Security & Clinical Integrity
We understand the sensitivity of clinical data. Our architecture is designed to minimize risk by limiting data retention and emphasizing de-identified workflows.
No Training on Your Data
PsychDraft connects to LLM providers via enterprise APIs with zero-retention policies for training. Your drafts are not used to improve our models or anyone else's.
Encryption Everywhere
All data is encrypted in transit using TLS 1.3 and at rest using industry-standard AES-256 encryption.
Stateless Architecture
Wherever possible, we avoid storing input data long-term. Once a session is closed, the temporary context is cleared.
Compliance & Responsibility
HIPAA & PHI: While our security measures are robust, PsychDraft is designed as a drafting tool first. We strongly encourage the use of de-identified data (e.g., "Patient X", initialized names) to add an extra layer of privacy.
Not a Medical Device: PsychDraft output is a suggestion, not a finding. It does not perform psychological testing or diagnostic analysis. It assists in the writing of report narratives based on the data you provide.