Hi there , we thought about a way to ensure end to end data encryption in a multi tenant setup. So that only the tenant has access to their data. Currently medplum has the super admin model, that allows to read all the resources which eliminate some specific compliancies. Is this something medplum will cover in the future or any ideas how to achieve this?

Hi @maxmblack , medplum supports multi-tenant systems out of the box. This is how we run our hosted medplum instance. The main mechanism to do this are projects: https://www.medplum.com/docs/access/projects Super Admin is really a special case, intended for server adminsitrators

Hi @rahul1 thanks for your reply. My question was more in terms of tenant specific end to end encryption with a private key for each tenant. The result should be that its not possible to read others tenants data without that custom encryption key. AWS has something like KMS for that https://aws.amazon.com/kms/faqs/?nc1=h_ls Would this be part of medplum core implementation or can we achieve this depending on the cloud architecture? But as far as I understood medplum its not possible to achieve this in its current implementation ?

Hi @maxmblack - that's right unfortuantely right now not something we support as part of the core implmentation