Settings

Configure privacy, compliance, and platform

Every setting change is captured in the immutable audit log.

HIPAA & Privacy Controls
Global enforcement across all sources
Enforced
PHI Detection Engine
ML-based detection across all incoming events
Automatic Anonymization
Hash / tokenize / drop sensitive fields at ingestion
Strict Consent Mode
Reject events without a valid consent signal
IP Address Redaction
Drop IPs before storage; keep coarse geo only
Data Residency
Store all data in US-East HIPAA-eligible region
US-East · HIPAA
Data Retention
Automatic deletion based on classification
Raw events
Deleted from cold storage after policy window
400 days
Aggregated analytics
Retained for long-term trend reporting
3 years
Audit logs
HIPAA required minimum · 6 years
6 years
Backup snapshots
Encrypted, geo-redundant
30 days
Compliance & Certifications
Current attestations on file
HIPAA
BAA on file
SOC 2 Type II
Renewed Jun 2026
HITRUST
r2 Certified
GDPR
DPA available