Skip to main content

Security first design

Psodo is early-stage and not yet independently audited, but we've built the foundations (like authentication and access boundaries) from day one, and we're tightening security as we move into pilots.

Our secure approach

Psodo was built with security as a core principle from day one.

Pilot build

Early release focused on real-world feedback, rapid iteration, and solid fundamentals.

Authentication

Sign-in is required, we don't leave sensitive workflows open by default.

Access boundaries

We're building least-privilege access so the right people see the right data.

Local-first approach

Designed to support local or controlled deployments where data stays in your environment.

Security roadmap

Audits, formal policies, and deeper controls are planned as we scale beyond beta.

Responsible disclosure

We welcome vulnerability reports and act quickly on issues.

Security Features

Built-in security at every layer of our platform.

Authentication required

Access to Psodo is gated behind sign-in. We start with the basics: protect entry points, protect workflows.

Least-privilege access (in progress)

We're building role-based access so practices can control who can view, create, and edit sensitive content.

Secure-by-default settings

We aim for conservative defaults: minimal exposure, sensible timeouts, and safer handling of sensitive data.

Data control

Psodo is designed for controlled environments, including local deployments, so clinics can keep data where it belongs.

Start to finish encryption

All data is encrypted at rest and in transit. We use industry-standard encryption protocols and key management practices.

Incident response mindset

We're establishing clear internal processes for triage, fixes, and communication as we move into pilots.

Security FAQ

Common questions about our security practices.

Are you certified?
Not yet. Psodo is in alpha, so we're focused on building the right foundations first. Formal audits and certifications are on our roadmap as we move beyond pilots.
Do you have authentication?
Yes, Psodo requires sign-in. We're also building stronger access boundaries (like role-based access) as we onboard pilot partners.
Where does the data live?
Our direction is controlled deployments, including local/on-prem and cloud based options, so practices can keep sensitive data within their own environment. Details depend on your rollout setup.
Do you use our data to train models?
No. Pilot data is used only to provide the service and improve the product experience with your feedback, not to train public models.
How do you handle security issues?
If you report a vulnerability, we triage quickly, prioritise fixes, and communicate clearly with affected pilot partners.
Can we review your security approach before piloting?
Yes, we'll walk you through our current controls, what's in progress, and the roadmap for pilots and production.

Need more information?

Our security team is happy to discuss your specific requirements and provide additional documentation.

Contact Security Team