Exos by MedStack is a compliance and risk management platform designed specifically for digital health companies seeking HIPAA and PIPEDA compliance. The platform provides a structured path to building a compliance program, targeting healthcare startups and organizations that need to meet regulatory requirements before going to market. Key capabilities include: - Pre-built, customizable policy and procedure templates covering administrative, technical, and physical safeguards required under HIPAA and PIPEDA - Employee video training modules focused on PHI (Protected Health Information) handling and cybersecurity awareness - A procedure and task builder that generates actionable playbooks and delegates routine compliance tasks - Evidence generation tools that automate task assignment and track historical compliance evidence for audit readiness - Asset tracking for software access control, system administrator management, and physical hardware such as laptops - Role-based access control and version management for maintaining and updating compliance documentation - Push updates to keep compliance programs current Exos is designed to be deployed quickly, with MedStack claiming organizations can establish a fully defined compliance program in under two weeks. It is intended to complement MedStack Control, the company's cloud infrastructure platform, to provide an end-to-end healthcare data privacy compliance solution.