Privacy is not a feature. It's a property of the system.
LumkoMDX is architecturally aligned with the world's leading healthcare data frameworks — POPIA, HIPAA, GDPR, ISO 27001 / 27799. Below, the structural guarantees you can audit.
Architecturally aligned — formal certification on the roadmap as the platform reaches first-pilot maturity.
Three absolutes
The structural guarantees.
Data never moves.
Records stay in the source institution. Federated queries route compute to data, never the other way around.
Identity dissolves at source.
Cryptographic pseudonymisation happens before any data is touched. The federation layer never sees identifiers.
Every action is signed.
Cryptographic audit trail covers every query, every result, every export. The log is yours; we never have copies.
Frameworks
Built to the standards that matter.
We have not yet completed external certification audits. The architecture is designed to satisfy these frameworks structurally — so when we audit, the controls are already in place.
Protection of Personal Information Act
South Africa · Section 14 enforced through pseudonymisation at source.
Architecturally alignedHealth Insurance Portability & Accountability Act
USA · Privacy and Security Rule alignment for cross-border partnerships.
Architecturally alignedGeneral Data Protection Regulation
EU · Article 32 satisfied by architecture; data minimisation by default.
Architecturally alignedISO 27001 / 27799
Information security management framework. Healthcare-specific controls mapped.
Architecturally alignedSOC 2 Type II
Security, availability, confidentiality controls in place; formal audit on roadmap.
On roadmapHL7 FHIR R5
Native conformance. No proprietary schemas, no vendor lock-in.
NativeArchitecture
Four layers. Zero exposure.
Source layer
Your EMR, your servers, your control. The federation node sits inside your perimeter.
Pseudonymisation layer
Identifiers replaced with cryptographic tokens before any query touches the data. Reversible only by you.
Federation layer
Queries fan out to source nodes; only aggregated results return. The orchestrator sees no PHI, ever.
Audit layer
Every operation cryptographically signed and logged to your immutable store. Independently verifiable.
Documentation
Whitepapers & technical documents.
Document drafts in progress. The links below are placeholders — finalised PDFs will be published as each is completed and reviewed by counsel.
Audit-ready. Out of the box.
Walk through our architecture with our compliance team. No forms, no friction.