Skip to content

Trust center

Security and compliance, built into every layer

DHEP is the Digital Healthcare Enabler Platform. Security and privacy are not features, they are the foundation.

  • HIPAA Compliant
  • GDPR Ready
  • 5 languages: EN FR DE SW LN
  • Free WhatsApp updates

HIPAA

DHEP follows all HIPAA Security Rule technical safeguards, access controls, audit controls, integrity controls and transmission security. Business Associate Agreements are available for all enterprise customers.

GDPR

Full GDPR compliance, including data protection impact assessments, data minimisation by design, purpose limitation and automated data subject rights via the patient app.

ISO 27001 (target)

Our information security management system is aligned with ISO/IEC 27001:2022. Annual internal audits and third-party penetration testing.

SOC 2 (target)

Trust services criteria for security, availability and confidentiality, attested by an independent auditor.

JCI-accredited partner clinics

Cross-border referrals route only to facilities that hold a current Joint Commission International accreditation.

Data residency

Africa stack hosted in Cape Town, Europe stack hosted in Frankfurt. You choose the region where your data lives.

Encryption at rest and in transit

Bank-grade encryption across the entire platform. Keys rotated automatically, audit logs immutable.

Patient consent first

No record is shared without an explicit patient choice. Every access is logged and visible to the patient.

Audit logs

Every access to a record is logged, including who, when and for what purpose. Logs are available to compliance officers on demand.

BAA available

Business Associate Agreements available for hospitals, doctors and qualifying partners on the enterprise plan.

Responsible disclosure

DHEP operates a responsible vulnerability disclosure program. Security researchers who identify vulnerabilities are asked to contact security@dhep.care with a full description before public disclosure. We commit to acknowledging reports within 48 hours and resolving critical vulnerabilities within 7 days.

Email security@dhep.care

Need a deeper compliance walk-through

Our compliance team is available for hospitals, doctors and qualifying partners.

Talk to compliance
Join our channels