Flowxa — Security & Data Protection

01 · How the system is built

Architecture overview

Every patient message flows through a defined path. Every step is encrypted in transit, every store is encrypted at rest, every credential is held in a secrets vault — never in code. No data is ever shared with advertisers, brokers, or any third party.

Patient phone (WhatsApp) │ TLS 1.3 ▼ Meta WhatsApp Cloud API ─── encrypted at rest, end-to-end on patient's device │ TLS 1.3 ▼ Cloudflare Worker (clinic webhook) ─── TLS terminated; signature-verified Meta payload │ TLS 1.3 ▼ n8n Cloud (this clinic's workflows) ─── credentials encrypted; SOC 2 host │ ┌─── Anthropic Claude API (no-training mode) ─── TLS 1.3 │ ├─── OpenAI gpt-4o-mini API (no-training opt-out) ─── TLS 1.3 │ └─── Cal.com booking API ─── TLS 1.3, SOC 2 vendor ▼ Airtable base (this clinic only) ─── AES-256 at rest, SOC 2 Type II │ ▼ Flowxa dashboard ─── magic-link auth, role-scoped reads/writes, audit-logged

02 · Where your data lives

Data layer

Patient records — Airtable

Each clinic's data isolated in its own base

✓Per-clinic Airtable base — no cross-clinic data sharing.

✓SOC 2 Type II certified host (Airtable).

✓AES-256 encryption at rest, TLS 1.3 in transit.

✓Access tokens scoped to read/write specific bases only.

✓Records exported on request within 7 days; deleted within 30 days of contract termination.

Conversations — n8n + Airtable

WhatsApp threads logged for audit + dashboard

✓Inbound + outbound messages stored in clinic's Airtable base.

✓n8n workflow secrets (Meta tokens, Cal.com keys) stored in n8n credential vault — never in code.

✓Webhook payloads signature-verified via Meta's X-Hub-Signature-256 header.

✓Conversation history retained 90 days by default — extendable per clinic policy.

03 · How the AI is secured

AI layer

Patient messages are sent to language model APIs to generate replies. We chose vendors specifically for their data-handling guarantees, and we configure each call to ensure your patients' data is never used to train any model.

Anthropic (Claude)

no training

✓API calls under Anthropic's commercial terms — inputs are NOT used to train models.

✓SOC 2 Type II + ISO 27001 certified.

✓30-day API log retention by Anthropic for trust & safety only — not training.

✓Used for high-stakes triage (red flags, sensitive topics) where reasoning quality matters.

OpenAI (gpt-4o-mini)

no training

✓API tier opt-out: data is NOT used to train models (default for API since 2023).

✓SOC 2 Type II certified.

✓30-day retention for abuse monitoring — Zero Retention available on request.

✓Used for routine replies (booking, FAQ, scheduling) — fast and cheap.

Prompt isolation

Each clinic's AI receives a system prompt scoped to that clinic only — including the clinic name, services, doctors, and red-flag rules. The AI does not have access to other clinics' patients, brains, or data. Even if a patient asks "tell me about another clinic", the AI cannot retrieve that information because it does not exist in its context.

04 · How patient messages travel

Channel layer

Meta Cloud API — official integration

✓End-to-end encryption between patient's device and Meta's servers.

✓Server-to-server TLS 1.3 between Meta → Cloudflare Worker → n8n.

✓Webhook signature verification (HMAC-SHA256) — rejects spoofed payloads.

✓System User permanent token (non-expiring, scoped to whatsapp_business_messaging + whatsapp_business_management only).

Voice (where deployed)

Vapi.ai (demo) → TEN framework (production)

✓Voice calls transcoded over SRTP (encrypted RTP).

✓Transcripts stored only in clinic's own Airtable base.

✓Production deployments use TEN (open-source, self-hostable) — no third-party voice processor retains audio.

05 · Who can access the dashboard

Authentication & access control

Magic-link sign-in

✓No passwords — eliminates credential reuse + phishing risk on weak passwords.

✓Single-use tokens, expire in 15 minutes, invalidated after use.

✓Sessions expire after 12 hours of inactivity.

✓Email-bound — only the clinic-approved email gets a link.

Role-based scoping

✓Six roles: Owner, Senior Doctor, Doctor, Read-Only Doctor, Reception Head, Reception.

✓Doctors see only their own patients — never colleagues' caseloads.

✓Reception sees the full inbox but no revenue figures.

✓Server-side enforcement at the n8n endpoint level — clients cannot bypass via UI manipulation.

✓Read-Only Doctor can suggest replies but cannot send — enforced server-side.

06 · What gets logged

Audit trail

Every action by the AI, by your staff, and by the system itself is recorded in the Automation Log table of your clinic's Airtable base. This means your operations team has a complete forensic record of:

✓Every AI reply sent (with the model used, timestamp, and confidence)

✓Every booking made or cancelled

✓Every staff message takeover

✓Every payment confirmation

✓Every red-flag escalation routed to ER

✓Every dashboard login (user, role, timestamp, IP)

✓Every credential rotation

✓Every workflow error (full stack trace, redacted of secrets)

07 · Regulatory posture

Compliance

Kenya Data Protection Act 2019

aligned

✓Lawful basis for processing: contract performance + legitimate clinical interest + patient consent (recorded in WhatsApp opt-in).

✓Data minimisation: we collect only what's needed for booking + clinical communication. No marketing data.

✓Right of access, rectification, erasure: each clinic can export, edit, or delete any patient's data on 7-day SLA.

✓Data subject notification: patients receive a privacy statement on first interaction with the AI.

✓Breach notification: 72-hour internal disclosure to clinic + Office of the Data Protection Commissioner where required.

✓Cross-border transfers: subprocessors (Anthropic, OpenAI, Meta) provide data transfer safeguards under their respective frameworks.

GDPR-aware design

aligned

✓Patient rights: access, portability, erasure, objection, restriction.

✓Privacy by design: all processing has a clear purpose, retention period, and legal basis.

✓DPA available on request — clinic can sign Data Processing Agreement before go-live.

HIPAA-aligned (US-style)

aligned, not certified

✓Access controls, audit trails, encryption — meeting HIPAA Security Rule technical safeguards.

✓Subprocessors offer BAA where applicable (Anthropic, OpenAI on Enterprise tiers).

✓Note: HIPAA is a US framework. Useful as a design baseline; full HIPAA certification offered for US-deploying clinics on Enterprise tier.

08 · What we don't do

No surprises, no fine print

✕We do NOT sell or share your patient data with any third party.

✕We do NOT train AI models on your patients' messages.

✕We do NOT use patient data for advertising or marketing.

✕We do NOT mix your clinic's data with another clinic's.

✕We do NOT retain data after your contract ends (deleted within 30 days).

✕We do NOT bypass clinical decisions — we triage and route, doctors decide.

✕We do NOT process payments through our own infrastructure (M-Pesa Daraja goes direct clinic ↔ Safaricom).

✕We do NOT track patient behaviour for any non-clinical purpose.

09 · If something goes wrong

Incident response

Detection

Automated monitoring alerts the Flowxa engineering team within minutes of any workflow failure, credential leak, anomalous access pattern, or downstream API outage.

Disclosure

Confirmed security incidents affecting patient data are disclosed to the affected clinic within 4 hours of confirmation, including scope, timeline, and remediation steps. Public-disclosure incidents (data breach affecting >100 patients) are reported to Kenya's Office of the Data Protection Commissioner within 72 hours as required by law.

Recovery

All credentials are rotatable in <5 minutes. Compromised tokens revoked immediately. Affected workflows can be paused without disrupting routine care. Backup of clinic Airtable bases nightly, recoverable within 1 hour.

Post-mortem

Every incident receives a written post-mortem shared with the clinic, covering root cause, timeline, customer impact, and prevention measures.

10 · Vendors that touch your data

Subprocessors

Flowxa relies on these vetted vendors for parts of the system. We list them transparently — no hidden third parties.

Vendor	Purpose	Data accessed	Compliance
Meta (WhatsApp Cloud API)	Patient messaging	Patient phone, message content	SOC 2, GDPR
Anthropic	AI replies (high-stakes)	Message text + clinic context	SOC 2 II, ISO 27001
OpenAI	AI replies (routine)	Message text + clinic context	SOC 2 II
Airtable	Clinic database	All clinic records	SOC 2 II, GDPR
n8n Cloud	Workflow orchestration	Pipeline-internal	SOC 2, GDPR
Cal.com	Appointment booking	Booking metadata	SOC 2 II
Cloudflare	Webhook proxy + DDoS	Encrypted transit only	SOC 2 II, ISO 27001
Africa's Talking	SMS fallback (KE)	Phone + message text	DPA Kenya
Safaricom Daraja	M-Pesa payments (KE)	Phone, amount, transaction ID	PCI-DSS, DPA Kenya

11 · What's still maturing

Honest roadmap

We believe transparency builds trust. Here's what's already in place vs. what we're investing in next:

live now

TLS 1.3, AES-256, signed webhooks
Per-clinic data isolation
No-training mode on AI APIs
Permanent system-user tokens
Full audit log per clinic
Subprocessor disclosure

in build

Server-side role enforcement on all 30+ endpoints
Magic-link auth (replacing demo-mode)
Conversation-lock concurrency control
Penetration test (Q3 2026)
Formal DPIA + privacy notice templates
SOC 2 Type I attestation (target Q4 2026)

Ready to dig deeper?

We're happy to walk through the architecture in detail with your IT lead, sign a Data Processing Agreement before go-live, and answer any technical or regulatory question your team has.

Request DPA + technical brief →

Patient data is sacred.