Microsoft Azure
Cloud compute, data, and storage substrate for all production workloads.
Data in scope. Hosts application compute (Azure Container Apps), application data (Azure PostgreSQL Flexible Server), binary clinical media (Azure Blob Storage), secrets (Azure Key Vault), and service-to-service messaging. This is where clinical data — including PHI — is processed and stored.
Terms. Contracted under Microsoft’s HIPAA Business Associate Agreement. Data is encrypted at rest (AES-256) and in transit (TLS 1.3); network isolation via private endpoints and VNet. Region selection is set per institutional deployment.