Appearance
Vendor / subprocessor register
Purpose: Canonical record of every vendor + subprocessor that processes (or could process) AskFlorence data, with BAA / DPA / FedRAMP status. Required artifact for SOC 2 (CC9.2 — vendor management), HIPAA (§164.314 — BAA scope), and CMS EDE Phase 3 (subprocessor inventory).
Linked: #57 — Vendor HIPAA BAA coverage audit. #71 — Phase 12 compliance docs.
Convention: every row updated when status changes. Evidence files (signed PDFs, click-through screenshots) live under
docs/infrastructure/evidence/and are cross-referenced by row.
Active vendors / subprocessors
Tier 1 — direct data processors
| Vendor | Purpose | Data class | BAA / DPA status | FedRAMP | Evidence | Notes |
|---|---|---|---|---|---|---|
| AWS (Amazon Web Services) | Compute, storage, networking, secrets, monitoring — entire production stack | All classes (public, pii, phi, fti, application, cms_hub) | ✅ HIPAA BAA signed 2026-04-18 (AWS Organizations BAA, covers all member accounts: 778477254880 mgmt, 039624954211 prod, 549136075525 staging, 754660694122 log-archive) | ✅ FedRAMP Moderate (commercial us-east-1) | aws-organizations-baa-signed-2026-04-18.pdf | Authoritative compute + data layer. EDE Phase 3 inheritance via FedRAMP Moderate ATO. |
| Google Workspace (Google LLC) | Business email (*@askflorence.health), Calendar, Drive (founder + ops docs), Meet, Cloud Identity (SSO root for Google services) | pii (employee + cofounder data); phi possible if any clinical/member info ever flows into Drive/Gmail | ✅ HIPAA BAA accepted 2026-05-01 via Admin Console click-through (Google Workspace/Cloud Identity HIPAA Business Associate Amendment) | ❌ Workspace is NOT FedRAMP Moderate authorized for general use. Workspace for Gov is a separate tier. | google-workspace-hipaa-baa-acceptance-2026-05-01.jpg (admin console screenshot) | Covered services list: Gmail, Calendar, Drive (incl Docs/Sheets/Slides/Forms/Vids), Meet, Chat, Sites, Tasks, Keep, Vault, Cloud Identity, Google Cloud Search, Groups, Voice (managed), AppSheet, Apps Script, Gemini app, Gemini in Workspace. Excluded: Gemini in Chrome. Source of truth: workspace.google.com/terms/2015/1/hipaa_functionality (effective 2025-09-30). For EDE Phase 3, Workspace stays as it doesn't touch the marketplace data path; if it ever does, migrate to Workspace for Gov. |
MongoDB Atlas (organization askflorence, two projects in scope) | Primary application database. Project askflorence-prod-01 (project_id 69dc20c64005b222804dafa4, M10 HIPAA cluster askflorence-prod-01): plans, ZIPs, agent waitlist, future agent + member data — PHI scope. Project askflorence-staging (project_id 69e31af12fd2c0aef51bbb41, M30 cluster askflorence-staging): non-PHI public CMS reference data (formularies_staging, providers_staging) read cross-cluster from prod via AWS PrivateLink. | All classes on prod (HIPAA-tier cluster); public-only on staging (CMS marketplace reference data) | ✅ HIPAA BAA via Atlas HIPAA tier (effective with M10 HIPAA cluster) — organization-level BAA covers both projects under the same Atlas organization. Signed BAA PDF on file (doc LA-50572, fully executed 2026-05-14). | ⚠️ Atlas commercial: not FedRAMP. Atlas for Government: FedRAMP Moderate. Migration planned at EDE Phase 3 cutover. | mongodb-atlas-baa-signed-2026-05-14.pdf | BAA scope: the signed BAA (LA-50572) is an organization-level MongoDB Cloud Services BAA — it does not enumerate individual Atlas project IDs, so the org-level scope inherently covers both askflorence-prod-01 and askflorence-staging under the askflorence Atlas organization; the "confirm both project IDs" caveat (#57) is satisfied by construction. us-east-1. Prod cluster: narrow-scoped users (Phase 11 follow-up: complete split + rotate). Cross-cluster reads: prod VPC → staging cluster via AWS PrivateLink endpoint vpce-0c81aea11e29bb928 (Atlas endpoint service com.amazonaws.vpce.us-east-1.vpce-svc-0d8138ea0f6542afa); see decision doc "Cross-cluster reference reads via AWS PrivateLink" + Terraform infra/envs/prod/atlas-staging-privatelink.tf. Read-only app_read_staging user on askflorence database. |
| Cloudflare | DNS only (proxy disabled) for askflorence.health apex + subdomains | None — DNS resolution does not see content | n/a (DNS-only — no PHI traverses Cloudflare) | n/a | (no BAA needed for DNS-only mode) | Hard rule: never enable proxy/orange-cloud without first signing Cloudflare BAA. |
| GitHub | Source code hosting (no PHI in repo by .gitignore + secret scanning) | None — source code only | n/a (no BAA needed; no PHI in repo) | ⚠️ GitHub Enterprise Cloud has FedRAMP Moderate; we're on standard tier today. Upgrade if auditor asks. | n/a | Branch protection on main. Secret scanning on. Dependabot on. |
Tier 2 — transitional / pending decision
| Vendor | Purpose | Data class | BAA / DPA status | Action |
|---|---|---|---|---|
| AWS SES (Amazon Simple Email Service) | Transactional email (waitlist, agent confirmations, future magic links). Replaced Resend at v0.18.0 cutover. | pii (email addresses + content) | ✅ Covered under existing AWS Organizations BAA (SES is an AWS service in scope) | None — fully covered |
| PostHog Cloud | Product analytics, being re-introduced post-Umami pivot for the HIPAA-wired event model (ENG-400 mobile, ENG-419 web instrumentation) | pii (covered by BAA); phi possible depending on SDK config | ✅ HIPAA BAA signed 2026-06-01 (posthog-baa-signed-2026-06-01.pdf, Doc Ref PBK2U-R6PYJ-KMD6G-CPFMO, counter-signed Charles Cook VP Operations, PostHog Inc.). ⚠️ CONDITIONAL: BAA text states it is null and void unless customer is on a paid PostHog Platform Package (Boost / Scale / Enterprise) at signing time. Verify subscription tier before relying on coverage for any PHI flow. | Earlier "removed" path (#75 / ADR 0009 / ENG-347) shipped OpenPanel + GlitchTip self-hosted on AWS as the canonical observability stack. PostHog is re-introduced under the new BAA for product analytics specifically on mobile (ENG-400) and web (ENG-419). Move to Tier 1 once actively flowing in prod under the BAA + Platform Package tier confirmed. Tracked in ENG-421. |
| ElevenLabs (voice, Florence WOW demo path ENG-356) | Conversational voice TTS + STT for Florence | phi (members may speak meds, doctor names, conditions if Florence ships voice in prod) | ⚠️ BAA in flight, founder-led (being sorted next after PostHog). HIPAA support is plan-tier-gated on ElevenLabs side. | Sign before any PHI flows through ElevenLabs in production. Demo / dev-only use is acceptable until the BAA is in hand and the plan-tier is verified. |
| Anthropic (Claude API, Florence AI workstream — not yet shipped) | LLM inputs/outputs for Florence AI; will carry phi when launched | phi (when Florence ships) | TODO: collect signed BAA at Florence Phase 1 go-live; sign before any prod Florence call | Migrate to Bedrock at EDE Phase 3 (Bedrock Claude is FedRAMP Moderate via AWS, no separate Anthropic BAA needed). |
| OpenAI Whisper (voice — not yet shipped) | Voice transcription if voice ships pre-EDE | phi-capable | TODO: only collect BAA if voice ships pre-EDE; else skip and go straight to AWS Transcribe at EDE Phase 3 | AWS Transcribe is FedRAMP Moderate native. Default plan: never sign OpenAI BAA. |
| NIPR (National Insurance Producer Registry) — not yet integrated | Agent NPN validation at onboarding; monthly active-license alerts | pii (NPN, agent identity) | TODO: BAA signing at integration time. NIPR has standard healthcare BAA. | Phase 5 (agent platform) |
| ID verification vendor (TBD: Persona / Stripe Identity / Plaid / Veriff) — not yet integrated | Government ID + selfie liveness for agent identity | pii + biometric | TODO: BAA signing at vendor selection | Phase 5 (agent platform) |
Tier 3 — retired / removed
| Vendor | Reason | Date retired | Notes |
|---|---|---|---|
| Resend | Transactional email (replaced by AWS SES); domain status had failed since 2026-04-10; Vercel-side Resend integration broken. | 2026-04-30T17:19Z (commit retiring secret + IAM + ECS task def) | Subscription canceled. Code path removed. AWS SES covers transactional email going forward, fully under AWS BAA. |
| Vercel | Replaced by AWS ECS at Phase 10 cutover. | 2026-04-23 (Phase 10 DNS cutover) | Vercel project archived; not deleted (rollback safety). |
BAA evidence inventory
Files under docs/infrastructure/evidence/:
| File | Vendor | Type | Date |
|---|---|---|---|
aws-organizations-baa-signed-2026-04-18.pdf | AWS | Signed BAA PDF (org-wide) | 2026-04-18 |
google-workspace-hipaa-baa-acceptance-2026-05-01.jpg | Google Workspace | Admin console click-through screenshot | 2026-05-01 |
mongodb-atlas-baa-signed-2026-05-14.pdf | MongoDB Atlas | Signed BAA PDF (doc LA-50572, org-level) | 2026-05-14 |
posthog-baa-signed-2026-06-01.pdf | PostHog | Signed BAA PDF (Doc Ref PBK2U-R6PYJ-KMD6G-CPFMO) | 2026-06-01 |
Compliance frameworks reference
| Framework | Vendor management control | What this register satisfies |
|---|---|---|
| HIPAA | §164.314(a) — BAA required for all subprocessors with PHI access | Per-vendor BAA status + evidence file path |
| SOC 2 TSC | CC9.2 — vendor management; CC1.4 — third-party risk | Vendor inventory + risk classification (data class column) |
| CMS EDE Phase 3 / MARS-E 2.2 | SA-9 (External information system services) — subprocessor inventory + control inheritance | Per-vendor FedRAMP status + EDE migration path notes |
| NIST 800-53 R4 Moderate | SA-9 (services external to org), AC-20 (use of external systems) | Status documentation + control inheritance flags |
Update cadence
- At every new vendor adoption: add row before signing contract; require BAA / DPA before any production data flows
- Quarterly: review for vendor status changes (new FedRAMP authorizations, BAA renewals, retirements)
- Annually: full audit prep — pull every BAA from evidence/, verify still active, file replacements as needed
- At every retirement: move to "retired" section + retain BAA in evidence/ for 6 years (HIPAA retention)
Open follow-ups
- [x] Collect signed BAA PDF from MongoDB Atlas — filed 2026-05-14 as
mongodb-atlas-baa-signed-2026-05-14.pdf(doc LA-50572). Per #57: the executed BAA is an organization-level MongoDB Cloud Services BAA — it does not enumerate individual Atlas project IDs, so its org-level scope inherently covers BOTHaskflorence-prod-01(69dc20c64005b222804dafa4) ANDaskflorence-staging(69e31af12fd2c0aef51bbb41) under theaskflorenceAtlas organization. The cross-cluster PrivateLink read path keeps staging in-scope for our compliance posture even though it holds non-PHI reference data only; both projects are covered by construction. - [x] #75 — remove PostHog Cloud (sub-A shipped 2026-05-12); replacement is OpenPanel + GlitchTip self-hosted (ADR 0009, build at #342 / ENG-347)
- [x] Collect signed PostHog BAA PDF, filed 2026-06-01 as
posthog-baa-signed-2026-06-01.pdf(Doc RefPBK2U-R6PYJ-KMD6G-CPFMO; tracked in ENG-421) - [ ] Verify AskFlorence is on a paid PostHog Platform Package (Boost / Scale / Enterprise), required for the 2026-06-01 PostHog BAA to be effective per its own terms. Verify before any PHI traffic.
- [ ] ElevenLabs BAA: in flight, founder-led. Sign before any PHI flows through ElevenLabs in production.
- [ ] At Phase 5 (agent platform) — sign NIPR BAA; select + sign ID-verify vendor BAA
- [ ] At Florence Phase 1 (Anthropic direct API) — collect signed Anthropic BAA
- [ ] At EDE Phase 3 (~Sept 2026) — migrate Atlas → Atlas for Government, Anthropic direct API → Bedrock Claude
