Lunas policy

Security & Data Protection

How Lunas approaches health-data security, access control, auditability, storage, and operational safeguards.

Last updated: July 4, 2026

Security posture

Lunas uses authenticated API routes, server-side plan and ownership checks, signed file access, content validation, audit logs, and rate limits for sensitive actions.

The product is designed to minimize structured PII in health records where possible. Account data, clinical free text, timeline notes, and uploaded files are treated as sensitive data.

Storage and access

Files are stored outside the app database and served through ownership-checked access paths. Production storage uses private object storage with short-lived signed access.

Deleted, quarantined, or unauthorized records are excluded from reads, search, RAG retrieval, and sharing surfaces.

Audit and review

Security-sensitive actions are designed to be audit logged with IDs, statuses, and versions, not prompts, file text, model outputs, or medical values.

Training data requires consent, de-identification, and human approval before use in a model-improvement dataset.

Compliance direction

Lunas is being built toward HIPAA-ready workflows, business-associate support for regulated customers, SOC 2-style controls, data retention rules, and clear user rights. Formal compliance status must be validated before marketing regulated claims.

Direct-to-consumer personal health record features and regulated Clinic/Lab deployments can trigger different legal obligations, including breach-notification rules. Lunas reviews these obligations before expanding regulated use.

Report security concerns to support@lunas.one.