One Health Sentinel Logo
One Health Sentinel
Enterprise Security

Security & Compliance

Health data is among the most sensitive information a government manages. One Health Sentinel is built from the ground up with security architecture that meets the expectations of Ministries of Health, donor organizations, and international standards bodies.

Our Security Commitment

We do not store data we don't need. We do not share data without explicit authorization. Every government deployment retains full ownership of its data, and we provide complete data portability — you can export everything at any time, in standard formats. If you leave, your data leaves with you.

Security Architecture

Four layers of security designed specifically for health system operations

Role-Based Access Control (RBAC)

Granular 10-role permission system designed for health system hierarchies.

System Administrator — full platform control
National Coordinator — country-wide oversight
Regional Manager — sub-national coordination
Facility Manager — site-level administration
Health Worker — data entry and field operations
Lab Technician — laboratory data management
Epidemiologist — surveillance and analytics
Quality Officer — audit and compliance
External Auditor — read-only verification access
Development Partner — monitoring dashboards only

Encryption & Data Protection

Multi-layer encryption protects data at rest, in transit, and during processing.

TLS 1.3 for all data in transit
AES-256 encryption for data at rest
Encrypted database connections
Secure session management with rotating tokens
Password hashing with bcrypt (salt rounds: 12)
API authentication via signed JWT tokens

Audit Trail & Logging

Every action is logged with timestamp, user identity, and context — nothing happens without a record.

Immutable audit logs for all data changes
User session tracking with IP and device info
Login/logout event recording
Data export tracking and approval workflows
Real-time anomaly detection on access patterns
Exportable audit reports for external review

Data Governance

Structured governance frameworks aligned with national health data policies.

Data ownership remains with the deploying government
Configurable data retention policies
Data classification (public, internal, confidential, restricted)
Cross-border data flow controls
Right to data portability — export everything, anytime
Data Processing Agreements (DPA) available on request

Deployment Options

Choose the deployment model that matches your data sovereignty requirements

MOST POPULAR

Cloud Hosted

Managed SaaS

Fully managed deployment on enterprise-grade cloud infrastructure. Fastest to deploy, lowest operational overhead.

  • Automatic updates and patches
  • Managed backups and disaster recovery
  • 99.9% uptime SLA
  • Multi-region availability
  • SOC 2 compliant hosting

Private Cloud

Dedicated Instance

Isolated cloud environment dedicated to your organization. Data never co-mingles with other tenants.

  • Single-tenant architecture
  • Custom data residency (choose your region)
  • Dedicated database instances
  • Custom security configurations
  • VPN/private network options

On-Premise

Sovereign Deployment

Full deployment within government data centers. Complete data sovereignty with no external dependencies.

  • Data never leaves national borders
  • Air-gapped deployment option
  • Integration with national identity systems
  • Custom infrastructure requirements
  • Full source code escrow available

Standards & Compliance

Alignment with international health data and security standards

ISO 27001

Aligned

Information security management

ISO 9001:2015

Built-in

Quality management system (full module)

HIPAA

Aligned

Health data privacy (US standard)

GDPR

Aligned

Data protection (EU standard)

HL7 FHIR

Roadmap

Health data interoperability

DHIS2

Roadmap

Integration with national HIS

IHR (2005)

Aligned

International Health Regulations compliance

WHO SCORE

Aligned

Health information systems assessment

Built-in = fully implemented module   Aligned = architecture follows standard   Roadmap = planned integration

Common Security Questions

Who owns the data collected through One Health Sentinel?

The deploying government or organization retains full ownership of all data. LifeCare Medical Inc. acts as a data processor, not a data controller. This is formalized in our Data Processing Agreement.

Can data be hosted within our national borders?

Yes. We offer on-premise deployment for governments that require data sovereignty. The platform can run entirely within your national data center infrastructure with no external dependencies.

How do you handle data breaches?

We maintain a documented incident response plan with notification within 72 hours. Our architecture is designed to minimize blast radius — role-based access, encrypted storage, and network segmentation limit the scope of any potential breach.

Can we export our data if we decide to stop using the platform?

Absolutely. Full data export is available at any time in standard formats (CSV, JSON, FHIR where applicable). There is no lock-in, no proprietary formats, and no export fees.

Is the platform auditable by third parties?

Yes. We provide an External Auditor role with read-only access specifically designed for independent verification. Complete audit logs are exportable for external review.

Need a Security Assessment?

We provide detailed security documentation, architecture diagrams, and technical briefings for IT teams and procurement offices.

Request Security BriefSchedule Technical Review