Security
ProvenanceRx is designed for compliance-first operations: clear accountability, controlled access, and inspection-ready records.
Tenant Isolation
Designed to keep each organization’s data logically separated in a multi-tenant environment.
Role-Based Access
Least-privilege access patterns with roles aligned to real pharmacy workflows.
Auditability
Attribution-focused records to support internal review and external inspections.
Operational practices
- Minimal public surface area for the marketing site (static by default).
- Bot protection on lead intake via Turnstile.
- Security contact published via
/.well-known/security.txt. - Standard security headers enforced (CSP, HSTS, clickjacking protection).
Report a security issue
Email [email protected]. If you’re unsure, you can also contact [email protected].