External attestations
HCC's mint mechanics, enclave isolation, and consent enforcement are designed to be reviewed by an independent privacy law firm, an external information-security firm, and an academic re-identification audit team. Phase 1 — pre-launch state. No external attestations have yet been performed. The first attestation cycle begins after the first researcher contract is signed and the first mint event lands on chain. We will publish each signed report here as it lands; we will not claim an attestation has been performed until it has.
You will not find a list of named law firms, audit firms, or universities on this page until they have actually performed the work. Other healthcare projects sometimes pre-announce engagements that never materialize, or list firm names without signed deliverables. We will not. The first time a firm name appears on this page, it will be alongside the published signed report and the SHA3-256 hash anchored on the trust ledger.
Phase 2 — attestation framework
Independent review of the HIPAA authorization model, opt-in consent classes, revocation propagation, and the legal boundary between Datavault enclave and chain. Engagement deliverable: signed legal opinion published with the SHA3-256 hash on the trust ledger.
Firm to be engaged before the first researcher contract is signed; firm name posted here when the engagement letter is countersigned.
Independent SOC 2 Type II review of the Datavault sealed-enclave architecture, key custody, network egress controls, and audit-log integrity. Includes annual penetration test against the enclave boundary.
SOC 2 Type II requires a 6-month observation window. Phase 2 launch starts the clock; first signed report expected ~9 months after first researcher contract.
Independent academic team simulates re-identification attacks against published cohort summaries. Methodology, attempt count, and result count published every quarter, with raw attempts archived for reproducibility.
Academic team to be engaged at Phase 2 launch. We will not claim a number of "simulated attacks" until the audit has actually been performed.
Independent verification that every researcher contract on chain is backed by a valid IRB or equivalent ethics-board approval. The IRB ID is pinned to the contract on chain; this attestation cross-checks the ID against the issuing IRB's public record.
First verification report after the first contract is signed.
When a real attestation has been performed and signed, this page will show — for each pillar — the engagement firm name, the engagement letter date, the report period, the report's signed SHA3-256 hash, the trust-ledger anchor, the result summary, and a direct link to the raw signed PDF. Until then, the cards above remain in the "Phase 2 · pending" state with no firm name listed.
The same discipline applies to the rest of the Conceptual Health platform. See the chain about page, validator set, and IP portfolio for parallel treatment. Tagline at the bottom of every page: "Integrity in all we do." We mean it.