Login Contact us

Build & Ship

Productized agency engagements — web, API, platform, mobile

Cloud Environments

Multi-cloud Terraform-as-a-service across AWS, Azure, GCP

Developer Platform

API portal, webhooks, CLI, Terraform provider, SDKs

GitHub, Vercel, Cloudflare, Datadog, Slack, and more

Operate & Grow

Managed Hosting

Fully managed cloud with monitoring and uptime SLAs

Workflow Orchestration

Managed Temporal for durable, reliable execution

Copilot, weekly digest, doc Q&A, smart messaging — built into the platform

Bundle and save

Hosting + 1 compliance framework + workflows from $499/mo on Growth.

By framework

SOC 2 HIPAA ISO 27001 PCI DSS GDPR NIST CSFTalk to us NIST 800-53Talk to us NIST 800-171Talk to us CMMCTalk to us FedRAMPTalk to us HITRUSTTalk to us ISO 42001Talk to us CCPATalk to us

By need

Why FencePencil

Done-for-you compliance, no per-seat fees, evidence you keep

Pricing & cost calculator

Setup + monthly retainer in plain English

Cross-framework reuse

One control set covers SOC 2 + ISO + HIPAA + more

Auditor partnerships

We work with your auditor or recommend one

BAA / HIPAA quick-start

Business Associate Agreement, signed and ready

By stage

Ship the MVP fast. Stay on the safe side of compliance from day one.

Land your first enterprise customer. SOC 2 in weeks, not quarters.

Scale the stack and the audit posture without scaling headcount.

SOX-adjacent rigor, mature change management, expectations met.

By industry

Multi-tenant platforms, billing, RBAC, SOC 2 + ISO out of the box.

HIPAA + BAA, PHI segmentation, audit-friendly evidence trails.

PCI scope reduction, GDPR, SOC 2 — built for financial workloads.

ISO 42001, NIST AI RMF, model governance, data lineage.

CMMC, FedRAMP, NIST 800-171 — partnership pathways included.

Don't see your fit?

Tell us about your stage, industry, and the regs you live under — we'll send back a tailored plan.

See all solutions

Read & learn

Engineering insights, compliance how-tos, company news

Platform guides, API references, runbooks

Plain-English definitions for every framework, control, and acronym

Answers to the questions buyers actually ask

Tools & status

Compliance cost calculator

Estimate setup + monthly cost across frameworks

Live uptime and incident history for the platform

Security posture, certifications, sub-processors, DPAs

What we shipped — platform, marketing, behind the scenes

Building something custom?

We publish what we build. Tell us your project and we'll share patterns from past engagements.

Solutions by industry

Health tech companies

PHI, BAA, and HIPAA workloads

HIPAA + BAA, PHI segmentation, audit-friendly evidence trails. Built for teams handling protected health information without a dedicated security org.

Talk to us See pricing

What we focus on for Health tech

HIPAA from foundations up

PHI inventory, encryption at rest and in transit, audit logging, key management — every control in writing and tested.

BAA partners ready

We sign the BAA. Our hosting, monitoring, and backup partners sign too. Your sub-processor list is short and complete.

HITRUST when you need it

Most health-tech buyers ask for HIPAA first, HITRUST when they grow. Our HIPAA program is built so HITRUST is a small addendum, not a rebuild.

What we deliver

Every engagement is sized to your needs, but health tech engagements typically include the items below.

Engagement shape: HIPAA add-on ($7.5K setup + $2.5K/mo retainer) on top of any platform tier.

HIPAA-aligned cloud foundation with signed BAA
PHI data flow mapping and segmentation
HIPAA Security and Privacy Rule controls
HITRUST CSF readiness when you scale
Annual risk assessment and policy refresh

Compliance frameworks we recommend

Most health techengagements end up needing one or more of these. We map controls across them so you don't pay twice for the same evidence.

HIPAA

SOC 2

HITRUST

Explore the full compliance hub

More solutions by industry

SaaS platforms

B2B and multi-tenant SaaS

Fintech companies

Card data, financial workloads, regulated payments

AI and ML companies

Model governance and data lineage

Federal & DoD contractors

CMMC, FedRAMP, and CUI workloads

Ready to talk about your health tech engagement?

One conversation. We'll tell you whether we're the right fit, and if we're not, who is.

Start the conversation See pricing