Security & Authorization
Enterprise-Grade Data Security
Protect your healthcare data with 3-layer tenant isolation, 100+ permission codes, AES-256 encryption and GDPR-compliant consent management.
7 Rol Şablonu
100+ Yetki
Audit Log
7 roles, 100+ permissions
3-layer isolation
AES-256 encryption
GDPR compliant
01
Role-Based Access Control (RBAC)
Precisely determine each user's access scope with 7 predefined roles (SuperAdmin, TenantAdmin, Doctor, Secretary, Call Center, Nurse, Accountant) and 100+ permission codes.
- 7 predefined global roles
- 100+ granular permission codes
- Clinic and branch-based access control
- Dynamic permission assignment and revocation
02
3-Layer Tenant Isolation
Zero data leakage guarantee in multi-tenant environment with PostgreSQL Row-Level Security (RLS), EF Core Connection Interceptor and Middleware layers.
- PostgreSQL RLS Policy (database layer)
- EF Core Tenant Connection Interceptor
- JWT-based TenantContext Middleware
- Cross-tenant access completely blocked
03
Encryption & Consent Management
Sensitive data protected with AES-GCM 256-bit encryption. Record patient consents with GDPR-compliant consent management, support withdrawal rights. All operations logged to audit trail.
- AES-GCM 256-bit data encryption
- HashiCorp Vault key management
- GDPR consent recording and withdrawal
- Complete audit trail