Data Security

Proprietary HMAC-SHA256 protocol that indexes biological data without exposing personally identifiable information. Double-blind architecture maintains physical separation between PII and multi-omic results.

NomosLogic does not — and will never — sell, rent, or lease individual-level genetic or health data. Revenue comes from Logic-as-a-Service subscriptions providing aggregate, de-identified intelligence.

Upon deletion, the cryptographic link between PII and the Sovereign Hash is destroyed immediately. De-identified metadata is retained for legal compliance (7–10 year statutory periods). Raw genetic files are moved to offline cold storage and purged after expiration.

Multi-factor authentication required for all user sessions. Employees have zero visibility into raw customer DNA; administrators access only anonymized logs.

“Break the Glass” protocol for authorized exceptions with full audit trails.