Security at FlexCare

Healthcare data is the most sensitive data that exists. Security is not a feature we added — it is the foundation we built on.

DPDP Act 2023

Compliant

IT Act 2000

Compliant

AES-256

Encryption at rest

TLS 1.3

Encryption in transit

Encryption

In transit

All data transmitted over HTTPS / TLS 1.3. No HTTP connections permitted.

At rest

Database encrypted with AES-256. Backups encrypted before upload.

Field-level

Sensitive fields (phone, email, Aadhaar) encrypted at the database column level.

Files

Prescriptions, lab reports, scans stored encrypted on Cloudflare R2. No public URLs.

Multi-Tenant Isolation

PostgreSQL RLS

Row Level Security policies enforce tenant isolation at the database level — not just application code.

Zero cross-tenant leakage

Even if a bug exists in application code, the database will block cross-tenant queries.

File storage isolation

Each clinic's files are stored under a unique tenant prefix. No shared file namespaces.

Subdomains

Each clinic gets an isolated subdomain. No shared session cookies between tenants.

Authentication & Access Control

OTP-based login

Phone OTP required for every login. No password-only access.

JWT sessions

Access tokens expire in 15 minutes. Refresh tokens rotate on every use.

RBAC

7 distinct roles (Super Admin, Clinic Admin, Doctor, Nurse, Receptionist, Pharmacist, Patient). Each role sees only what it needs.

Rate limiting

OTP requests: 3/15 min. Login attempts: 5/10 min. API: 1,000 requests/min/tenant.

Super Admin 2FA

Platform super admin requires TOTP (Google Authenticator) + IP whitelist.

Audit Trail

Every action logged

Who accessed what, when, from which IP, with what result — on every sensitive operation.

Append-only

Audit logs cannot be modified or deleted — not even by platform administrators.

7-year retention

Audit records retained for 7 years in line with healthcare compliance standards.

Exportable

Clinic admins can export their full audit log at any time.

Backup & Recovery

Daily full backup

Complete database snapshot every 24 hours, encrypted, stored in a separate region.

6-hour incremental

Incremental backups every 6 hours for point-in-time recovery.

RTO < 4 hours

Recovery Time Objective: system back online within 4 hours of a major failure.

RPO < 6 hours

Recovery Point Objective: maximum data loss of 6 hours.

Tested quarterly

Backup restoration is tested every quarter. An untested backup is not a backup.

Incident Response

Detection

Automated monitoring alerts for suspicious login patterns, bulk data access, and rate limit breaches.

Notification

Affected clinic admins notified within 24 hours of a confirmed breach.

DPDP Act compliance

Significant breaches reported to CERT-In within 72 hours as required by law.

Post-mortem

Root cause analysis published internally within 7 days. Affected clinics receive a full incident report.

Responsible Disclosure

If you discover a security vulnerability in FlexCare, please report it to us privately before disclosing it publicly. We take all reports seriously and will respond within 48 hours.

security@flexcare.in