Defense in depth
Caregiving is an inherently access-controlled domain, so we built security into the data model itself. Permissions are enforced at multiple layers — the edge, the application, and the database — so a single bug can't expose data a person shouldn't see.
Encryption everywhere
Data is encrypted in transit (TLS) and at rest.
Row-level security
Role-based access is enforced in the database, not just the UI.
Append-only audit log
Every sensitive read or change is recorded and immutable.
Least privilege
Each role sees only the slice of the record it needs.
Resilient data
Managed Postgres with automated, encrypted backups.
Secrets stay server-side
Credentials live in environment config — never in the client.
Enforced at the database
Row-level security means a hired aide physically cannot read a family's financial documents, and safety-critical actions like “give a medication” commit as a single atomic transaction — logging the event, decrementing supply, and writing the timeline entry together, or not at all.
Responsible disclosure
Found a vulnerability? We appreciate your help. Email security@kintwadi.app and we'll respond promptly.
This page is illustrative content for a hackathon demo — not legal advice.