Compliance Add-on
Your infrastructure.
Your audit trail.
Dedicated databases, tamper-proof activity logs, and 7-year retention — purpose-built for regulated industries. Activate after your trial when you're ready.
Dedicated Infrastructure
Your own database and file storage. Physical isolation — not just logical separation. Your data never shares infrastructure with anyone else.
Tamper-Proof Audit Trail
Every log entry links to the previous one with an integrity check. A chain your auditors can verify. Tampering breaks the chain — and you see it immediately.
7-Year Retention
Every event retained for 7 years. Meets the longest retention requirements across healthcare, finance, and government.
Audit Trail
A tamper-proof chain your auditors can verify
Every event links to the previous one with a cryptographic integrity check. Tampering breaks the chain — and you see it immediately. 7-year retention. Signed exports verifiable by any auditor.
- Integrity check on every log entry
- Chain-linked — tampering is visible
- IP address & device captured on every event
- 7-year retention by default
- Signed CSV exports for auditors
Compliance Dashboard
Infrastructure status at a glance
A dedicated settings page shows your dedicated infrastructure status, log chain integrity, retention policy, and every active compliance control — always up to date, no manual checks required.
- Dedicated database & file storage status
- Log chain integrity indicator
- Retention policy summary
- Encryption & TLS status
- Webhook log retention
$799/mo · Account-level · Covers every app you publish
Includes everything in Enterprise. Add to your account after your trial.
Every compliance feature, in detail
Purpose-built for teams that answer to auditors, regulators, and compliance officers.
Dedicated infrastructure
Your organization gets its own database — full physical data isolation, not just logical separation. Your records never share infrastructure with another customer.
Dedicated file storage
A separate storage system with restricted access. Attachments and file uploads are isolated from shared infrastructure.
7-year activity log retention
Every event retained for 7 years (vs. 1 year on Enterprise, 90 days on baseline). Meets retention requirements for healthcare, finance, and government.
Tamper-proof activity logs
Every log entry includes an integrity check and a link to the previous entry, forming a tamper-proof chain. The compliance dashboard shows chain integrity status in real time.
IP address & device logging
IP address recorded on every logged event. Device info captured on every sign-in event. Full visibility when you need it.
Signed log exports
Export your activity logs with a signed integrity file. Verifiable proof that the export hasn't been altered — ready for auditors and regulators.
Encrypted safety snapshots
Before any data migration, WorkApps automatically creates an encrypted snapshot stored in isolated backup infrastructure. If anything goes wrong, your data is recoverable.
90-day webhook log retention
Webhook delivery logs retained for 90 days (vs. 30 days on Enterprise, 7 days on baseline). Troubleshoot integration issues weeks after they happen.
Compliance dashboard
A dedicated Settings page showing your infrastructure status, log integrity, and a summary of every compliance feature active on your account.
Everything in Enterprise, included
Compliance builds on top of Enterprise. You get every Enterprise feature automatically — no separate subscription needed.
Built for regulated industries
The same compliance infrastructure works across industries. The features map directly to what auditors and regulators ask for.
Healthcare
HIPAA-aligned audit trails. 7-year retention satisfies records requirements. Dedicated infrastructure keeps patient-adjacent data fully isolated.
Financial Services
Tamper-proof logs and signed exports give auditors verifiable proof. Dedicated databases meet data segregation requirements.
Government
IP and device logging on every event. Physical data isolation. Multi-year retention with integrity verification built in.
Legal
Chain-of-custody audit trails. Signed exports that prove logs haven't been altered. 7-year retention for case documentation.
Infrastructure standards
The baseline controls your security team will ask about — included with every app.
Compliance Add-on
Account-level. Covers every app you publish.
- Dedicated database & file storage
- Tamper-proof activity logs with integrity chain
- 7-year activity log retention
- Signed log exports for auditors
- IP address & device logging on every event
- Everything in Enterprise included
Add-on to any paid plan. No trial interruption.
Learn more
Common questions
Questions we hear from procurement teams, compliance officers, and IT buyers.
Which regulations and frameworks does this help with?
Compliance is designed for teams operating under HIPAA, SOC 2 Type II, ISO 27001, GDPR, and similar frameworks. Dedicated infrastructure, tamper-proof logs, 7-year retention, and signed exports directly address the controls those audits look for. We don't certify your apps — but we give your infrastructure team the evidence they need.
Is data isolated from the moment we activate, or only going forward?
From the moment you activate. When Compliance is enabled, WorkApps provisions your dedicated database and file storage and migrates your existing data before any new activity is recorded. There is no window where data lives on shared infrastructure after activation.
What does "tamper-proof" mean technically?
Every activity log entry includes a cryptographic hash that links it to the previous entry, forming a chain. Any modification to a past entry breaks the chain, which is detectable immediately. The compliance dashboard shows chain integrity status in real time. Signed exports include a verification file so auditors can confirm the export hasn't been altered.
Can we get documentation for our security review or auditors?
Yes. Contact us and we'll provide our security overview, infrastructure documentation, and a completed vendor questionnaire. For active customers, signed log exports with integrity files are available on demand from the compliance dashboard.
What happens to our data if we cancel or downgrade?
If you downgrade or cancel the Compliance add-on, your data moves from dedicated infrastructure back to shared infrastructure at the end of your billing cycle — nothing is deleted. Your logs, records, and files are all preserved. You'll see a clear warning before confirming any downgrade.
Do our apps need to change to get these compliance features?
No. Compliance is an account-level add-on — it applies to every app you've published automatically. No code changes, no redeployment, no reconfiguration. The infrastructure underneath changes; your apps stay exactly the same.
Ready for compliance-grade infrastructure?
Start your trial on any plan, then add Compliance when you need it. Dedicated infrastructure is provisioned automatically — no procurement, no waiting.