A self-hosted, PHI-safe integration engine

PHI stays on your infrastructure

Self-hosted isn't a deployment option bolted onto a cloud product — it's the whole model.

• No vendor cloud, no processor — message contents are never sent to a managed service.
• No telemetry of PHI — you control what, if anything, leaves your network.
• You hold the keys — message bodies are encrypted at rest with AES-256-GCM in your store.

Runs where your data lives

One engine, your environment — a data center, a VM, or your private cloud account.

• Installs from PyPI — pip install messagefoundry, on Python 3.11+.
• Zero-config on SQLite, scaling to PostgreSQL or SQL Server for production.
• Runs headless, including as a long-lived Windows service; one config repo drives every environment.

Secure by default

• TLS enabled by default (TLS 1.2+, incl. MLLP-over-TLS); plaintext is supported for endpoints that can't do TLS, within your secure network perimeter.
• Authenticated & audited — local accounts, MFA, Active Directory, RBAC, and a tamper-evident audit trail.
• Built to recognized standards — NIST SSDF, the HIPAA Security Rule (800-66), and an OWASP ASVS Level 3 self-assessment. See the evidence →

No lock-in, no per-interface fees

• Open source under AGPL-3.0 — read every line, run as many interfaces as you like.
• No cloud subscription and no per-interface licensing — your interfaces are plain Python in your own repo.
• A low-cost commercial license is available from the non-profit when copyleft terms don't fit. Licensing →