→ PHI isolation is architectural, not a configuration toggle.Row-level or equivalent tenant boundaries at the data layer. No shared pools that can cross patient context. Cross-tenant reads are impossible by design — not gated by application conditionals alone.
7UNIT / HEALTHCARE
Clinical and operational systems built forregulated patient data.
Healthcare software fails quietly until it fails loudly — wrong data in the wrong tenant, an audit trail someone can edit, or an integration that leaks context across patients. We build for PHI boundaries, immutability, and counsel-defined controls — not for demo-day demos.
7UNIT / WHAT WE BUILD
Patient- and provider-facing portals with role-scoped access. Scheduling and intake workflows integrated to existing EHR or practice systems where APIs allow. Document classification and routing for operational paperwork — not diagnostic AI claims. Audit-ready event logs per tenant or per organisation unit. WhatsApp-native patient communication only where your privacy counsel approves the channel and retention policy.
7UNIT / THE COMPLIANCE BOUNDARY
We do not hold HIPAA Business Associate Agreement status as 7Unit today. We implement technical controls — encryption in transit and at rest, tenant isolation, least-privilege RBAC, append-only audit trails — as defined by your privacy and compliance counsel. If your programme requires a BAA-signed vendor, we align with your legal team on whether our engagement model fits before we write code.
7UNIT / KEY ENGINEERING DECISIONS
→ Audit trails are append-only and queryable.Actor, action, entity reference, timestamp, and correlation ID — written for operational and compliance review. Deletion of audit history is not supported by the application path.
→ Integrations are explicit contracts, not opaque sync jobs.Each interface to an EHR, billing, or lab system is documented: payload shape, failure modes, retry policy, and manual fallback. We do not run undocumented batch exports of patient data.
→ Human-in-the-loop for clinical and billing edge cases.Automation accelerates routine workflows; ambiguous clinical or billing states route to staff with full context. We do not replace clinical judgement with opaque automation.
Anchor reference:
Production-scale patterns from multi-tenant compliance, document intelligence, and WhatsApp-native workflows — applied to healthcare under your counsel's scope. Explore →
- No public client PHI metrics — scope and outcomes discussed on discovery
- BAA status: not held by 7Unit today — technical controls per counsel
- Engagement fit assessed on the first call