Healthcare & Pharma

Your patient data never touches third-party JavaScript

Every vendor tag on a healthcare website has DOM access to the entire page — including patient portals, appointment forms, and condition-specific browsing data. Datafly Signal replaces all vendor JavaScript with a single first-party collector and delivers data server-side from your own infrastructure.

Zero

Vendor JS on page

No third-party scripts with DOM access to patient-facing pages

VPC

Your infrastructure

Single-tenant deployment in your cloud account

4 modes

PII handling

Hash, mask, strip, or pseudonymise — per field, per vendor

100%

Audit coverage

Every data access, every change, every delivery — logged

Why client-side tags are a compliance risk

Healthcare organisations face unique regulatory pressure. Third-party vendor tags create risks that no amount of consent management can fully mitigate.

DOM access to patient data

Every vendor JavaScript tag has full DOM access. On a healthcare site, that means potential exposure to appointment details, condition searches, prescription information, and portal credentials.

Data residency requirements

HIPAA, GDPR, and national health data regulations require strict control over where patient data is processed and stored. Multi-tenant vendor platforms cannot guarantee data isolation.

Audit trail requirements

Healthcare compliance demands a complete audit trail of every data access and transmission. Client-side tags send data directly to vendor servers with no visibility or control.

Deploy in your VPC. Control everything.

Datafly Signal deploys as a single-tenant cluster in your own cloud account. Patient data never leaves your infrastructure until you explicitly deliver it — hashed, masked, or stripped — to an approved destination.

Single-tenant VPC

Deploy on GCP, AWS, or Azure via Helm charts. Kubernetes or Docker Compose. Your cloud account, your network, your encryption keys. Datafly has zero access.

  • Customer-hosted Kubernetes or managed service
  • Data never leaves your VPC until you approve delivery
  • Full network isolation per deployment

Automatic PII protection

Four PII handling modes applied per field, per vendor — before any data leaves your infrastructure. No manual configuration per destination.

  • SHA-256 hash — for matching without exposing data
  • Mask — partial redaction for operational visibility
  • Strip — complete removal before delivery
  • Pseudonymise — reversible tokenisation for research

Complete audit trail

Every configuration change, every data delivery, every user access — logged with before/after diffs, timestamps, and user attribution. Immutable and exportable.

  • Before/after diffs for every change
  • User attribution with IP and timestamp
  • Exportable for compliance review
Pipeline as Code

PII handling built into every pipeline

Patient email is SHA-256 hashed for ad platform matching, phone is hashed, name is completely stripped, and IP is masked — all automatically before any data leaves your infrastructure. Consent is enforced at both collection and delivery time.

  • Per-field PII rules applied before vendor delivery
  • Double consent enforcement (client + server)
  • No patient names ever leave your infrastructure
  • IP masking for analytics without geolocation exposure
pipeline/appointment-booked.ymlYAML
# Patient Journey Pipeline
event: appointment_booked
source: web

org_data_layer:
  schema:
    - field: properties.service_type
      type: string
      required: true
    - field: properties.location_id
      type: string
  pii:
    - field: context.traits.email
      action: sha256
    - field: context.traits.phone
      action: sha256
    - field: context.traits.name
      action: strip
    - field: context.ip
      action: mask
  consent:
    required: [analytics, marketing]

pipelines:
  - name: google_ads
    integration: google-ads-enhanced-conversions
    event_name: appointment_booked
    mapping:
      - source: context.traits.email_hash
        target: user_data.sha256_email_address
      - source: properties.service_type
        target: custom_variables.service_type

  - name: analytics
    integration: google-analytics-4
    event_name: generate_lead
    mapping:
      - source: properties.service_type
        target: params.item_category
      - source: properties.location_id
        target: params.location_id

Compliance by architecture, not by policy

Instead of relying on vendor promises about data handling, Signal gives you architectural guarantees — your data, your infrastructure, your encryption keys.

Regulatory frameworks supported

  • HIPAA — data never leaves your VPC
  • GDPR — full data residency control, DSAR support
  • CCPA — consent enforcement and data deletion
  • NHS Data Security & Protection Toolkit
  • ePrivacy Directive / PECR

Enterprise security

  • AES-256-GCM encryption at rest
  • TLS 1.3 encryption in transit
  • Envelope encryption with your cloud KMS
  • Zero-downtime key rotation
  • 5 RBAC roles with least-privilege design

Ready for HIPAA-ready server-side tracking?

Book a technical walkthrough with our engineering team. We'll show you the VPC deployment, PII handling pipeline, and audit capabilities — in your environment.

Request a DemoView Security