual Clouds (VPC) protected by firewall configurations blocking unauthorized ingress ports.
  • DDoS Prevention: Any automated threat or anomalous login flood is throttled and blocked at the edge DNS layer.

Data Encryption Standards

We enforce cryptographic protection across all telemetry routes and storage pools:

  • In Transit: All platform connections utilize TLS 1.3 encryption. Data flowing between your browser, POS application, and our servers is secured.
  • At Rest: Storage drives, customer catalogs, and medical history columns are encrypted using AES-256 standard encryption keys.
  • Secrets Management: API keys and partner credentials are kept in dedicated software vaults, rotated automatically.

Backups & Business Continuity

We guarantee system durability and disaster recovery metrics:

  • Daily Backups: Database instances are backed up once every 24 hours. Backups are stored in separate regional storage nodes.
  • Point-in-Time Recovery: Logs are archived to facilitate transaction history rolls in case of localized pharmacy POS network failures.
  • 99.9% Uptime: Application clusters are distributed across dual-zone architectures to prevent server outages.

HIPAA & Compliance Standards

MedInvento complies with medical information policies to protect pharmacy logs:

  • Patient identifiers and pharmaceutical prescriptions are masked. No prescription logs are stored in raw telemetry blocks.
  • Access logs are retained for auditing. Pharmacy owners can view which employee terminal checked or updated inventory columns.
  • Regular internal code checks are conducted to address possible package vulnerabilities.

Vulnerability Disclosures

If you identify any security issue or credential leak in our systems, please submit disclosures to our team. We respond to verified security submissions within 24 hours.

🏢 organization: Tecxy Inc.