DyZen Med logo
DyZen Med Professional Peace of Mind
Login

Security & Compliance

DyZen Med is built for environments where accuracy, discretion, and professional responsibility matter.

Security and governance are designed into the platform from the start. DyZen Med supports high‑stakes medical and medical‑legal review workflows while preserving professional control and accountability.

DyZen Med is not a diagnostic or decision‑making system.
It is an assistive intelligence platform intended to support — not replace — the independent judgment of licensed professionals.

Data Handling

DyZen Med processes medical records to deliver the chart intelligence and IME workbench features requested by authorized professionals. Records are not used to train shared or public AI models and are not shared outside the intended workflow.

Where organizations handle PHI, processing is limited to approved, controlled paths and acceptance of the current Business Associate Agreement (BAA) is required before uploads can proceed in the platform.

DyZen Med is not a long-term medical record storage system.

Access Control

DyZen Med is designed for responsible use in professional workflows while remaining accessible to users with a lawful need to organize and review medical records.

Access is managed through secure authentication, with role-based controls and operational logging to support accountability and appropriate use.

DyZen Med enforces password security requirements including a minimum length of 10 characters and required uppercase, lowercase, and special-character complexity. Accounts created under older password standards may be required to update credentials at login before normal platform access is restored.

DyZen Med is hosted on AWS and uses modern transport security (TLS). Authentication events and admin actions are logged to support accountability.

Agreements, subprocessors, and AI processing

DyZen Med operates in a compliance-aligned environment for PHI: subprocessors are engaged under applicable agreements for qualifying processing. AI-assisted processing for supported features is configured to request minimal retention where supported for approved endpoints.

Administrative, billing, and upload flows respect the organization’s BAA state; chat and support messaging are not covered channels for PHI, and the service blocks content that appears to contain patient identifiers in those channels.

Compliance visibility

Organizations can review BAA and compliance status, view acceptance history, and download a point-in-time compliance report (PDF) from Profile → Compliance and Organization → Security & compliance in the application.

Professional Responsibility

All outputs generated by DyZen Med—including summaries, draft findings, opinion recommendations, and narrative drafts—are intended to assist licensed professionals in review and documentation workflows. AI-generated recommendations require physician review and acceptance before becoming part of the IME draft. Responsibility for interpretation, conclusions, and decision‑making remains with the professional user.

For additional security questions, contact info@dyzenmed.com.