PDI Med was designed from the start with one constraint: physicians must be able to trust it completely. Here is exactly how that trust is built, where your data lives, what we can and cannot access, and why using PDI Med is fully HIPAA compliant.
Your case records — full clinical detail, patient identity intact — are encrypted with AES-256-GCM before they leave your device. The encryption key is derived from your physician credentials and never transmitted to PDI Med. Our servers receive and store a ciphertext blob. We cannot read it. We cannot decrypt it. We cannot hand it to anyone.
That vault is stored on AWS infrastructure in a HIPAA-eligible environment — the same cloud environment used by major health systems, insurance companies, and federal health agencies. This is not a startup server in a co-location facility. It is enterprise-grade, audited, and contractually governed by AWS's HIPAA Business Associate Agreement with PDI Med.
Your data is also portable. You can export your complete vault at any time — every case, every note, every field — in a format you control. If you leave PDI Med, you leave with everything you put in. Nothing is held hostage.
One exception worth naming: the de-identified intelligence that flows into the GZIN — aggregate signals, population-level patterns, de-identified clinical assertions only — belongs to PDI Med. That's the trade. Your PHI stays encrypted and physician-controlled. The anonymized knowledge it generates funds the platform that protects it.
HIPAA compliance for a clinical intelligence platform comes down to two questions: where does PHI go, and who can access it? PDI Med's answers are architectural — baked into how data moves, not just what the privacy policy says.
Your full clinical records — patient name, date of birth, MRN, diagnosis, note content — are encrypted under your key and stored as ciphertext. PDI Med systems cannot access the plaintext. No PDI Med employee can read your cases.
When you choose to contribute a case to the GZIN collective intelligence layer, de-identification runs locally through five layers before anything leaves your device. The GZIN layer receives de-identified clinical assertions only — diagnoses, procedures, vitals, ABOG categories. No identifiers of any kind.
Your note goes through five layers of de-identification before anything reaches PDI Med's AI. What the AI receives is clinical language only — diagnosis, procedure, vitals, clinical reasoning — the same information you'd share in a grand rounds presentation. Patient name, date of birth, and medical record number are removed before transmission. You see and approve the de-identified output before it leaves your device. Evidence spans in every AI response prove exactly what was sent — the output is its own forensic record.
The de-identified clinical patterns, ABOG category distributions, and procedure classifications you contribute become part of PDI Med's collective knowledge base. We curate, protect, and use this intelligence to improve the guidance every physician on the platform receives. No individual physician's identity is traceable in it. The intelligence travels. The identity does not.
PDI Med signs a Business Associate Agreement (BAA) with institutional partners. As a physician, your use of PDI Med for ABOG case log collection is consistent with HIPAA's framework for clinical tools used by covered entities. You retain your own HIPAA obligations as a treating physician — PDI Med doesn't change them.
ABOG requires that your submitted case list use patient initials only — that's the HIPAA Safe Harbor de-identification standard (§164.514(b)). PDI Med generates your ABOG export in that format automatically. The file you export for ABOG is already de-identified. You don't have to do that work separately.
Spreadsheets are what physicians use when no better option exists. They are not HIPAA-compliant when they contain PHI and sit on an unencrypted personal laptop. They have no validation, no flags, no backup, no version history, and no export that matches ABOG's format. The file you build over 12 months is one hard drive failure away from gone.
Your full vault — every case, every field, every note — is encrypted and backed up automatically. When your laptop dies, your case log doesn't die with it.
21 intelligence flags fire at commit. Missing uterine weight, wrong category, absent GA — caught the day you log the case, when you still know where to find the answers.
An Excel file with patient names, dates, and diagnoses on an unencrypted personal laptop is a HIPAA exposure. PDI Med encrypts before storage. The vault is compliant. The spreadsheet wasn't.
Spreadsheets don't produce ABOG-format exports. PDI Med does. De-identified, board-formatted, all required fields included or flagged. Generated in 10 seconds. Ready to paste into ABOG's portal.
PDI Med does not connect to your EMR. There is no integration to configure, no IT department to engage, no institutional sign-off required. You paste a clinical note — H&P, operative note, office visit, delivery note, whatever you wrote for that patient — and the parser does the extraction.
This means PDI Med works with Epic, Cerner, Athena, eClinicalWorks, or any other system your institution uses. If you can copy text from a note, you can use PDI Med. There is no exception list. There is no waiting for your health system's IT roadmap.
Copy your clinical note. Paste into PDI Med. Parser extracts ABOG fields in ~20 seconds. Works with any EMR that can display a note as text.
We are actively working with EMR partners on contextual launch integrations that will reduce the copy-paste step entirely. You don't have to wait for this — the current workflow works now — but it's coming.
The AI Board Examiner is coming. See the full architecture →
Once your case list is built, you can practice defending it.
Your cases. A simulated ABOG oral board examiner. "Tell me about this patient." You present. "What else?" You add more. "What if she deteriorated?" "What if you're at a rural hospital?" "What does ACOG say about that?"
The examiner doesn't affirm you. It doesn't say "great answer." It asks "What else?" until you run out. That's the board format. That's what you're preparing for.
At the end: a structured debrief. Strengths. Gaps. The ACOG guideline you need to review. One board tactic specific to your session.
Board prep companies charge $300–500 for generic question banks. PDI Med gives you an examiner that knows your actual cases. Included. No extra charge.
Is using PDI Med HIPAA compliant?
Yes. Your vault contains PHI encrypted under your physician-controlled key — PDI Med cannot read it. Case log data passes through five layers of de-identification and physician preview before any transmission. The GZIN layer receives only de-identified clinical assertions — diagnoses, procedures, vitals — never patient identity. PDI Med operates as a Business Associate and signs BAAs with institutional partners. The architecture was designed specifically to meet HIPAA Safe Harbor requirements for clinical data tools.
Do I need hospital or institutional approval to use PDI Med?
PDI Med doesn't connect to your EMR, your hospital network, or any institutional system. You copy a clinical note and paste it into PDI Med. There is no IT integration, no network access, and no institutional approval required. If your institution has policies about external clinical tools, consult your compliance office — but PDI Med doesn't require any institutional touchpoint to function.
Can PDI Med see my patient data?
No. Your vault is encrypted with a key derived from your credentials. We receive and store a ciphertext blob — we cannot decrypt it, read it, or provide it to anyone. The only data PDI Med systems can access is de-identified clinical intelligence you explicitly choose to contribute to the GZIN layer, and even that goes through de-identification on your device first.
What happens to my data if I stop using PDI Med?
You can export your complete vault at any time — every case, every note, every field. Your data is yours. If you leave, you leave with everything. We do not hold data hostage or charge for export. Your case logs belong to you.
Is the ABOG export actually in the right format?
Yes. De-identified per HIPAA §164.514 (Safe Harbor — patient initials only). Formatted to ABOG case list field requirements. All required fields included or flagged as missing. The file you generate is the file you submit. No reformatting required.
What if I already started collecting in Excel?
Start using PDI Med from here forward. Log going-forward cases through the parser. You don't lose your prior work — you stop losing what comes next. Most attendings who switch mid-year wish they'd started on day one, but switching in month three is still significantly better than switching in month twelve.
What's the difference between the vault and the GZIN?
The vault is your encrypted personal clinical record — full PHI intact, accessible only to you. The GZIN is the collective intelligence layer — de-identified clinical assertions only, contributed with explicit per-case physician consent after five-layer de-identification and your verification. These are two separate, architecturally distinct systems. Participating in one does not require participating in the other.
PDI Med was built first for the physician facing their most acute problem: building a case log from scratch, under time pressure, with no tool designed to help them. That problem is specific to board eligibility. But the intelligence we are building is not.
None of this is available today. We are telling you now because the physicians who join as clinical faculty in the next 12 months will shape how this platform is designed. You won't be inheriting it. You'll be building it with us.
The platform does the analytical work before you arrive. Your 30 minutes is spent doing what you already do well — applying clinical judgment under pressure.
Every faculty member is interviewed before onboarding. Every session is rated — by the physician, and by the faculty member. The feedback is bidirectional and it informs everything.
No retainer. No minimum hours. Paid per completed session.
Payments via 1099 consulting agreement. Direct deposit within 7 days of session completion. Founding faculty receive a $500 onboarding bonus after completing their first 5 sessions.
The requirements are straightforward. The harder question — whether this is something you actually want to do — is what the interview is for.
We've described the surface here deliberately. The full picture — how the platform prepares your brief, what the AI board examiner session produces, what you'll see before every session, and how we've structured the technology so the analytical work is already done before you arrive — is shared with faculty after onboarding.
What we can say now: the prep work per session is minimal by design. We built the platform so that physicians like you spend their time doing what physicians do — not reading compliance reports or counting case log fields.
This is a short form, not a formal application. If it seems like a fit, we'll be in touch to schedule a conversation.
Applications open July 1.
This form will open for board-certified OB/GYN physicians on July 1, 2026. Stay connected →