Bank-grade security

Your medical data, protected

We built MedInfo with security as the foundation, not an afterthought. Your sensitive medical information deserves the strongest protection available.

HIPAA Conscious

AES-256 Encryption

Zero Knowledge

Security Features

Multiple layers of protection

Every piece of your medical data is protected by industry-leading security measures.

AES-256 Encryption

Your medical data is encrypted at rest using the same standard trusted by banks and governments worldwide.

PIN-Based Access

A 6-digit PIN is required to decrypt and view your medical information. Without it, your data remains unreadable.

HIPAA Conscious

Our architecture is designed with HIPAA principles in mind, ensuring your health information is handled responsibly.

Zero Knowledge

We never store your PIN in plain text. It's cryptographically hashed, meaning even we can't access your data.

TLS 1.3 Transport

All data in transit is protected with the latest TLS encryption, preventing eavesdropping and tampering.

Audit Logging

Every access to your profile is logged. Review who accessed your data and when through your dashboard.

Under The Hood

How your data stays secure

Your medical information is encrypted using a key derived from your PIN. Without the PIN, your data is nothing but random characters.

1

You create your profile

Enter your medical information and choose a 6-digit PIN

2

We derive an encryption key

Your PIN is used with PBKDF2 to generate a unique encryption key

3

Your data is encrypted

AES-256 encrypts your medical information before storage

4

PIN required to decrypt

Only the correct PIN can regenerate the key to decrypt your data

Your Medical Data

PIN: ******

+

PBKDF2

AES-256 Key

3f8a2d...encrypted...9c4e1b

Without your PIN, this is meaningless random data

Privacy Principles

Your data belongs to you

We believe privacy is a fundamental right, not a feature to be sold.

You Control Your Data

Add, edit, or delete any information at any time. Export your complete profile or permanently delete your account with one click.

Minimal Collection

We only collect information necessary to provide the service. No location tracking, no usage analytics on your medical data.

No Data Sales

Your medical information is never sold, shared with advertisers, or used for any purpose other than emergency access.

Transparent Practices

Our privacy policy is written in plain English. We tell you exactly what we collect and how we use it.

FAQ

Common questions

Only someone with your physical QR code or NFC tag AND your 6-digit PIN can access your medical data. The PIN is required to decrypt the information.

Your data remains protected because the PIN is required for access. You can also log into your dashboard and deactivate the lost device immediately, rendering it unusable.

No. We never sell, share, or monetize your medical data. Our business model is based solely on product sales, not data exploitation.

You can permanently delete your account and all associated data from your dashboard settings. This action is immediate and irreversible.

Your encrypted data is stored on secure servers in the United States, protected by multiple layers of physical and digital security.

MedInfo is designed with HIPAA principles in mind, including encryption, access controls, and audit logging. While personal medical devices have different regulatory requirements than healthcare providers, we exceed industry standards for data protection.

Found a security issue?

We take security seriously. If you discover a vulnerability, please report it responsibly and we'll address it promptly.

security@medinfo.life