Features Solutions Enterprise Integrations Pricing Case Studies API Partners Careers Security Payments Blog FAQ Contact
Log in Request demo
Security & compliance

How Diamond Fleet protects patient and prescription data

Diamond Fleet is architected around one rule: expose the minimum data necessary at every step, and make every action traceable.

HIPAA-aligned by design

Patient and prescription data is protected at every stage of the delivery lifecycle. Access to protected information is scoped to what each role actually needs to complete their task — dispatch, driver and pharmacy staff each see a different, limited slice of an order's data.

Encryption in transit

Data moving between the pharmacy system, the dispatch platform, and the driver app is encrypted in transit using industry-standard TLS, the same baseline used by major web and financial platforms.

Role-based access control

Every user — dispatcher, driver, pharmacy manager, partner — has a defined role with its own permission boundaries. Nobody has default access to more than their role requires.

Full audit trail

Every stage of every order — creation, assignment, pickup, delivery, return — is timestamped and logged, from both the dispatch side and the driver side. That log is what makes a compliance review or an internal investigation possible.

Documented proof of delivery

Photo and signature confirmation is captured and stored against the specific order it belongs to — not left in a driver's personal phone or an unsecured messaging thread.

API & integration security

Connections to pharmacy systems are made through authenticated, permissioned API access — the pharmacy controls exactly what data is shared, and the connection can be reviewed or revoked at any time.

Business continuity

The platform is built on redundant cloud infrastructure with the goal of minimizing downtime and data loss in the event of a service disruption. A full, independently audited disaster recovery certification is on our roadmap as detailed below.

Where we are on formal certification: Diamond Fleet does not yet hold a formal third-party security certification such as SOC 2. Our architecture is built around HIPAA-aligned principles from day one, and pursuing formal certification is an active roadmap priority as we scale with enterprise partners. We're glad to walk any prospective enterprise partner through our current security architecture in detail as part of due diligence.