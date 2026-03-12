AIS confirms no material gaps across all three privacy frameworks, making Psynth the only report writing platform for psychologists in Canada and the UK/EU.

TULSA, OK, UNITED STATES, March 12, 2026 /EINPresswire.com/ -- Psynth, Inc., the AI-native platform built to help automate the psychological report workflow, today announced the successful completion of independent compliance assessments across HIPAA, PIPEDA, and GDPR, all conducted by Assured Information Solutions LLC (AIS), an accredited third-party cybersecurity and privacy firm. All three assessments returned findings of no material gaps or deficiencies, effective as of March 2026.

For clinical psychologists, neuropsychologists, forensic psychologists and practice owners handling sensitive patient data, these certifications answer the question that matters most before adopting any AI platform: Can I trust this with my patients' most private information? The answer, now independently verified: yes.

What Was Assessed and What It Means

Each framework was evaluated independently against Psynth's infrastructure, policies, and practices. The assessments cover the three largest clinical markets Psynth serves:

HIPAA (United States)

Psynth operates as a Business Associate under HIPAA, executing signed BAAs with every customer before platform access is granted. PHI is never used to train machine learning models, and zero data retention is maintained on LLM servers. The assessment confirmed full alignment with the HIPAA Security Rule (45 CFR Part 164 Subpart C) and Breach Notification Rule, including:

TLS 1.2+ encryption in transit and at rest

MFA and role-based access controls (least privilege)

AWS CloudWatch logging and GuardDuty intrusion detection

Breach notification SLA for all customers

Annual access reviews, workforce security training, and documented contingency planning

All subcontractors with PHI access subject to BAAs

PIPEDA (Canada)

Psynth operates as an Agent and Electronic Service Provider (ESP) of licensed Health Information Custodians (HICs) under Canadian privacy law. All ten Fair Information Principles under Schedule 1 of PIPEDA were reviewed and confirmed aligned, including accountability, consent management, limiting collection and use, accuracy, safeguards, and individual access. Additionally:

PHI is not used to train ML models; analytics run only on de-identified, aggregated data

90-day deletion cycle post-contract termination

Cross-border processing disclosed in accordance with Office of the Privacy Commissioner of Canada guidance

Canadian data residency underway for Ontario

GDPR (United Kingdom & European Union)

Psynth operates as both a Data Processor (handling patient data on behalf of medical provider customers) and a Data Controller (for its own operational data). Health data, classified as special category under Article 9, is processed exclusively as a Data Processor under documented controller instructions. Governance includes:

Data Processing Agreements (DPAs) with all customers

Designated Data Protection Officer (DPO) and maintained Record of Processing Activities (ROPA)

Data Subject Request (DSR) procedures with 72-hour acknowledgment and 30-day completion

Standard Contractual Clauses (SCCs) for international data transfers

Security practices aligned with ISO/IEC 27001:2022

Territorial scope confirmed under GDPR Article 3(2) for EEA operations



"Psychologists are adopting AI faster than regulatory guidance can keep up. We made a deliberate decision early on to earn compliance before we needed it, not because regulators forced us to, but because our clinicians deserve a platform that protects their patients as rigorously as they do. These three certifications are the proof. We are extremely excited to serve our neighbors to the north as well as our neighbors across the pond."

Stephen Stearman, CEO & Co-Founder, Psynth



Why This Matters for Psychologists

Demand for psychological assessments has reached historic levels. Waitlists that once stretched weeks now stretch months, and clinicians are spending up to 40% of their clinical hours writing reports rather than seeing patients.

Psynth was built to solve this. The platform transforms raw clinical data including handwritten notes, test scores, and PDFs, into PhD-smart diagnostic drafts in minutes. But the promise of faster reports means nothing if the platform handling that data can't be trusted.

These certifications close that gap. Psychologists in private practice, group practices, hospital systems, and academic settings across the US, Canada, and UK/EU can now adopt Psynth with the confidence that comes from independently verified compliance.

The Clinician Is Always in the Loop

Psynth does not replace the psychologist. The platform surfaces patterns, organizes assessment data, and generates structured draft language, but clinical judgment, diagnostic conclusions, and final reports remain entirely in the hands of the licensed professional. The AI amplifies the clinician. It does not replace them.

This architecture is reflected in the compliance design: Psynth's role under each framework (Business Associate, Agent/ESP, Data Processor) is explicitly that of a platform in service of the clinician, not an independent decision-maker.

Availability and Documentation

Psynth is available to licensed psychologists and practice owners in the United States, Canada, and the United Kingdom and European Union. Compliance documentation, DPAs, BAAs, and subprocessor disclosures are available at: https://psynth.ai/legal

Security inquiries: support@psynth.ai

For clinicians ready to reclaim their time: Book a demo at psynth.ai



About Psynth:

Psynth is an AI-native platform purpose-built to automate the psychological report creation workflow. Designed for psychologists and assessment professionals, Psynth transforms raw clinical data, including handwritten notes, test scores, and structured assessments, into PhD-smart diagnostic drafts in minutes. Psynth is HIPAA, PIPEDA, and GDPR compliant, with all certifications independently verified by Assured Information Solutions LLC. The platform is available in the United States, Canada, and the UK/EU. Learn more at psynth.ai.

About Assured Information Solutions LLC:

Assured Information Solutions LLC (AIS) is an accredited cybersecurity and privacy assessment firm specializing in regulatory compliance for healthcare technology companies. AIS conducted independent assessments of Psynth against HIPAA, PIPEDA, and GDPR frameworks in 2026.



