Security at FamFile
FamFile holds your family’s plans, not their medical records. Here is how we keep what you do share private and protected.
Encryption
Your data is encrypted in transit (TLS) and at rest. Connections to FamFile are served over HTTPS, and stored data sits on managed infrastructure with encryption enabled by default.
Access controls
FamFile enforces row-level security at the database layer, so records are only visible to your own family and to the pods you belong to. Membership in a pod determines exactly what you can see — there is no global view of other families’ data.
Authentication
Accounts are protected by managed authentication. You are responsible for using a secure password and keeping your credentials confidential. Please notify us promptly if you suspect any unauthorized access to your account.
No medical or health data
FamFile is not a health record. We do not collect or store medical, diagnostic, or treatment information, and we ask that you never enter it into any field. Limiting what is stored is itself a security measure.
Reporting a vulnerability
If you believe you have found a security issue, please email us at msafamfile@gmail.com with the details. We appreciate responsible disclosure and will work to address valid reports promptly.