Security & Compliance

Enterprise-grade, from the database up.

Security isn't a layer we added — it's how the data model is built. Row-Level Security guarantees isolation, and every approval and Copilot query is logged.

Request security docs

Row-Level Security

Data isolation enforced at the database layer, every table.

JWT auth

Access + refresh tokens, MFA-ready.

Lockout & history

Password history (no reuse), failed-login lockout.

Audit trails

Every approval & Copilot query, tenant-scoped.

PII masking

Sensitive customer / doctor names masked in answers.

Encrypted

At rest and in transit.

Session ledger

Device, IP and location on every session.

GDPR / DPDP

Data-residency options for compliance.

Why RLS matters

Isolation that can't be coded around

Most platforms enforce "who sees what" in application code — one missed check and data leaks across tenants or up the hierarchy. MiXie pushes the rule into the database itself via a per-session tenant context, so even the Copilot's generated queries are physically unable to return rows you shouldn't see.

Tenant context set per request
Hierarchy scoping on every report
Copilot SQL inherits the same policies

SET app.current_tenant_id = '…';
SELECT * FROM core.calls
-- RLS policy applied automatically
→ 128 rows (North region only)
→ 0 rows from other tenants ✓

Need our security & compliance pack?

We'll share architecture details, data-residency options and audit-trail samples under NDA.

Request the docs