Trust & Security

Security & Compliance

Built on a GDPR-compliant stateless architecture where personal health data never touches disk. Every design decision prioritizes data protection without sacrificing performance.

Stateless Processing

No personal health data is stored at any point. All data is processed entirely in-memory and returned immediately in the API response. Zero data retention by design.

Rate Limiting

Configurable request throttling per API key with sliding window counters. Prevents abuse and ensures fair resource allocation across tenants.

Security Headers

Content Security Policy, HSTS with preload, X-Frame-Options DENY, X-Content-Type-Options, and Referrer-Policy headers on every response.

Network Policies

Kubernetes NetworkPolicy manifests for pod-level isolation. Ingress and egress rules ensure only authorized traffic reaches the service.

Authentication

API key authentication using timing-safe comparison to prevent timing attacks. Keys are validated on every request with constant-time equality checks.

Structured Logging

JSON-formatted structured logs ready for SIEM ingestion. Correlation IDs, request metadata, and audit trails without any personal data leakage.

Data Flow

How Your Data Moves

From upload to response, data exists only in memory. No intermediate storage, no temporary files, no database writes.

Upload

PDF or image sent via API

In-Memory Processing

Extraction, parsing, LOINC mapping

Structured Response

FHIR R4 JSON returned

Zero data retention. Personal health data never touches disk. All processing is ephemeral and stateless.

Self-Hosted AI

Self-Hosted AI Models — Complete Data Control

Every AI component in MedExtract is built, trained, and deployed within your infrastructure. No patient data ever touches an external server.

Architecture Comparison

MedExtract

Your Infrastructure

API Server

AI Models

OCR Engine

Data inResults out

No external connections required

Cloud OCR Providers

Your Server

Your Application

Patient data sent externally

Third-Party Cloud OCR API

Why Self-Hosted AI Matters for Healthcare

All AI models are developed and trained in-house by our engineering team

No data is ever sent to OpenAI, Google, AWS, or any third-party API

Models run entirely within your infrastructure — Docker, Kubernetes, or bare metal

Full source code audit available for Enterprise customers

GDPR Article 28 compliant — no sub-processors involved in data processing

MedExtract vs Cloud OCR APIs

FeatureMedExtractCloud APIs

Patient data stays local

Always

Sent to cloud

Proprietary AI models

In-house

Third-party

Zero external API calls

Guaranteed

Required

On-premise deployment

Full support

Cloud only

GDPR Art. 28 compliant

By design

Varies

Standards

Standards Compliance

Built on healthcare interoperability standards to ensure compatibility with existing clinical systems.

FHIR R4

Output conforms to HL7 FHIR R4 specification with DiagnosticReport and Observation resources.

LOINC

8,400+ test name aliases mapped to standardized LOINC codes through an advanced matching algorithm.

UCUM

All units are normalized to the Unified Code for Units of Measure with analyte-specific conversion factors.

GDPR Compliant

Designed for GDPR compliance with zero data retention, stateless processing, and in-memory-only data handling.

Questions about security?

Read our technical documentation or reach out to discuss your compliance requirements.

Security Docs Contact Us