Currently published
Public pages explain that institutions need partner/security/legal review before live workflows.
The checklist separates agreement, privacy, retention, subprocessor, hosting, access, API, and incident-response topics.
Back to Trust Center
Trust evidence
Institution go-live checklist
Give care teams a clear checklist before any live institutional workflow is approved.
Evidence status
Published summary
Institution use requires review before live workflows. This checklist is a planning aid and does not claim that an agreement, approval, or launch gate is already complete.
Last updated: 2026-06-14
Available during partner/security review
Partner/security/legal review package for the proposed workflow.
Institution-specific operating checklist with named owners, if applicable.
Endpoint, webhook, retention, and access-control review notes, if applicable.
Not yet published
Signed institution agreement.
Public institution approval evidence.
Public production launch clearance package.
Institution checklist
Before live institutional use, these items need review.
This checklist is a planning aid. It does not claim that an agreement, partner approval, legal review, or launch gate has already been completed.
Partner/security/legal review
Signed agreement, if applicable
DPA/BAA or equivalent review, if applicable
Retention schedule
Subprocessor review
Hosting/region review
Access control review
Webhook/API owner
Callback acknowledgement plan
Incident response contact
Production endpoint approval
No live PHI until approved
Review boundary
Evidence review is separate from launch clearance.
Uploading records, preparing records, patient confirmation, and external sharing remain separate steps. Institution workflows require partner/security/legal review before live use.