Current plan level: Business Self Hosted
Question / Description:
I'm trying to utilize Retool Self Hosted to become Hipaa Compliant and have a few questions about it. Seems like there are people using Retool that are both Hipaa and PCI.
What modifications are necessary to make Retool Self-Hosted HIPAA compliant (compared to what already is in the docs)?
How can I control Retool's access to my data and assure auditors that it remains unaccessed?
If Retool manages my authentication (not SSO), how does that communication work?
If Retool manages authentication (not using SSO), how is that communication handled?