|
|
|
|
|
|
by dsil
1866 days ago
|
|
|
I have a lot of experience with this coming from a background in healthcare. We are not HIPAA compliant yet, so that might be a dealbreaker for some. There are workarounds, eg for database connectors, and some other connectors, we let you specify which schemas/tables/columns to sync, so you can choose to not sync PII columns (or hash them), and still get a ton of value from the other data and/or aggregates. And not for PHI, but some of our customers pull all their data into Mozart, write some data transformations within Mozart to redact sensitive data, then use role-based-access-control to give the rest of the company full access to redacted tables, and only certain people have access to the full data. That said, the security of our customers' data is our top priority regardless of what type of data it is. We're currently in the process of being audited for SOC2 type2. |
|
|