No PHI, by architecture
Oystercatcher is built on public provider data — NPI registry, CMS datasets, Open Payments, state medical boards. We never process patient data, so there is no PHI in the platform to protect, breach, or subpoena.
Encryption everywhere, no PHI by design, auditable AI access, and a security posture we describe exactly as it is.
Oystercatcher is built on public provider data — NPI registry, CMS datasets, Open Payments, state medical boards. We never process patient data, so there is no PHI in the platform to protect, breach, or subpoena.
Data is encrypted at rest with AES-256 using AWS KMS-managed keys, and in transit with TLS. The platform runs on AWS with tenant isolation enforced at the query layer for every organization.
Role-based access control with owner, admin, and member roles. Multi-factor authentication, with TOTP MFA enforced for administrative access. Enterprise plans add single sign-on across the major identity providers.
Every integration is OAuth — no shared credentials. Sync activity is logged. AI-assistant access over MCP is consented per user, governable org-wide by admins, and every call lands in the audit log.
We are building our control environment toward a future SOC 2 examination. We are not yet certified, and we will not imply otherwise — when the report exists, it will be here.