Security & Clinical Integrity
We understand the sensitivity of clinical documentation. PsychDraft is designed around privacy-conscious workflows, secure cloud infrastructure, limited data retention, and clinician-controlled review.
Secure Cloud Infrastructure
AI requests are processed through secure AWS services designed for data privacy. We use API-based providers that do not use customer inputs for model training under their published data usage policies.
Encryption in Transit & Rest
Data is encrypted in transit using TLS protocols and encrypted at rest through our infrastructure providers, ensuring your workflow remains protected at every stage.
Stateless Architecture
PsychDraft is designed to minimize long-term storage of drafting inputs. Session context is not retained beyond active use unless explicitly saved, and temporary context is cleared when sessions close.
Responsible Clinical Use
Guidelines for secure and professional practice.
Privacy-Conscious Workflow
PsychDraft is designed to support de-identified clinical drafting workflows and minimize unnecessary retention of sensitive information. Clinicians maintain full responsibility for review, editing, and final report approval.
Clinical Oversight
PsychDraft supports clinician-authored documentation workflows through AI-assisted draft generation and organizational support. It is designed to support—not replace—clinical reasoning, assessment, or diagnostic decision-making.
Enterprise & Compliance
Organizations with specific compliance or Business Associate Agreement (BAA) requirements are encouraged to contact us regarding enterprise infrastructure and workflow considerations.
PsychDraft relies on secure, HIPAA-eligible infrastructure providers including Supabase (database hosting), Vercel (application hosting), Stripe (billing), and AWS (AI processing and cloud infrastructure). Each provider maintains its own security and compliance documentation.
Questions about compliance or data handling? Contact support@psychdraft.com