We have a multi-tenant solution with phi and are exploring if Metabase will fit our needs. Our postgres tables have a tenantId to differentiate tenant data and also have row-level security. How does HIPAA compliance works with Metabase?
Is it possible to connect Metabase to our tables and have it decrypt the phi/data on the fly? Or will a view be needed? Can Metabase manage the encryption/decryption if tables are isolated and data is being sent to Metabase to process and save / read?
Also, regarding the price, is the pro level really $500/mo and that's it? Does that include cloud-hosting costs or cloud/self-hosting is additional and $500/mo is just to use Metabase?
Thank you for your time!