Trust Center
Security answers in seconds, not a six-week questionnaire.
Northwind Health is HIPAA-ready patient engagement for modern clinics. Ask our trust center anything about our security posture and get an answer grounded in our actual documentation, with citations.
Skip the spreadsheet
Ask, don't email a 200-row questionnaire.
Most vendors hand you a stale PDF and a spreadsheet to fill out. Ours answers in real time from the same documents our auditors see, and tells you plainly when something isn't covered.
Northwind Health · Trust Assistant
What would you like to know?
Answered from Northwind Health's published security & compliance documents, with citations. If it's not in our evidence, the assistant says so.
Answerable from the evidence
Try one it should refuse
Answers take ~2-8 seconds (grounded retrieval + a 70B model). Citations show the exact evidence used.
Certifications & frameworks
SOC 2 Type II
Audited annually across Security, Availability, and Confidentiality.
ISO/IEC 27001
Certified information security management system (ISMS).
HIPAA + BAA
HIPAA-aligned controls; Business Associate Agreement available.
GDPR
EU data protection with DPA, SCCs, and regional residency options.
Subprocessors & data residency
| Subprocessor | Purpose | Region |
|---|---|---|
| Amazon Web Services | Cloud hosting, EU residency plan | eu-west-1 · Dublin, Ireland |
| Amazon Web Services | Cloud hosting, US plan | us-east-1 · N. Virginia, USA |
| Twilio | Appointment & care notifications | United States |
| Postmark | Transactional email | United States |
EU-plan customer data is stored and processed in AWS eu-west-1 (Dublin). Ask the assistant above to confirm.
Request documentation
Auditable reports for your security review, available under NDA.