Public evidence
Some controls are published as public summaries so patients, families, and care teams can review the basic operating model before upload or partner discussion.
Trust Center
MedDossier prepares records for review. It is not a doctor, diagnosis service, prescription service, emergency service, treatment advice service, formal second opinion, hospital recommendation service, or admission guarantee. Hospital or care-team sharing requires explicit authorization and controlled sharing. Trust evidence review is separate from production launch clearance.
Public controls
Records are prepared for the selected scope. Uploading records does not authorize external sharing, hospital contact, care-team sharing, or family updates.
Authorization template
Patient, exception QA, operations, translator, and hospital-facing views stay separated so each person sees the right part of the case.
Security controls
Deletion, correction, billing, and privacy concerns use a tracked request path instead of loose inbox follow-up.
Open request
Evidence Library
These pages separate public control summaries from materials that are available during partner/security review and items that are not yet published. They do not clear production launch gates or create institution approval.
Published summary
Show the public security model behind record preparation and controlled sharing.
Last updated: 2026-06-14
Available during partner/security review
Explain how subprocessor review is handled without inventing vendor names.
Last updated: 2026-06-14
Available during partner/security review
Clarify what is public about hosting and what requires partner review.
Last updated: 2026-06-14
Published summary
Make retention expectations reviewable without claiming a universal retention schedule.
Last updated: 2026-06-14
Published summary
Describe the review path for security or privacy incidents.
Last updated: 2026-06-14
Published summary
Explain machine-generated text, translation boundaries, and source traceability.
Last updated: 2026-06-14
Published summary
Show what API reviewers should expect before institution workflows go live.
Last updated: 2026-06-14
Published summary
Make the data request path visible before patients or partners upload records.
Last updated: 2026-06-14
Published summary
Explain what audit logs are meant to support without publishing sensitive event detail.
Last updated: 2026-06-14
Published summary
Give care teams a clear checklist before any live institutional workflow is approved.
Last updated: 2026-06-14
Some controls are published as public summaries so patients, families, and care teams can review the basic operating model before upload or partner discussion.
Some materials are available during partner/security/legal review because they depend on the proposed workflow, jurisdiction, or institution requirements.
These pages are for security and compliance review; formal cooperation still depends on agreements signed by both parties.
Data Lifecycle
This is the public control map for patients, families, hospitals, and care teams reviewing whether MedDossier is the right path.
Data type
Purpose: Route the case, prepare the packet, and keep the authorized contact informed.
Access: Patient or authorized contact, MedDossier case team.
Retention: Reviewed with the case record and request history.
Request path: Correction or deletion request
Data type
Purpose: Extract, translate, organize, and check source material for packet preparation.
Access: Authorized case team with role-limited access. Translators see structured source text, not raw files.
Retention: Configurable retention window after delivery unless a request or agreement changes it.
Request path: Deletion or access review
Data type
Purpose: Give the receiving hospital, coordinator, or care team a clearer first read.
Access: Patient, authorized contacts, and approved hospital or care team recipients.
Retention: Retained while delivery, sharing, and follow-up remain active.
Request path: Sharing or deletion review
Data type
Purpose: Show what changed, when links were created, and where follow-up is needed.
Access: MedDossier operations and authorized case viewers when relevant.
Retention: Kept with the case history for accountability and support.
Request path: Access or privacy concern
Routes
Different requests need different handling: patient uploads, care team reviews, and privacy questions each start from the path built for that work.
Start here when you want to understand what happens before uploading medical files.
Patient path
Review packet quality, API assets, retention expectations, and institution-specific questions before deciding whether MedDossier fits the program.
Care team path
Use one tracked form when a case needs deletion, correction, access review, billing review, or other follow-up.
Open request
Trust Library
The Trust Center keeps the high-level answer in one place, then links to the pages that carry the operating details.
Role separation, expiring share links, exception QA, and retention review.
What data is collected, how it is used, who can access it, and how requests work.
Deletion, correction, privacy, billing, and care team request paths.
Service boundaries and public terms for using MedDossier.
Answers before upload, delivery, care team review, and data requests.
OpenAPI, Postman, webhook, and FHIR handoff assets for care team review.
Next step
Start free check when the record path is clear. Use care team review when a team needs to evaluate packet quality, workflow fit, or integration readiness first.