Your patients' words. Your device. Our obsession.
Patent-pending on-device PHI redaction. HIPAA compliance. Immutable audit trails. De-identification engine. Encryption at every layer. Mediyn doesn't treat security as a feature — it's the foundation everything else is built on.
Defense in depth. Not a single wall.
Every layer is independently audited, independently encrypted, and independently configurable.
Built for healthcare from day one.
HIPAA compliance is the starting point. Not the destination.
Mediyn was designed from the ground up for HIPAA compliance. Every plan includes a Business Associate Agreement (BAA). Administrative, technical, and physical safeguards are built into the platform architecture — not bolted on after the fact.
- BAA included with every plan at no extra cost
- Administrative, technical, and physical safeguards built in
- <1hr incident detection, <24hr breach notification
- Quarterly penetration testing by independent firms
- Bug bounty program for responsible disclosure
HIPAA is the floor. We cover the rest too.
Beyond HIPAA, therapy practices face the No Surprises Act (Good Faith Estimates for self-pay patients since January 2022), state telehealth licensing requirements, and recording consent laws that vary by jurisdiction. Mediyn builds compliance into the workflow — not as a checklist you manage separately.
- No Surprises Act: GFE generation, delivery, and acknowledgment
- Telehealth recording consent captured per-session
- State licensing reminders for cross-state sessions
- Consent tracking with e-signature audit trail
- All compliance events logged immutably
Patient identifiers never leave the device.
Session recordings never leave your device unencrypted.
Every other platform sends your patients’ raw session recordings to their servers for processing. Mediyn doesn’t. Raw audio from therapy sessions is processed locally on the clinician’s device. Names, phone numbers, addresses, dates of birth — all stripped before anything leaves the device. The cloud only ever sees de-identified audio.
- Patent-pending on-device PHI redaction
- Raw audio processed locally — never uploaded
- Names, DOB, addresses stripped before transmission
- Cloud only sees de-identified audio and text
- Works on iOS and web — same guarantees
The cloud never sees raw patient recordings. This isn't a server-side filter — it's a patent-pending on-device privacy engine.
Patient identifiers are removed before documentation exists.
The de-identification engine detects and removes names, phone numbers, addresses, dates of birth, and other identifying information from clinical artifacts. Configurable redaction policies let clinicians choose between Standard and Strict modes. Every redaction event is logged.
- Detects and removes names, phone numbers, addresses, and DOB
- Configurable redaction policies: Standard and Strict modes
- De-identification reports for every processed artifact
- Redaction audit events logged immutably
- Applied before documentation is finalized or stored
Not everyone sees everything.
PHI masking is role-scoped. Staff members only see the data their role requires. Masking is enforced server-side — not through CSS or front-end tricks. Accessing sensitive fields requires re-authentication.
- Role-scoped masking based on access level
- Server-side enforcement — not front-end hiding
- Re-authentication for sensitive field access
- Configurable masking rules per tenant
- Full audit trail for every unmasking event
Encrypted everywhere. Scanned on upload.
Encrypted everywhere. Keys managed in hardware.
All data in transit is protected by TLS 1.3. Data at rest is encrypted with AES-256. Encryption keys are managed through Hardware Security Modules (HSMs) — keys are generated, stored, and rotated in tamper-resistant hardware that never exposes raw key material to software.
- TLS 1.3 for all data in transit
- AES-256 encryption for all data at rest
- HSM-managed keys — tamper-resistant hardware
- Automatic key rotation on configurable schedule
- On-device encryption before network transmission
Every uploaded file is scanned.
Every file uploaded to Mediyn is quarantined and scanned for malware before it becomes accessible. Infected files are rejected and logged. No uploaded content reaches the platform without passing the scan.
- Automatic malware scanning on every upload
- Files quarantined until scan completes
- Infected files rejected and logged
- Scan results recorded in audit trail
- Zero-trust approach to user-uploaded content
Multi-layered. Role-scoped. Configurable.
Multi-layered access protection.
- MFA (TOTP and SMS) enforced at tenant level
- Trusted device management with remote revocation
- Token rotation and automatic session lockout
- Role-based access: therapist, admin, patient
- Brute-force protection and rate limiting
Periodic access reviews. Built in.
- Scheduled recertification campaigns
- Review and confirm or revoke user permissions
- Audit-ready recertification reports
- Automated reminders for pending reviews
- Supports compliance frameworks requiring periodic access reviews
Configurable at the tenant level.
- MFA enforcement policy (required, optional, or role-based)
- Configurable session timeout duration
- Password complexity requirements
- Device management and trusted device policies
- PHI masking rules configurable per role and data type
Every action. Every actor. Every timestamp. Permanent.
Every clinical action in Mediyn is recorded in an immutable audit log. Who did what, when, and to which record. The log is queryable, exportable, and cannot be modified or deleted by anyone — including system administrators.
Immutable log of all clinical and administrative actions
Records actor, action, target, and timestamp
Queryable and exportable for compliance reviews
Cannot be modified or deleted by any user or admin
Supports HIPAA audit requirements out of the box
7-year log retention for compliance and forensic review
Your evenings belong to you. Not your notes.
Join the therapists who stopped staying late for documentation and started focusing on what matters — their patients.
7-day free trial · Cancel anytime · 30-day money-back guarantee