Hope Consultation LLC uses a multi-tenant architecture where each laboratory's data is logically isolated. Every database query is scoped to the authenticated user's lab ID. Cross-lab data access is technically prevented at the API layer and tested automatically with each deployment.
All file downloads are served via presigned URLs with a 1-hour expiry. Direct S3 bucket access is not permitted. Before generating a presigned URL, the platform verifies that the requesting user is a member of the lab that owns the file. Unauthorized download attempts are logged and rejected.
Lab Directors and Quality Managers can export all compliance data at any time in CSV format. Available exports include: competency records, QC logs, PT events, CAPA cases, SOP lists, and inspection reports. Exports are logged in the audit trail.
Upon account termination, lab data is soft-deleted immediately (no longer accessible through the platform) and permanently deleted after 90 days. Audit logs are retained for 10 years per regulatory requirements. You may request expedited deletion by contacting support.
We use the following sub-processors to deliver the service:
| Provider | Purpose | Location |
|---|---|---|
| Cloud Database Provider | Relational data storage | United States |
| S3-Compatible Storage | File and document storage | United States |
| LLM API Provider | AI-assisted compliance analysis | United States |
Hope Consultation LLC's data practices are designed to support laboratories operating under CLIA, CAP, ISO 15189, and Joint Commission standards. The platform's audit trail, document control, and access management features are specifically designed to meet the documentation requirements of these accreditation bodies.
For data-related inquiries: [email protected]