
Privacy that starts on the device.
Most platforms ship raw session data to the cloud and promise to guard it there. Mediyn does the opposite: by default, PHI is identified and stripped on your device before anything uploads, so our servers see a de-identified note - and every document is labeled with where it was processed. Everything downstream - encryption, access, audit - is then built to the standard healthcare demands, not bolted on afterward.
HIPAA compliant · BAA included · SOC 2 Type II · 256-bit AES
How have you been feeling since we adjusted the medication?
Much better. My mother Sarah ChenNAME noticed I've been sleeping through the night. We moved to 142 Oak StreetADDRESS last month. Next check-in is March 15thDATE.
We can’t leak what we never receive.
The safest data is the data that never has to leave. By default, Mediyn’s redaction engine runs on the device, finding names, dates, addresses, and other identifiers in the raw session and replacing them with tokens before anything is uploaded. What lands on our servers is a de-identified clinical note - structurally complete, but not re-identifiable. In the rare case on-device processing isn’t available, the app falls back to a secure encrypted upload that is deleted once your notes are ready - and every document is labeled with exactly where it was processed. That’s a fundamentally smaller attack surface than ‘upload everything, secure it later.’
Five independent layers, not one wall.
A single safeguard is a single point of failure. Mediyn layers them: PHI stripped on device, TLS 1.3 in transit, AES-256 at rest with keys held in a hardware security module, role-based access with masking, and an immutable audit trail over all of it. Each layer is independently encrypted, independently audited, and independently configurable - so no one breach exposes the whole.
Every access, on the record.
Who opened which chart, who submitted a claim, who changed a role, when the system posted a payment - all of it is logged to a tamper-evident audit trail and retained for seven years. If you’re ever audited or have to investigate an incident, the answer isn’t ‘we think so’; it’s a record you can produce.
The right people. Nothing more.
Access is least-privilege by default and enforced with real controls: multi-factor authentication you can require across the whole team, role-based permissions that keep clinical and financial data apart, periodic access recertification so stale permissions don’t linger, and trusted-device registration so logins come from hardware you’ve approved.
Your privacy posture, your settings.
Compliance isn’t one-size-fits-all, so the controls are yours. Choose how aggressively the redaction engine masks identifiers, hide PHI in the interface for non-clinical roles, track consent per type with clean withdrawal, and set data retention to match your policy. Sensible defaults out of the box; adjustable when your practice needs something specific.
Built for healthcare from day one.
Mediyn is HIPAA compliant with a Business Associate Agreement included on every plan - not gated behind an enterprise tier. It’s SOC 2 Type II and supports No Surprises Act (Good Faith Estimate) obligations out of the box. The certifications and paperwork that hold up most clinical tools are simply part of the product here.
No training on your data. No selling it. Ever.
Your clients’ records exist to serve their care - nothing else. Mediyn doesn’t train models on your identifiable data, doesn’t sell or share it, and gives you a signed BAA that puts those commitments in writing. Trust here isn’t a tagline; it’s the contract.
Contact our security teamYour evenings belong to you. Not your notes.
Join the therapists who stopped staying late for documentation and started focusing on what matters - their clients.
7-day free trial · Full access · Cancel anytime