{ "version": "1.0", "last_updated": "2026-02-28", "security": { "zero_knowledge": { "enabled": true, "description": "Zero-knowledge architecture. Patient data is encrypted client-side before leaving the device. Encryption keys are generated and stored in the customer environment — Tamia never has access to patient data.", "encryption_at_rest": "AES-256", "encryption_in_transit": "TLS 1.3", "key_management": "Customer-side, automatic. Keys never stored on Tamia servers." }, "features": [ { "id": "zero-knowledge", "name_en": "Zero-knowledge architecture", "description_en": "Clinical data is encrypted client-side before it leaves your device. Tamia never has access to your patient data — not even we can read it." }, { "id": "encryption", "name_en": "End-to-end encryption", "description_en": "AES-256 at rest, TLS 1.3 in transit. Encryption keys are automatically generated and stored in your environment, never on our servers." }, { "id": "eu-cloud", "name_en": "EU cloud hosting", "description_en": "All data is hosted on servers located in the EU. No international data transfers." }, { "id": "gdpr", "name_en": "GDPR compliance", "description_en": "Designed and operated in compliance with the General Data Protection Regulation (GDPR)." }, { "id": "dpa", "name_en": "Data Processing Agreement (DPA)", "description_en": "Data Processing Agreement available to all customers as required by GDPR." }, { "id": "mfa", "name_en": "Multi-factor authentication (MFA)", "description_en": "Two-factor authentication to protect user access." }, { "id": "sso", "name_en": "Single Sign-On (SSO)", "description_en": "Integration with corporate identity providers via SAML 2.0 and OAuth 2.0." }, { "id": "rbac", "name_en": "Role-based access control (RBAC)", "description_en": "Granular permissions per user, professional role, and system module." }, { "id": "audit", "name_en": "Full audit trails", "description_en": "Detailed logging of all actions: access, queries, modifications, and deletions." }, { "id": "backups", "name_en": "Automatic backups", "description_en": "Daily backups with 30-day retention. Guaranteed disaster recovery." }, { "id": "export", "name_en": "Data export", "description_en": "Full export mechanisms in industry-standard formats: CSV, HL7, FHIR." } ], "gdpr": { "compliant": true, "dpa_available": true, "data_hosted_in_eu": true, "details_en": [ "Data hosted exclusively in the EU", "Right to erasure and data portability", "Explicit, documented consent", "Security breach notification", "DPA (Data Processing Agreement) included" ] }, "access_control": { "mfa": true, "sso": true, "rbac": true, "details_en": [ "Predefined roles (physician, nursing, administration)", "Customizable permissions per module", "Data segregation per site (multi-site)", "Optional multi-factor authentication" ] }, "audit": { "full_audit_trails": true, "details_en": [ "Record access logging", "Data modification traceability", "Change history with date, time, and user", "Log export for external audits" ] }, "backups": { "automatic": true, "frequency": "daily", "retention_days": 30 }, "compliance_standards": [ { "name": "GDPR / RGPD", "description_en": "European Union General Data Protection Regulation" }, { "name": "ISO 27001", "description_en": "Designed in alignment with the international information security management standard (aligned, not certified)" }, { "name": "HL7 / FHIR", "description_en": "Healthcare interoperability standards" } ] }, "brand_badges_es": [ "Creado en Canarias", "Disponible en España y la UE" ] }