Put clinical AI agents to work on ePHI and orders. Proof, a clinician's consent, and an audit trail on each.
Every agent gets a cryptographic identity. Every order or record it touches gets a clinician's consent at the moment of action, written to a tamper-evident record. The same proof covers your clinicians and help desk, on the Okta, Entra, or Ping you run.
One stolen password froze the nation's medical claims for months.
We make stolen credentials worthless.
This is the mechanism, not anyone's screen. A stolen credential hits a portal with the second factor off and walks into everything behind it. Origin-bound proof is welded to one device and one origin, so a stolen copy has nowhere to go.
At the doorWeb
Origin-bound proof. A stolen password and an attacker-in-the-middle proxy have nothing to replay.
Behind itMachine
Per-call signed identity on the integration accounts. No standing secret sits on the server to steal.
The breach this reconstructs (one portal, no MFA, a third of the country's claims down for months) is cited in the evidence rail, not drawn here.
An authenticated agent can still place the wrong order.
So a clinician signs, and the record is sealed.
A valid credential gets an agent in the door. It says nothing about whether the order is safe to place. So every consequential action takes a clinician's consent, bound to that order, and lands in a tamper-evident record. The EPCS-grade signing your prescribers already use.
Actions·The consent
A clinician approves the action at the moment of signing, bound to that exact order. EPCS-grade, a human in the loop.
Actions·The record
Every order and approval is signed into a tamper-evident record an auditor can verify, without taking our word.
The deepfake call is becoming the way in.
We answer with proof a clone can't fake.
A cloned-voice call to the help desk is already a documented healthcare attack. Gartner projects deepfakes will drive 40 percent of all social engineering by 2028. The knowledge questions and voiceprints that gate access today were built for a world without them.
Walk the attacker's path.
We close every step.
The red-team view, not a scare story. Three steps, the way the real ones run, and the surface that closes each.
- 01
A stolen credential meets a portal with no phishing-resistant MFA. [1]
InterceptWebOrigin-bound FIDO2/WebAuthn. The proof is welded to the real device and origin, so a stolen password has nothing to replay.
- 02
A call to the IT help desk. A cloned voice. A password reset, and a redirected provider payment. [2]
InterceptPeopleCryptographic person-to-person proofing, not knowledge questions an attacker already bought. The caller proves who they are, or they don't get in.
- 03
A long-lived credential on an HL7/FHIR engine or a revenue-cycle bot, stolen and replayed. [4]
InterceptMachine/Bot/AgentPer-call signed identity (RFC 7523). The private key never leaves the caller and the assertion expires fast, so there's no standing secret to steal.
The next credential that freezes the sector won't belong to a person.
A clinician will bypass anything that adds a step.
So we removed one.
A CMIO will block anything that adds a tap between a nurse and a patient, and should. So we didn't add one. We removed the password instead.
07:14 . shared nursing-station workstation
One tap, not a shared password on a sticky note.
One tap authenticates the clinician at a workstation a dozen people share, aligned to NIST SP 800-63-4 AAL3. Nothing to type, nothing to clone.
07:41 . controlled-substance order
Sign it, phishing-resistant.
The signature is bound to the prescriber, two-factor at the moment of signing, designed for EPCS-grade workflows. No token to fish out of a coat pocket.[5]
Designed for the EPCS-grade signing workflow your prescribers already use.
Every surface a clinician, a caller, or a service touches.
One rail under all of them.
Web and Frontline carry the healthcare story, so they lead. The other six aren't a feature list. They're the rest of the attack surface, covered.
Remote access and patient portals. Origin-bound.
Shared clinical workstations. One tap, no shared password.
Help-desk proofing. A cloned voice can't reset a credential.
Revenue-cycle automation. Ephemeral tokens, full attribution.
HL7/FHIR engines. Every call signed.
Clinical and scheduling agents. Scoped and revocable.
Containerized workloads. Bound to where they run.
Patient verification without the data an attacker already has.
Regulators are mandating proof, not passwords.
We were built for it.
HIPAA's proposed rule makes MFA mandatory for ePHI. DEA already requires phishing-resistant signing for controlled substances. We cover the hard ones, and what comes next.
HIPAA . Security Rule NPRM
HHS has proposed making MFA required, not addressable, for ePHI systems, alongside mandatory encryption. Still proposed, not final.
Phishing-resistant auth across every access point, aligned to NIST SP 800-63-4 AAL3. The encryption half is a separate control we sit alongside.
DEA . EPCS
Two-factor at the moment a prescriber signs a controlled-substance order, with an auditable record. A signing event, not a session login.
Phishing-resistant signing built for EPCS-grade workflows, with the auditable record the rule wants.
42 CFR . Part 2
Governs access to substance-use-disorder records, and now carries breach-notification weight.
Cryptographic proof of who authenticated, on which device, against which verifier. The trail an audit asks for.
The breaches and the rules are escalating together.
Every breach here pulled the next rule tighter. Two years of it, and what we cover against each.
- May 2024Incident
Stolen credentials hit a remote-access portal with no MFA, then ransomware took a third of U.S. medical claims down for months.
Origin-bound phishing-resistant proofCybersecurity Dive, on the CEO's U.S. Senate testimony - 2024Incident
Attackers called hospital IT help desks with AI-cloned voices to reset credentials and divert provider payments.
Cryptographic caller proofingHHS HC3 sector alert, reported by Healthcare IT News - Published Jan 6, 2025Regulation
HHS proposed making MFA mandatory, not optional, for every system that touches ePHI.
Phishing-resistant MFA, AAL3Federal Register, HIPAA Security Rule NPRM - 21 CFR 1311 Subpart CRegulation
DEA requires two-factor at the moment a prescriber signs a controlled-substance order, with an auditable record.
Additional sources
- GartnerSep 2025Estimate
Gartner projects that by 2028, 40 percent of social engineering attacks will use deepfake audio and video, targeting executives and the broader workforce on voice and video calls.
Gartner - The Hacker News (citing Rubrik Zero Labs 45:1 and Entro Labs 144:1)2025-2026Estimate
Non-human identities (service accounts, API keys, tokens, workloads) outnumber humans by a wide margin, with reported ratios from about 45:1 to 144:1.
The Hacker News (citing Rubrik Zero Labs 45:1 and Entro Labs 144:1) - HHS Office for Civil Rights breach portal2024
HHS Office for Civil Rights logs every healthcare breach of 500 or more records. 2024 set a record for individuals affected, driven largely by a single clearinghouse breach.
HHS Office for Civil Rights breach portal
We make every identity in your stack provable.
A skeptical CISO has heard the pitch. Here is exactly how we slot in.
- 01
We prove who's at the keyboard. Your ePHI encryption protects the data at rest, and we sit alongside it.
- 02
We sign controlled-substance orders to EPCS-grade workflows, two-factor at the moment of signing.
- 03
Some legacy systems need a gateway in front to take a modern authenticator. We map that with you up front.
- 04
We federate into your Okta, Entra, or Ping and make every identity on them cryptographic.
Find the open door before an attacker does.
Book a 30-minute technical review.
Bring your remote-access topology, your help-desk reset flow, and your EHR and integration inventory. We'll show you exactly what we cover, and where you still need it.