HIPAA-aware data workflows for clinical registries.
BeaconCR is built around privacy-protective data handling. Encryption at rest and in transit, role-based access, audit logs, consent versioning, and Business Associate Agreement availability for covered entity relationships.
What we do
- Encryption at rest (AES-256-GCM at the record level)
- Encryption in transit (TLS 1.2+ everywhere)
- Role-based access control with least-privilege defaults
- Audit logs for every record creation, edit, view, and export
- Consent versioning that preserves each participant’s exact agreed text
- De-identification options for registry-data exports
- BAA availability for covered-entity relationships
- Secure messaging for PHI-bearing communications
- Breach response runbook with regulator-notification timelines
- Data export controls with elevated permissions and logging
Key features
Encryption everywhere
TLS 1.2+ in transit, AES-256-GCM at rest. Disk volumes encrypted at host layer.
Eight-role permission model
SponsorAdmin · SiteInvestigator · StudyCoordinator · Patient · Physician · Reviewer · Auditor · BeaconCR-Admin.
Versioned consent
Each participant’s consent record points to the exact text and date they accepted.
Auditable everywhere
Every record action is timestamped with actor identity. Audit trails travel with the record.
BAA on request
Standard Business Associate Agreement covers Privacy Rule + Security Rule obligations.
HIPAA-aware, transparent
We say "HIPAA-aware" and "HIPAA-aligned," not "HIPAA-certified." Formal certification is a roadmap item we will publish when complete.
If you are a covered entity considering BeaconCR for PHI processing on your behalf, request a current BAA at /contact.
Start a Study Workspace