Building the infrastructure for patient-authorized medical data access in injury litigation

SettLiT is built on Marble's secure, consent-driven health data infrastructure to give injury law firms fast, reliable and patient-authorized access to digital health information. We operate at the intersection of healthcare, law, and technology to replace slow, fragmented record retrieval with secure, standards-based data access built for modern legal workflows.

Explore SettLiT Explore Marble Book a Demo

Who We Support

Who we serve and why it matters

SettLiT operates as part of Marble’s broader mission to modernize how organizations securely access health data with explicit consumer consent. Within injury litigation, our focus is enabling secure, patient-authorized access to medical information at scale, using standards-based interoperability rather than manual, ad hoc retrieval.

Our work is designed to support long-term trust, regulatory alignment, and durable access as healthcare data systems continue to evolve.

Our platform supports:

Medical clarity

Law firms.

By providing early, objective medical clarity that improves intake decisions, case strategy, and outcomes

Orange briefcase icon above client information for John Doe, including client ID, address, case type, and date of birth placeholder.

reducing delays

Claimants.

By reducing delays, unnecessary requests, and administrative friction

Dashboard showing a list of medications with columns for Drug Name, Date, Pill Count, and Description detailing cancer treatments.

objective medical facts

The legal system.

By enabling decisions based on objective medical facts rather than incomplete recall.

Legal scales icon overlay on a client dashboard showing John Doe's details, including client ID, address, case type, and counts of medical providers found and additional addresses.

We believe

Medical data should be timely.

We believe access to medical data should be timely, secure, and intentional. Grounded in consent and governance, not dependent on outdated processes or chance.

Book a demo How it works

Dashboard showing 82 services with data, 29 outstanding clients, 0 manual in cart, 0 manual tickets, 6 total audits, a monthly bar chart, remaining credits at 87%, and a success rate graph with 97% on April 5th, 2025.

Interoperability

Our approach to interoperability

SettLiT is built to operate within the national health data infrastructure, not around it. As part of Marble, we believe durable access to medical information depends on active participation in the systems that govern authorization, exchange, and auditability.

Through Marble’s engagement in interoperability frameworks, consent standards, and privacy models, SettLiT enables secure, compliant, patient-authorized access while meeting the governance expectations of healthcare networks and providers.

This approach allows SettLiT to scale reliably across networks and jurisdictions while maintaining the trust required for modern health data exchange.

The word 'Epic' in bold white text on a transparent background.

First Official Partner in Legal Space, Request and Retrieve Directly from Epic’s EHR system for attorneys

Industry Advisory, Pilot Group on Patient Authorized Release of Information

Co-Chair, Release of Information Working GroupCo-Chair, Patient Enhanced Health Record Locator Service

Industry Advisory, Consumer Mediated Exchange, Consumer Access, Policy and Code of Conduct.

Contributor, Privacy and Consent WorkgroupContributor, Task Group Operationalizing Automated ConsentContributor, Guidance to States: Legislating Technical Standard Definitions for Existing State Sensitive Health Data Laws

compliance

Compliance you can rely on

Security, privacy, and governance are foundational to how SettLiT is built and operated.

As part of Marble, SettLiT is designed to meet the expectations of law firms, healthcare partners, and enterprise clients handling sensitive medical data, ensuring every interaction is permissioned, protected, and auditable.

security-first

Protecting data at every stage of its lifecycle

SettLiT is built on a modern, security-first cloud architecture with encryption in transit (TLS 1.2+) and at rest (AES-256). Role-based access controls and least-privilege permissions ensure sensitive data is only accessible to authorized users.Security is embedded into the platform—not layered on after the fact.

consent, access, & auditability

Clear authorization with full traceability

Every data interaction is governed by role-based permissions, logged access, and centralized audit trails. Built-in consent and authorization tracking ensures medical data is accessed properly and defensibly, supporting compliance, provider trust, and legal scrutiny.

Compliance-aligned operations

Designed for regulated environments

SettLiT operates in environments subject to strict legal and medical requirements. Our controls and operational practices are reviewed for HIPAA alignment and supported by formal policies covering data handling, retention, access, and incident response. Vendor and partner security reviews are part of our onboarding process.

soc 2-level rigor

Enterprise standards, continuously enforced

SettLiT is actively progressing toward SOC 2 Type II certification, with controls mapped to the Trust Services Criteria for security, availability, and confidentiality. Internal audits, continuous monitoring, and ongoing control testing ensure our security posture meets enterprise expectations today—and scales responsibly over time.

why us

Why firms choose SettLiT

First to market, with access pathways that did not previously exist for the legal industry

Comprehensive coverage across claims, pharmacy, labs, exchanges, and EHR systems

No data, no charge, eliminating unnecessary retrieval spend

Built for scale, from single cases to large MDL dockets

Integrated workflows, including APIs and CMS integrations

Enterprise-grade security, including SOC 2 compliance and rigorous audits

Book a Demo How it works

Dashboard showing data source growth line graph peaking at 97% on April 5th, 2025, with various analytics including outstanding clients, total audits, activity timeline, and remaining credits.

Values

Our Values

We don't have a mission statement hanging on a wall. We have principles we live by every day. They guide how we build, how we treat people, and how we measure success.

Transparency

Clear data origination

We provide clear data origination and authorization tracking so firms understand where information comes from and why access is permitted.

Medical Data Origination Statement document with a magnifying glass highlighting 'Northview Health Clinic Inc.' and the date 12/02/2025.

Customer Obsession

Close partnership

We build in close partnership with our customers, prioritizing real-world legal workflows and operational realities.

Orange icon of a person shaking hands over a financial dashboard showing service stats, outstanding clients, and activity timeline.

Compliance First

We operate within HIPAA

As part of Marble, we operate within HIPAA requirements and advocate for consent-forward policy evolution that benefits patients and their legal representatives.

Continuous Innovation

Expanding Data Access

We continuously expand network access and improve how patient-authorized medical data is delivered, governed, and used.

Screenshot of a medication list showing several entries for Buspirone HCL 10 MG with the same date, pill count of 30, and description, partially overlaid by a large orange return arrow and data graph line icon.

Real results

See what happens when
strategy meets solid engineering. (secu)

How a bank cut processing time by 70%

They needed speed. We delivered infrastructure that moved data without breaking.

Strict access control

Black Friday tested everything. Our systems held. Their revenue didn't take a hit.

Secure by design

Hospitals needed reliability. We built systems that doctors trust with patient care.

Security

Security built for
sensitive health data

Rigorous Data Protection

Client information is safeguarded through encrypted storage, controlled access, and strict privacy protocols designed for sensitive medical data.

Continuous Monitoring and Audits

Our infrastructure undergoes regular audits and real time oversight, ensuring every data interaction meets the highest standards for accuracy and protection.