Security & privacy

Security-first healthcare design

DDxHelper is built with the security, privacy, and operational expectations of healthcare buyers in mind. We make security a first-class part of how we design, build, and ship.

Encryption in transit and at rest

Audio, transcripts, and documentation are encrypted in transit and at rest with strong key management.

Access control

Role-based access aligned to clinical responsibilities and least-privilege defaults.

Audit logging

Detailed event logging supports oversight, review, and incident response.

Tenant-aware SaaS architecture

Customer environments are logically separated to support enterprise governance needs.

No PHI on public site

This marketing website never collects or processes protected health information.

Security in the SDLC

Security review is built into our development lifecycle, not bolted on at the end.

Responsible AI in healthcare

AI that supports — not replaces — clinical judgment

DDxHelper is intentionally designed so that the provider remains the decision maker. The platform surfaces drafts and suggestions; clinicians review, edit, and approve.

  • Outputs are drafts and suggestions, not final clinical decisions
  • Provider review and approval is required in workflow
  • Designed with transparency about what the AI produced
  • Clinical decisions remain with the licensed provider

Provider in the loop

Drafts and suggestions only — provider review is required.

Transparent outputs

Designed to make clear what the AI generated vs. what the provider authored.

Clinical judgment first

DDxHelper assists; the licensed clinician decides.

Marketing site privacy

No PHI on this public website

The DDxHelper public marketing site does not collect protected health information. The SaaS application — including authenticated workflows, encounter management, and anything involving PHI — lives separately at https://portal.ddxhelper.com.

Compliance-aware design

A note on certifications and language

Designed with HIPAA-aligned security and privacy principles. We intentionally do not claim formal certifications (e.g. HIPAA-certified) on this site until they are explicitly in place. We use careful, accurate language that reflects how DDxHelper is built and operated today.

Want a deeper conversation on security?

We're happy to walk your security and compliance team through our architecture, controls, and roadmap.

An unhandled error has occurred. Reload 🗙

Rejoining the server...

Rejoin failed... trying again in seconds.

Failed to rejoin.
Please retry or reload the page.

The session has been paused by the server.

Failed to resume the session.
Please retry or reload the page.