Security & Encryption Infrastructure

The organizations handle highly sensitive personal data including health information, home visit records, and encrypted assignment details containing names, addresses, and medical summaries. GDPR compliance and the trust of both members and partner organizations depend on robust security infrastructure. A centralized encryption and secure storage layer ensures that credentials are never stored in plaintext, that sensitive fields are encrypted at rest, and that all security events are auditable. This infrastructure also enables the encrypted assignment dispatch feature required by Blindeforbundet, which is a hard blocker for that organization's adoption.

Secure credential storage uses flutter_secure_storage which delegates to iOS Keychain and Android Keystore, ensuring OS-level hardware-backed protection. JWT access and refresh tokens are stored exclusively in secure storage, never in SharedPreferences or local SQLite. The encryption service wraps AES-256-GCM for symmetric encryption of sensitive fields, with keys derived per-user and stored in secure storage. The audit log repository writes to a dedicated Postgres table with tamper-evident append-only semantics. End-to-end encryption for assignment dispatch uses asymmetric keys (RSA-OAEP or X25519) with public keys stored server-side and private keys in device secure storage.