FAQ: our products, TAP & compliance
What we build, how the products (Xanadu, Data Privacy, TAP) work, and how TAP pricing and onboarding work, plus deep-dive technical questions on FHIR, USCDI, and privacy engineering.
Questions buyers and engineering leads ask
about our products and TAP
About Your Data Health & our products
We are a health-data software company. We build three products: Xanadu, a patient-owned data platform and SDK; Data Privacy, privacy-rights software that keeps you ahead of changing law; and TAP, healthcare compliance QA in a box. The products run on Google Cloud, and the portfolio is protected by 8 patents pending.
A software company. Our flagship is the Xanadu platform and SDK, and TAP is automated testing software you run against an endpoint, not a bespoke hourly service. Optional guided onboarding is available for teams that want hands-on help acting on TAP's findings, but the software comes first.
Xanadu is a patient-owned health-data platform: an encrypted vault you control, a consent kill-switch, and an 80/20 payout when you choose to license de-identified data to research. Health apps build on it through the Xanadu SDK. Explore it at xanadu.yourdata.health.
Privacy-rights software that keeps you ahead of the law. It helps privacy counsel stay current as regulations change, gives consumers a privacy score they can act on, and turns DSAR (access, deletion, opt-out) into a repeatable, automated playbook, with tamper-evident receipts that stand up as evidence. In early access for businesses (B2B) and individuals (B2C). See the Data Privacy page or the privacy law library.
Yes, the products run on Google Cloud. We hold 8 patents pending across the privacy and data-trust portfolio, and the company is incorporated as Your Data Health, Inc. (Delaware).
Individuals who want to own and control their health data; researchers and health partners who build on the Xanadu SDK; privacy counsel, compliance teams, and privacy-conscious consumers who use Data Privacy to stay current and automate DSAR; and payers, providers, and EHR vendors who use TAP to meet HTI, USCDI, and CMS interoperability requirements.
Product FAQs
Looking for questions about a specific product? Each product has its own home. The TAP questions below are also collected on the Compliance site.
Getting started with TAP
TAP is our structured technical audit for health IT teams: we test interoperability and privacy-critical behavior, document evidence, and give you a prioritized remediation backlog plus re-scan verification after fixes (see our one-pager for the full deliverable list, HTI readiness scorecard, evidence packet, board-ready summary, etc.).
TAP produces technical diagnostics and evidence, not legal opinions. ONC certification decisions remain with ONC-ACBs.
Why two steps? Intake captures technical scope without tying it to a card or calendar. Assessment bundles checkout and booking so money and time live in one audited flow. Between them you may have a short intro or email thread, that is normal; you do not need “intake complete” before a conversation, but we need intake before we can quote a plan and confirm scope in writing.
Typical flow: share your endpoint via intake → we confirm the plan and scope in writing, usually within one business day → TAP runs and you get the scored report. Prefer to talk first? Book a Call.
Do I need intake before we talk? Reach out anytime if you already know you want to proceed. Intake is the structured artifact we need before fixed-fee quotes and audit scope; separate from optional discussion.
If you are still exploring requirements, skim Regulations for engineering context and Privacy Laws for jurisdictional overview, then come back to intake.
The TAP Starter audit is a one-time purchase; current pricing is on the TAP page. Exact scope and deliverables are confirmed in writing before the scan runs.
Need a shorter executive snapshot first? The one-pager is the best single artifact to share internally.
Certification & interoperability (HTI, USCDI, FHIR): start with Regulations (engineering context), then deep dives in Regulatory Hubs and the HTI-1 through HTI-4 & USCDI v3/v4 implementation guide.
Privacy statutes & frameworks: see Privacy Laws, US State Laws, and International Laws. MHMDA engineering protocols when Washington consumer health data applies.
Risk & cost context
A lot, and it compounds. Healthcare compliance enforcement is all public record: HHS OCR publishes every HIPAA settlement and every breach affecting 500+ individuals. CMS publishes information-blocking disincentive determinations. ONC-ACBs (Drummond, ICSA Labs, SLI Compliance) publish certification surveillance findings. State Attorneys General publish privacy enforcement actions (Washington MHMDA includes a private right of action).
Buyers, boards, and Series B leads all read these records, which is exactly why proving your readiness early is worth so much: you control the story before anyone else does.
We maintain a sourced reference on what readiness is worth and what is verifiably at stake, drawn from public regulator notices. See The readiness case →
Technical audit vs security audit & regulatory context
SOC 2 and many security audits focus on controls, policies, access, encryption, vendor risk. TAP focuses on whether your clinical interoperability and safety-critical logic behave correctly under HTI/USCDI expectations: FHIR resources, CDS/DSI traceability, clinical workflows, and evidence you can show an ACB or payer.
Think: security auditors stress-test your locks; we stress-test whether your sepsis alert logic and data exchange hold up, not only whether the firewall is on.
No. We provide technical implementation advice: we translate requirements from legal, privacy, and compliance stakeholders into testable checks, pipelines, and AWS/Azure/GCP configurations. We are the how, not the law.
The HTI rules (HTI-1 through HTI-4) set certification and interoperability deadlines for certified Health IT. Applications that connect to certified systems (e.g. Epic, Cerner) must keep pace with US Core and USCDI v3/v4 expectations, or risk failed integrations, blocked deploys, or certification problems. View current ONC certification deadlines.
Privacy engineering & de-identification
Yes, that is a core specialty. We architect NLP-driven pipelines using SQL tooling, Redgate, and Google Cloud Healthcare APIs, and we evaluate Azure Health Data Services and AWS Comprehend Medical where they fit. Compare Azure, AWS, and Google Cloud Healthcare APIs.
Different data types: Redgate and SQL masking excel at structured columns (demographics, billing codes, SSNs). Cloud APIs excel at unstructured clinical text.
Together: Redgate for dev/test copies and referential masking; cloud APIs for note-level de-ID before the lake. We routinely combine SQL, Redgate, and Google Healthcare APIs. Full comparison.
EHR, automation & multi-cloud operations
We audit Decision Support Intervention (DSI) logic so source attributes, training data provenance, and behavior are traceable against federal transparency expectations (including (b)(11)-class requirements).
"At Providence, Terry led validation of Early Warning Systems for Sepsis and MEWS in Epic, mapping clinical triggers to protocols, supporting standard-of-care implementation and over $13M in annual operational savings through improved stability."
Static dummy data misses edge cases. We design automated pipelines that feed lower environments and CRM instances with high-fidelity, de-identified clinical datasets.
"Automated ETL de-identification for Providence and Opala hydrated CRM and non-prod environments daily with Safe Harbor–style datasets, realistic scenarios, zero PHI breach risk."
Yes, we reduce manual regression through structured break-fix analysis and automated E2E coverage for major EHR releases.
"During the Epic ICD-10 migration, ISTQB-style automation validated hundreds of apps, ~20,000 hours of manual testing automated, $2.5M saved, zero downtime through a major US regulatory transition."
Yes, platform choice should not dictate whether you can govern data. We build in-place de-identification and governance patterns that run across all three clouds.
"At Opala, AWS-to-Azure migration work cut infrastructure costs by 55% while maintaining payer–provider interoperability standards."
TAP pricing, plans & policies
TAP is software, not a retainer. You buy a fixed-fee audit outright, or license continuous monitoring. Pricing is published and transparent, built for how lean HealthTech teams actually buy.
Getting started:
• Share your endpoint. The intake form captures your FHIR endpoint, target frameworks, and any constraints. No call required.
• Confirm plan and scope. We reply within one business day with the plan that fits and exactly what you'll receive, in writing.
• Run TAP. The scan runs against your live or sandbox endpoint and returns the scored, cited report. Prefer a walkthrough first? Book a call.
Fixed-fee TAP (Technical Audit Protocol): four plans. The three audits are one-time purchases; TAP Monitoring is an annual license. Each plan is a fixed package, not hourly; scope and deliverables are confirmed in writing before work begins.
- TAP Starter · automated scorecard and top findings (one-time)
- TAP Corrective Action · full audit, remediation plan, guided session, and a re-scan (one-time)
- TAP Full Engagement · adds HIPAA, DSI, and state-law review (one-time)
- TAP Monitoring · continuous re-scans and drift alerts (annual license)
See the four plans and current pricing on the TAP page →
Work that involves PHI uses a signed NDA and BAA as appropriate.
TAP is software, so you're not buying consultant hours. The rules engine and scoring were built by a senior practitioner who validated 20M+ healthcare records and led compliance at scale, so you get that rigor as a fixed-fee product, not an enterprise statement of work.
vs. hiring a firm: no enterprise overhead, no long sales cycle, no junior analysts doing the work, and no long-term lock-in. You buy the audit, or license monitoring, and own the evidence.
Behind the product: FHIR pipelines, HTI/USCDI validation, $13M documented cost-avoidance leadership, and zero critical or high defects in production over 15 years of QA discipline.
We typically respond to intake and questions within 48 hours. For TAP Monitoring subscribers, re-scan and alert cadence is defined in your plan.
Need faster turnaround on an audit? Say so when you Book a Call.
Specific terms, including any response-time SLAs, live in your order.
Yes. If a TAP Starter scan surfaces no critical or high findings in scope, we'll make it right, including a refund of the purchase where your order allows.
We aim to earn trust through results and evidence, not lock-in. Specific guarantee language lives in your order.
Specific terms and conditions are documented in your order.
Ready to run your audit?
The TAP Starter audit is a fixed-fee, one-time purchase (see pricing). Share your endpoint to get started.