Skip to content
LastVet logoLASTVET

LastVet standard

HIPAA is the floor.
SHIELD is the standard.

HIPAA was written in 1996 to protect institutions handling health data. It set the legal minimum. It was not written for sovereignty.

SHIELD was built for the people the data belongs to. It adds stronger veteran-controlled workflows where we have implemented them today.

HIPAA vs SHIELD

LastVet is designed to meet HIPAA requirements and add stronger veteran-controlled workflows. The rows below describe current LastVet capabilities.

CurrentRoadmapBadges show what is shipped now versus what is still in build-out.

Who it protects

Current

HIPAA

Institutions and the data they hold

SHIELD

The person the data belongs to

Who controls the data

Current

HIPAA

Healthcare providers and covered entities

SHIELD

The Veteran

Consent model

Current

HIPAA

Broad authorization at intake, often buried in paperwork

SHIELD

Granular, per-category, per-recipient, plain-language

Revocation

Current

HIPAA

Written request, processed at the institution's pace

SHIELD

Immediate. Same screen. No grace period.

Audit access

Current

HIPAA

Patient must request audit logs in writing

SHIELD

Veteran can view logged access events in the app

Data portability

Current

HIPAA

"Right to access" - institution decides format and timeline

SHIELD

Veteran can export a portable PDF record summary today

Substance use records

Current

HIPAA

Standard PHI protections

SHIELD

42 CFR Part 2 enforced with separate consent flow

Provider write access

Current

HIPAA

Each institution maintains its own siloed record

SHIELD

Providers can add clinical notes when the veteran grants write access

Data sharing transparency

Current

HIPAA

Disclosure required, but often opaque

SHIELD

Veteran sees who has access, what they accessed, and when

Cross-institution coordination

Roadmap

HIPAA

Fax, paper, manual records requests

SHIELD

A veteran-controlled record workspace that supports connected care coordination

Encryption

Current

HIPAA

Required for institutional systems

SHIELD

Encrypted transport in production with secured infrastructure controls

Designed for

Current

HIPAA

Compliance and liability protection

SHIELD

Veteran sovereignty and healthier outcomes

Why It Matters

1. HIPAA was a floor, not a ceiling.

HIPAA was written in 1996, before smartphones, before patient portals, before the modern reality that healthcare data moves through dozens of systems before it reaches the person it belongs to. It set the legal minimum for protecting health information at institutions. It was never designed to give patients sovereignty. We are building to HIPAA requirements and adding stronger veteran controls where the floor is not enough.

2. Veterans deserve better than the floor.

Veterans navigate one of the most fragmented care ecosystems in the country - the VA, DoD, community providers, mental health services, peer support networks, family practitioners. Every transition creates a gap. Every gap loses information. HIPAA compliance does not solve this. Veteran sovereignty does. When the veteran owns the record, the gaps close.

3. SHIELD is how we keep our promises.

Sovereign. Holistic. Integrated. Encrypted. Live. Distributed. Every architectural decision in LastVet is checked against SHIELD before it ships. If a feature doesn't make the system more sovereign, more holistic, more integrated, more encrypted, more live, or more distributed - it doesn't get built. SHIELD is not marketing. It is how we work.

LastVet is built on SHIELD. Your data, your rules.