Built for clinical data. No shortcuts.
Encryption, zero-trust access, audit logging, and three distinct AI privacy modes so you choose where your data goes.
Nothing is kept longer than it must be. Audio is deleted 24 hours after the consultation. Retention for transcripts and notes follows your policy — configurable per clinic, per record type.
Three tiers. Honest wording.
Cloud AI
Records on MediScribe infrastructure. AI via enterprise LLM provider under DPA (no training use). Audio auto-deleted after 24 hours.
Local AI
Records on MediScribe servers. AI inference runs entirely on your device. No third-party AI ever processes your audio.
Self-Hosted
Entire MediScribe stack on your infrastructure. Your servers, database, AI runtime. We ship the software.
Three layers, zero plaintext.
Records are encrypted on the device, in transit, and at rest — with keys that rotate on schedule and retire on schedule.
AES-256 Encryption
All data encrypted at rest (AES-256-GCM) and in transit (TLS 1.3). BYOK supported on enterprise tier.
Encrypted in transit
All connections use TLS 1.3 with modern cipher suites only. There is no plaintext hop — not between the app and the API, not between internal services.
Key lifecycle, enforced
Envelope encryption with a hardware-backed root key. Data keys rotate every 90 days; retired epochs are destroyed, not archived.
Every access, on the record.
Least-privilege roles, authenticated calls, and an append-only audit log that even administrators can't rewrite.
Zero-Trust Access
Every API call and every database query is authenticated and authorized. Role-based access control. No trust by network location.
Multi-Factor Authentication
TOTP and hardware-key MFA for all clinical users. Biometric unlock on mobile. Configurable session timeouts.
Audit Logging
Forensic-level logging of every interaction with a patient record. 5-year retention. Tamper-evident.
Standards, as configuration.
The controls above map directly onto the frameworks your regulators ask about — not as an afterthought, as architecture.
HIPAA ready
Administrative, physical, and technical safeguards mapped to the HIPAA Security Rule. Encryption, access control, and audit are defaults, not add-ons.
NOM-004-SSA3-2012
Support for regional clinical-record standards like Mexico's NOM-004: required note structure, clinician identification, and signature fields are native to every generated note.
Encryption standards
AES-256-GCM at rest, TLS 1.3 in transit, SHA-256 for integrity chains, and BYOK on the enterprise tier. Cipher suites are pinned — downgrades are refused, not negotiated.
Need more detail?
We produce security briefs on request, tailored to your regulator and your architecture questions.