Live status of every control we run.

Signed by every infrastructure provider. Customer BAA on Practice + Multi.

Vanta-managed. Targeted report Q3 2026. Type II to follow.

Every column carrying PHI is tagged in lib/types/database.ts and gated through lib/encryption.ts.

DOB, clinical notes, OAuth refresh tokens, OD customer keys. Per-business derivation.

Vercel + Supabase + Retell + Twilio + Anthropic. Strict-Transport-Security with preload.

Every tenant table enforces row-level security keyed on business_id.

Every Coach + voice tool call + admin action is append-only logged with diff. 7-year retention.

lib/encryption.ts redactPII() runs on every Sentry payload before it leaves the runtime.

Google Workspace + hardware key. Production access gated and audit-logged.

Supabase Auth · rate-limited 10/min per IP+email · scrubbed error messages.

Google Calendar OAuth state is signed (HMAC-SHA256, 10-min TTL) — prevents tenant takeover via state spoofing.

Targeted alongside Multi-Location GA.

GitHub secret scanning + push protection. Pre-commit checks block known token patterns.

Last: 2026-Q1. Next: 2026-Q4. Latest report under NDA on request.

Supabase Pro · 7-day point-in-time recovery · weekly Stripe export to S3.

Sentry with redactPII gate. No PHI ever reaches Sentry payloads.

Customers notified within 24 hours of any confirmed breach affecting their data.

RUNBOOK.md covers Retell outage, Stripe webhook delay, Inngest backlog, Coach hallucination, RLS misconfig.

status.cadenceagents.ai · external monitoring with public uptime — Q3 2026.