Medora logoMedora
Compliance

Compliance and interoperability

Medora is built on recognized healthcare standards and controls so your organization can adopt with confidence.

HIPAA

Medora operates as a HIPAA Business Associate, with safeguards aligned to the Privacy and Security Rules and Business Associate Agreements available to customers.

FHIR

Support for HL7 FHIR resources enables modern, standards-based interoperability with EHRs, HIEs, and third-party systems.

HL7

HL7 v2 messaging supports common clinical integrations such as ADT, ORM, and ORU for labs, imaging, and registration.

Planned

SOC 2

We are pursuing SOC 2 Type II attestation, building our controls and evidence around security, availability, and confidentiality.

ONC interoperability

Our roadmap aligns with ONC interoperability expectations, including standardized APIs and support for patient and provider data exchange.

Audit trails

Detailed, tamper-resistant audit logs capture access and changes to clinical and administrative records for accountability.

Role-based access

Granular, least-privilege role-based access controls ensure users only see the data and actions appropriate to their role.

Encryption

Encryption in transit (TLS 1.2+) and at rest (AES-256) protects data across the platform and its integrations.

Electronic signatures

Electronic signature workflows support attestation and sign-off on clinical documentation with attribution and timestamps.

For compliance documentation, Business Associate Agreements, or security reviews, contact security@medoras.com.

The next generation of enterprise healthcare software

See why leading emergency, urgent care, and hybrid organizations choose Medora.