Security

Security-reviewed clinical workspace.

ChiroVault is designed around privacy-first clinical workflows, controlled AI, role-based access, audit visibility, and documented legal review before PHI processing.

Encryption

TLS in transit. Application-level encryption for sensitive values where configured. Production key configuration is part of the closing evidence check.

Access control

Role-based access for owners, clinicians, assistants, staff, support, and patient flows.

Audit logging

Access, edits, approvals, exports, and workflow actions are designed to create traceable audit evidence.

AI controls

AI outputs remain drafts until clinician review. PHI routing is governed by policy and legal review.

Pre-signing evidence checklist

Production encryption keys confirmed
PHI logging review completed
Backup and restore procedure documented
Incident notification procedure documented
Subprocessor list frozen for the signing packet
DPA / BAA eligibility review completed before live PHI processing

Open Trust Center Contact security