Skip to main content

Consent & privacy

Khrome is built so that you decide who reads what, and every read is recorded.

  • Your raw data is off-chain. PHI and financial documents live in a secure store, encrypted at rest with per-person keys. The chain holds only the proof, the metadata, and the audit trail — never the raw content.
  • Access is consent-gated. A provider or agent can only read entries you have granted them, through a scoped consent token. Scopes are narrow (a specific provider, a specific record type) rather than all-or-nothing.
  • Every disclosure is logged on chain. This directly satisfies HIPAA's accounting-of-disclosures requirement (45 CFR §164.528) — what was accessed, by whom, and when becomes a query instead of an annual audit.