Security & Data Architecture
Retention Health is designed as lightweight retention infrastructure for subscription-based healthcare programs.
Security and operational simplicity are core design principles.
Data Scope
Retention Health is built to minimize stored data.
The platform:
- • Does not replace clinical systems
- • Does not provide medical decision-making
- • Does not require EMR integration (MVP)
- • Stores only operational retention-related usage data
Behavioral nutrition inputs are used solely to generate adaptive recommendations within the platform.
Infrastructure
Retention Health is hosted on Cloudflare's global edge network.
Core infrastructure includes:
- • Cloudflare Workers (serverless execution)
- • Cloudflare Pages (static frontend hosting)
- • Encrypted HTTPS connections
- • Multi-tenant logical separation between clinics
- • Role-based access controls
All traffic is encrypted in transit using TLS.
Data Isolation
Each clinic operates within a logically separated tenant environment.
Configuration, branding, and usage data are isolated at the application layer to prevent cross-tenant access.
Access Controls
Access to clinic-level dashboards is restricted via secure authentication.
Administrative access is limited to authorized personnel.
Compliance Positioning
Retention Health provides behavioral nutrition support tools.
It does not:
- • Replace medical advice
- • Modify prescribed medication protocols
- • Serve as a clinical decision engine
Programs are responsible for maintaining clinical oversight of patient care.
Security Contact
For security-related inquiries: security@retentionhealth.com
Ongoing Improvements
Security architecture is continuously reviewed as the platform scales.
As integrations expand, additional compliance measures may be implemented in alignment with program needs.