Security
Security controls, compliance posture, and trust practices at Wellness Hub
Platform security baseline
Wellness Hub is designed with layered controls across identity, transport, application, and data planes.
- Encryption in transit (TLS 1.2+) and at rest with managed key rotation.
- Role-based access control with audit-ready access logs.
- Default-deny network controls and environment isolation.
- Continuous vulnerability scanning and dependency hygiene workflows.
Compliance
SOC 2 controls mapped to operational runbooks and evidence collection.
Monitoring
24/7 alerting for latency, availability, and suspicious traffic patterns.
Incident Response
Documented on-call escalation paths and post-incident review process.
Data Governance
Retention controls, lifecycle policies, and regional data boundaries.