Secure Off-Platform Vault
for Protected Records.

Zero-trust data isolation for
medical, legal, and regulated environments.

Built and managed by e-dimensionz Inc.

Hero Image
1

Insecure
Platform

2

Secure
Gateway

3

Vault
Layer

4

Protected
Records

ICON Zero Trust Isolation
ICON Off-Platform Storage
ICON Compliance Ready
ICON Seamless Integration

The Problem:
Insecure Platforms Can't Protect Regulated Data

Most CMSs were built for marketing pages, not PHI or client records. That creates a few weak spots:

  • Sensitive records live in the same database as the website, so one CMS bug or bad plugin can expose everything.
  • Shared logins and vendor access (agencies, freelancers, IT) mean people who just fix the site can also see protected data.
  • Plugins, embeds, and tracking scripts quietly move data through third-party code you don’t control.
  • Backups and exports (CSV, SQL dumps, staging copies) leave regulated data scattered across laptops, cloud drives, and old servers.
Blockchain

DID YOU KNOW?:

The Protected Records Vault Layer

The Protected Records Vault Layer keeps sensitive data off public platforms and into an isolated, encrypted store. Every access is brokered through strict policies so breaches in your CMS don’t expose regulated records.

Off-Platform
Vault Storage

Store PHI and client records in an isolated vault, not your public CMS.

Zero-Trust
Access Controls

Every request is checked in real time before access is granted.

Immutable
Audit Logging

Tamper-evident logs capture who accessed what, when, and where.

Encrypted
Transport & Keys

E2E encryption protects data in transit, with key management.

Isolation from
CMS/Hosting

Compromised plugins can’t directly reach the protected records layer.

Policy
Enforcement Engine

Central policies enforce retention, sharing, and export rules.

How TrustBoundary Compares

A quick view of how we differ from keeping records in your CMS and using generic forms / storage tools.

Feature LockerRX Paubox Forms TrueVault
Primary focus Vault + gateway beside your existing CMS/portal. HIPAA online forms + secure submissions. HIPAA-grade backend data store for apps.
Where data lives Encrypted vault, separate from your CMS database. In Paubox’s hosted, encrypted environment. In TrueVault’s cloud PHI data store.
Zero-trust / isolation CMS never talks directly to the vault. Focus on secure forms, not CMS isolation. Access controlled at API / data-store level.
How it connects Your current forms / portal point to the gateway. You embed / link Paubox-hosted forms. Your app talks to TrueVault via APIs.
Best for Organizations keeping their site but moving records out. Clinics needing compliant forms fast. Product teams building healthcare apps.

*High-level, non-exhaustive comparison based on publicly available information.

Designed for Highly Regulated Industries

Wherever regulated records touch public platforms, the vault sits between the risk and the data.

Healthcare Providers

Healthcare Providers

Patient portals, intake forms, and results without PHI living in your CMS.

Healthcare Providers

Legal Firms

Store case files and evidence in the vault while clients still use your existing portal.

Healthcare Providers

Financial Services

Protect statements, KYC documents, and audit trails from shared hosting.

Healthcare Providers

Municipal / Government

Isolate citizen records and permits from public-facing forms and portals.

1

Technical Assessment

We review your current stack, data flows, and regulatory requirements.

2

Architecture Plan

Design the zero-trust vault layer, access gateway & integration touchpoints.

3

Vault Environment Setup

Provision isolated vault storage, encryption keys, and baseline policies.

4

Secure Gateway Integration

Wire your CMS, portals, and forms into the gateway using SDKs and APIs.

5

Testing & Compliance Check

Exercise breach scenarios, validate audit logs, and align with compliance.

6

Ongoing Support

Monitoring and patching as your requirements evolve.

Anonymous Case Study:
Securing PHI on a Self-Hosted CMS

Before us: PHI on an Insecure platform

  • Self-hosted CMS on shared infrastructure, storing PHI in the same database as the website.
  • Plugins and custom code with direct database access and no enforced MFA for admins.
  • Files sitting on unencrypted disks and cloud buckets with inconsistent access policies.
  • No immutable audit trail; access logs were partial, editable, or spread across multiple systems.
  • PHI for Ontario patients sometimes ending up in non-Canadian regions, creating PHIPA and PIPEDA exposure.

After us: Vault-backed access from the same site

  • All medical and personal records moved into an off-platform vault hosted entirely in AWS.
  • The CMS is treated as untrusted – it never sees raw database queries, keys, or S3 buckets.
  • Every access is gated by AWS-only two-factor authentication and short-lived session tokens.
  • Structured data stored in identity-scoped DynamoDB partitions; files in encrypted, Canada-only S3.
  • Every read, write, and file action logged to an immutable audit stream for HIPAA/PHIPA/PIPEDA review.

The CMS became a simple relay; all real security, storage, and auditability moved into AWS.

Questions we hear a lot.

Your security and compliance teams will have questions.

Good.

We’re used to whiteboarding threat models, data flows, and edge cases.

Ready to move regulated records off your public platforms?

Let’s map your current architecture, identify high-risk data flows, and design a vault pattern that works with your systems.