Data protection

Your data, protected by design.

MedLens reviews some of the most sensitive documents your organisation produces. Here is exactly how we keep them safe — and the controls you keep.

Principles

Built for confidential, regulated data.

Not used to train AI

Your documents and references are used only to produce your review — never to train or improve any model — and we retain only the minimum data required under our data policy.

Encrypted in transit and at rest

All data is encrypted on the wire and in storage using industry-standard encryption.

On-premise or private cloud

Deploy MedLens fully inside your own network, so documents never leave your infrastructure.

Least-privilege access

Role-based access controls and audit logging. Only the people you authorise can see your documents.

You control retention

Decide how long documents and outputs are kept, and delete them on demand. We do not retain what you do not want kept.

DPDP- and HIPAA-ready

Built to support India's DPDP Act 2023 and HIPAA obligations. DPA and BAA available on request.

Deployment

Cloud or fully inside your network.

Choose the model that fits your risk posture. The review is identical either way.

SaaS (managed)

We host MedLens. Fastest to start, with no infrastructure to manage.

  • Isolated, access-controlled processing
  • Encrypted in transit and at rest
  • Configurable retention and deletion
  • Data never used to train models

On-premise / private cloud

MedLens runs inside your environment. Documents never leave your network.

  • Deployed in your VPC or data centre
  • Your keys, your storage, your controls
  • No external data egress required
  • Ideal for regulated and high-sensitivity work
Data lifecycle

What happens to a document.

  1. Upload

    You upload the document and references over an encrypted connection.

  2. Review

    MedLens processes the file in an access-controlled environment to generate the issue matrix.

  3. Deliver

    You download the Excel and PDF output. Results are available only to authorised users.

  4. Delete

    Documents and outputs are retained only as long as you choose, then permanently deleted.

Compliance

Ready for your security review.

MedLens is built to support India's DPDP Act 2023 and HIPAA obligations. A Data Processing Agreement (DPA) and Business Associate Agreement (BAA) are available on request, along with security documentation to support your due diligence.

Talk to our team Request DPA / BAA

See MedLens on your own documents.

Book a 30-minute demo and watch MedLens review a document you actually care about.

Request a demo See a demo