Data Governance, Security & Clinical Safety Policy

1. Clinical Safety

Diagnosaur is intended for medical education, clinical reasoning support, and symptom pattern analysis. It is not a diagnostic device or treatment system.

Prohibited uses include emergency decision automation, autonomous diagnosis, direct treatment decisions, and replacing licensed medical professionals.

2. Data Governance Framework

Diagnosaur applies structured governance controls for data lifecycle management.

• Data classification: account, usage, clinical query, and diagnostic logs.
• Data minimization: only necessary data is collected.
• Access control: least-privilege access for authorized personnel only.
• Storage safeguards: secure storage and encryption where applicable.

3. Security Policy

Security controls may include access management, monitoring, vulnerability management, intrusion detection, and infrastructure hardening.

Users are responsible for safeguarding account credentials.

4. Data Retention

Data is retained only as required for service operation, security, model improvement, and legal compliance. Users may request deletion of eligible account data.

5. Incident Response

In case of a security event, Diagnosaur will identify, contain, investigate, and remediate the incident. Notifications are issued where legally required.

6. Research & Dataset Governance

Aggregated and anonymized platform data may be used for healthcare analytics, AI quality improvement, academic research, and clinical trend analysis.

Collaborations with research institutions, healthcare organizations, pharmaceutical companies, and technology partners are conducted under privacy and compliance safeguards.

7. Global Compliance Statement

Diagnosaur operates under Indian jurisdiction and aligns with international data protection and responsible AI principles where applicable.

8. Contact

Compliance and legal: legal@diagnosaur.com
Shakom Consulting Private Limited, Rajasthan, India.