Run Healthcare Apps
Without the Headache

Everything you need to host a HIPAA-compliant healthcare app: security features, one-click agreements, and enough time back to actually build something cool.

SOC2 Type 2? For Sure.

Fly.io is independently audited, certified, and our hardware runs in ISO 27001 datacenters. We keep things no-footgun secure around here.

One-Click BAAs

Dead simple agreement management—no drafting and no negotiation. Just click a button and get a signature request in your inbox. Easy peasy.

HIPAA is Not the Only
Game in Town

HIPAA is great and all, but we're also covered under PHIPA, EHDS, and the Data Privacy Frameworks of the UK, Switzerland, and EU-US.

  • Wireguard/VPN

    Everything on our platform is connected via a WireGuard mesh: a next-generation in-kernel VPN designed by vulnerability researchers for simplicity, auditability, and modern cryptography.

    Learn More
  • Default-Deny Public Networking

    With routable IPv6 addresses and shared IPv4 addresses, nothing on your app is exposed unless you ask us to expose it. You’re locked down by default.

    Learn More
  • Hardened Hosting

    Apps on Fly.io run inside Firecracker, a memory-safe KVM hypervisor. We turn container images from our users into VMs, for full, no-shared-kernel isolation between applications.

    Learn More
  • SSO and MFA for Free

    Support for single-sign on and standard multifactor authentication apps come standard with Fly.io.

    Learn More