MedKeep
Contact
Privacy & Security

Zero-Knowledge Encryption: The Only Acceptable Standard for Health Data

When you store health records in an app, you are trusting that company with information about your body, your conditions, your medications, and your family. Zero-knowledge encryption is the technical architecture that makes that trust warranted.

MK
The MedKeep Team
Health Records & Privacy
25 March 2026
6 min read

What zero-knowledge encryption actually means

Zero-knowledge encryption is an architectural principle: the service provider has zero knowledge of the content of your data. Your information is encrypted on your device using a key that only you hold — before it is sent to any server, before it is stored anywhere, before it touches any infrastructure that anyone else controls.

The practical result is that even if the company behind the app were compromised in a data breach, the attackers would get nothing useful. They would get ciphertext — encrypted data that looks like meaningless random characters without the decryption key. And you hold the key.

This is fundamentally different from standard encryption, where a company encrypts your data with keys they control. That protects data in transit, but it means the company — and potentially their employees, their legal counsel under a subpoena, or an attacker who compromises their systems — can decrypt and read your records.

Why health data deserves the highest protection

Health data is among the most sensitive categories of personal information that exists. It can reveal conditions, medications, family history, and lifestyle factors that have real consequences in contexts far beyond healthcare — employment, insurance, personal relationships.

Medical records are also among the most valuable data types on the black market. A stolen financial credential can be changed. A health record cannot. It contains information that remains sensitive for decades and can be used for identity theft, insurance fraud, and targeted manipulation.

Many health apps on the market today use cloud storage with standard encryption, meaning the company can read your data and it may be shared with third-party advertising partners, analytics services, or sold as aggregated data. Reading the privacy policy carefully is not paranoia — it is due diligence when the subject is your family's medical history.

Red flag: If a health app's privacy policy mentions sharing de-identified or aggregated health data with third parties for research or commercial purposes, your data is not truly private — even if it is "anonymised."

How zero-knowledge encryption works in practice

When you create a vault in a zero-knowledge app, you set a passphrase or biometric key. The app uses this — together with a secure key derivation function — to generate an encryption key that never leaves your device. All data is encrypted with AES-256 (the same standard used by financial institutions and intelligence agencies) before any of it is written to local storage or transmitted anywhere.

AES-256 means the encryption uses a 256-bit key. There are 2²⁵⁶ possible keys — approximately 10⁷⁷. Even if every computer on Earth searched for the correct key, it would take longer than the current age of the universe to find it by brute force. Properly implemented AES-256 is computationally unbreakable with any technology that exists or is projected to exist.

The cryptography is only as strong as its implementation, which is why it matters that an app's encryption architecture is transparent and, ideally, audited by a third party.

Questions to ask before trusting a health app

  • Where is my data encrypted — on my device, or on your servers?
  • Who holds the encryption keys?
  • Can your employees or engineers access my health records?
  • What happens to my data if your company is acquired or goes out of business?
  • Has your encryption architecture been independently audited?
  • Do you share any form of health data — including aggregated or anonymised data — with third parties?

A company with genuinely zero-knowledge architecture should be able to answer the first two questions clearly and immediately: data is encrypted on your device, and only you hold the keys.

What MedKeep does differently

MedKeep is built on a zero-knowledge architecture from the ground up. All health records are encrypted on your device with AES-256 using a key derived from your passcode or biometric. We have no access to your health data — not our engineers, not our support team, not under any legal request we could conceivably receive — because we never hold an unencrypted copy.

MedKeep is offline-first. Core functionality requires no internet connection. When optional cloud backup is enabled, only encrypted ciphertext leaves your device. We cannot read what you back up. This is not a policy choice — it is an architectural guarantee.

Published 25 March 2026 · 6 min read
Back to blog
Keep reading

More from the blog

Guides

How to Organise Your Family's Medical Records (And Keep Them That Way)

Every family accumulates health records faster than they realise. Here's how to turn that scattered pile into an organised digital vault that actually helps when it matters most.

20 May 2026·7 min read
Health Education

Blood Pressure Explained: What Your Numbers Actually Mean

120/80. 140/90. Numbers that appear on a monitor every few months and get filed away without much thought. Understanding what they actually mean could be one of the most useful things you do for your family's health.

8 May 2026·5 min read
Guides

The Complete Guide to Tracking Medications for Your Whole Family

The average adult over 65 takes five or more prescription medications. For a family with children, elderly parents, and chronic conditions in the mix, medication management becomes a significant responsibility. Here's how to get on top of it.

28 April 2026·8 min read

Your health records,
always with you.

Free to start. Your whole family on the Family plan. Encrypted on your device, we can't read it.

Download on theApp StoreGet it onGoogle Play