Built for healthcare operations from day one.
If a platform is going to sit this close to clinic operations, it has to earn trust in the details.
How we protect your data
Security built into the architecture
HIPAA-Conscious Infrastructure
Built with healthcare compliance requirements from the architecture level. Encryption at rest and in transit. No PHI in logs. Minimum-necessary access patterns.
Audit Logging
Every significant action is recorded with full context. SHA-256 hash-chained audit events for tamper-evident history. Exportable for compliance review.
Role-Based Access Control
Fine-grained permissions tied to clinical and operational roles. BCBAs, RBTs, admins, and owners each see exactly what they need.
Data Protection
Clinical and operational data secured with AES-256 encryption. PHI tokenization layer. Parent portal access via time-limited, scope-restricted tokens.
Our commitment
HIPAA compliance as a foundation, not a feature.
LenzABA is designed to support HIPAA compliance across administrative, physical, and technical safeguards. We maintain a Business Associate Agreement (BAA) with every customer.
- BAA available for every customer
- SOC 2 in progress
- Regular penetration testing
- Incident response plan
Questions about security?
We are happy to walk through our security architecture, review the BAA, or answer compliance questions your legal or IT team may have.