Security & Privacy — Protecht™

Security & Privacy Architecture

Your health data stays exactly where it belongs

Protecht is built on a simple principle: your verified sexual health data lives on your device and nowhere else. Here's exactly how we protect it.

HIPAA Compliant Secure Enclave Encryption 60-Second Access Windows Provider-Verified Data
Protecht servers never see, touch, or store your health data — ever. The Protecht On-Device Promise

How it works

Three layers of protection

From the moment your results arrive to the second you share them, every step is designed to keep your data under your control.

01

On-Device Only Storage

Your STI results and vaccination records are downloaded directly to your iPhone and encrypted there. Protecht's servers are never in the data path.

AES-256-GCM encryption via Apple CryptoKit
Keys generated and stored in iOS Keychain
Zero PHI transmitted to Protecht infrastructure
Data persists only on your device — deleted when you uninstall
02

Secure Enclave Key Protection

Your encryption key is bound to Apple's Secure Enclave — a dedicated security chip that is physically isolated from the rest of the processor and inaccessible even to iOS itself.

Keys never leave the Secure Enclave in plaintext
Biometric authentication (Face ID / Touch ID) required to unlock
Hardware-backed protection survives OS compromises
Complies with FIPS 140-2 Level 2 standards
03

Time-Limited Secure Sharing

When you choose to share, a cryptographically signed, read-only snapshot is transmitted through an encrypted channel that auto-expires in 60 seconds — and can never be modified.

60-second access window, server-enforced expiry
Read-only payload — structurally impossible to alter
HTTPS-only transmission with certificate pinning
Full audit log of every share event on your device

Data flow

From provider to your pocket — and nowhere else

Every hop in the data journey is authenticated, encrypted, and audited. Your health information flows to exactly one destination: your device.

Healthcare Provider

Epic EHR, Quest Diagnostics, Kaiser — your verified results, accessed via FHIR R4 APIs

FHIR R4 API
OAuth 2.0
+ PKCE

Your iPhone

Data lands here — encrypted immediately by CryptoKit. Your Secure Enclave holds the key.

Secure Enclave
Encrypted
Token Only

Recipient's Device

A 60-second read-only snapshot, cryptographically signed. Expires automatically. Cannot be saved or forwarded.

60 sec expiry

What Protecht's servers handle

✓ Access tokens

Short-lived tokens that coordinate the sharing handshake — never your data

✓ Audit metadata

Timestamps and anonymized share event logs for HIPAA compliance

✗ Health data — never

No STI results, vaccination records, or any personal health information ever touches our servers

9:41 Encrypted

Your Health Records

HIV
Tested Mar 1, 2026
Negative
Chlamydia
Tested Mar 1, 2026
Negative
Gonorrhea
Tested Mar 1, 2026
Negative
Encrypted on-device AES-256-GCM · Secure Enclave key

On-device architecture

Your iPhone is the vault

Most health apps store your data in the cloud, protected by their security. Protecht stores your data on your device, protected by Apple's most advanced hardware security — the Secure Enclave.

Even if Protecht were to experience a data breach, there would be nothing to steal. Your health records never leave your device in unencrypted form.

Apple CryptoKit AES-256-GCM

Military-grade authenticated encryption. Each record encrypted with a unique nonce, making brute-force attacks computationally infeasible.

iOS Keychain + Secure Enclave

Encryption keys are stored in the iOS Keychain, protected by the Secure Enclave. Keys are hardware-bound to your device and biometrics.

HTTPS-Only, Certificate-Pinned

All network communication uses TLS 1.3 with certificate pinning, preventing man-in-the-middle attacks even on compromised networks.

Sign In with Apple

Authentication is handled entirely by Apple — Protecht never sees your email address or password.

Healthcare integration

Provider-verified. Impossible to fake.

Protecht pulls your results directly from your healthcare provider using FHIR R4 — the federally mandated interoperability standard under the 21st Century Cures Act.

The data originates from your provider's EHR system, arrives encrypted on your device, and is marked read-only. There is no mechanism for a user to alter a result — the architecture doesn't allow it.

FHIR R4

HL7 FHIR R4 standard. Federally mandated for all EHR vendors.

250M+

Patient records reachable via Epic FHIR integration alone.

OAuth 2.0

PKCE-secured authorization. You grant access — providers can't push data without your consent.

Read-only

FHIR data arrives as a read-only payload. No modification path exists — by design.

Compliance

Built to meet the highest standards

Protecht's architecture was designed around compliance requirements — not retrofitted to meet them.

HIPAA Compliant

Full compliance with the Health Insurance Portability and Accountability Act. BAA-capable backend. Complete audit logging.

HealthKit Guidelines

Full compliance with Apple's HealthKit privacy requirements. No health data processed server-side without explicit user consent.

21st Century Cures Act

Data access built on USCDI standards and ONC interoperability rules. Patients' right to their own data, fully honored.

Full Audit Trails

Every data access, share event, and authentication attempt is logged with tamper-evident records stored locally on your device.

Ready to get started?

Privacy that doesn't ask you to compromise

Protecht gives you the ability to share your health status with complete confidence — because you control the data, the keys, and the clock.