HIPAA & Compliance

A technical overview of how we maintain strict adherence to healthcare data security standards.

Data Encryption

All PHI is encrypted at rest using AES-256 and in transit using TLS 1.3 across all platform endpoints.

Audit Trails

Every view, edit, or approval of a prescription record is logged with timestamp, user ID, and IP address for full traceability.

BAA Agreements

We execute standard Business Associate Agreements (BAA) with all client pharmacies utilizing our platform.

Compliance Overview

GIJ Lab is designed from the ground up to support compounding pharmacies in maintaining HIPAA and PIPEDA compliance. We understand the critical nature of Protected Health Information (PHI) and the regulatory burden placed on healthcare providers.

Our infrastructure runs entirely on dedicated, isolated containers within HIPAA-compliant AWS environments. Access control is enforced via strict Role-Based Access Control (RBAC), ensuring that lab technicians only see the data required to compound specific batches, while financial and patient data remains sealed behind pharmacist-supervisor permissions.

Employee Training & Access

All GIJ Lab engineers and support personnel undergo mandatory HIPAA awareness training. Access to production databases is strictly prevented except for designated incident response personnel during an active emergency, under dual-authorization access protocols.