Most healthcare innovations never make it to the providers and patients that need them, because enterprise data security and privacy diligences are complex and expensive for both developers and healthcare execs.
MedStack supports high standards of security and privacy management, but speeds diligence through standardization of architecture and regulation-mapped policies.


Without MedStack

Developers face overshot schedules and exceeded budgets due to architecture and legal work for compliance and interoperability.


With MedStack

Developers can focus on their own innovations across UI, workflow and analytics, and bring better patient value.

Learn more about the complexities and tricky nuances of compliance and data security and how MedStack simplifies the ecosystem.

These tasks are projects in themselves, yet are non-negotiable. Let’s unpack the details.


Our Customer Said

With MedStack, we easily switched off of a labor-intensive AWS setup, freeing up our team to work on our core products and growth. Great company and robust HIPAA compliance!

Raphael Anstey, CEO of CircleLink Health

How does MedStack work?

MedStack supports data residency and healthcare data privacy expectations in multiple jurisdictions around the world.


We support the largest selection of infrastructure technologies and tools



  • PHP
  • Node.js
  • Python
  • Ruby
  • Java
  • Windows .NET Core


  • MySQL
  • MongoDB
  • PostgreSQL
  • Redis
  • Scalable Database Service
  • ElasticSearch


  • Cloud-native Managed File / Blob Storage services


  • Mirth Connect
  • + others
If your stack item can be hosted in a Docker container,
MedStack can secure it for healthcare data.

Don't see your tool here? Contact us.
We will work with you to implement your preferred stack.

The MedStack Process

  1. Log into the seamless MedStack Control dashboard, creating tiered hierarchical accounts for the business owner, developers, and financial planners as you need.  HIPAA Business Associate Agreement and our fully-auditable privacy policies are included free with your account.
  2. Set up the Docker containers for your application server and databases with the size and configuration you need, all using standard Docker terminology and workflows.  These can be set up in a cluster and with load balancers to suit your performance and growth needs.
  3. Pricing for your container deployment can be determined here.
  4. MedStack can also set up for you an integrated scalable database service or interoperability platform such as FHIR or Mirth Connect, directly connected to your Docker setup.  Please contact us to learn more.
  5. You're billed seamlessly to your credit card just for what you use on an hourly basis.
  6. 24/7 Email support is available to support your operations and expanding technology requirements.

Learn more about the complexities and tricky nuances of compliance and data security and how MedStack simplifies the ecosystem.

These tasks are projects in themselves, yet are non-negotiable. Let’s unpack the details.



Privacy Compliance

Privacy policies for industry regulations are pre-written and real-time auditable by MedStack’s platform, backed by your access to our Active Compliance Monitoring System. Our HIPAA Business Associate Agreement, Annual Penetration Test, Privacy Impact Assessment and Threat Risk Assessment are available to you as well as part of your subscription to support your customer audits.

MedStack also offers you discount access to employee privacy training, business privacy assessment and business policies via our partners Privacy Horizon, the leaders in technology privacy consulting, and cyber-liability insurance via Zensurance. We will work with you for all industry and customer privacy audits to ensure that you are positioned for success and rapid adoption.

MedStack comes integrated with built-in compliance operations:

  • Managed IP, networking and OS patches
  • Automatic and encrypted audit logs
  • HIPAA BAA and GDPR amendments
  • SLA-backed support and incident management systems
  • Hands-on support for customer and industry compliance audits



MedStack’s automation system installs all security configurations and controls required to ensure your app runs and manages data in the cloud to the highest standards of data security and privacy compliance, such as HIPAA, PIPEDA, PHIPA and more.

These controls include: defense-in-depth separation architecture, hypervisor active intrusion-detection, TLS restricted transmissions, 2FA admin access, and more. They are installed, tested, managed and maintained by MedStack’s system without requiring any special code in your app, consistently, irrespective of the cloud host underneath. All backed by our high-standard SLA.

MedStack secures and protects your healthcare data via:

  • Defence-in-Depth separation architecture
  • Hypervisor active intrusion-detection protected VPC
  • TLS 1.2 restricted transmissions / communications
  • AES-256 dm- crypt LUKS transparent encryption
  • GPG AES-256 encrypted auto- scheduled backups
  • Access key with 2-factor auth for server admin