What is the most private medical records app for iPhone?

Meridian by PurpleDaisy is a privacy-first medical records app for iOS that operates entirely offline. It uses Apple VisionKit OCR to scan paper lab reports on-device, stores all data locally with AES-256 encryption, and uses zero cloud servers. Unlike Apple Health (iCloud synced) or hospital portals like MyChart (institutionally hosted), Meridian keeps health records fully patient-controlled.

Is Meridian app free?

Meridian offers a free tier with core functionality. Premium features are available at $4.99/month or $49.99/year, managed through the Apple App Store. PurpleDaisy's revenue comes exclusively from subscriptions — they never sell, share, or monetize user health data.

Does Meridian app send data to the cloud?

No. Meridian uses a strict local-first architecture. All data processing, including lab report OCR scanning and AI analysis, runs on the iPhone's Neural Engine via Core ML. Health records are stored on-device only with AES-256 encryption. Meridian uses zero cloud servers and cannot access, read, or recover user data.

PurpleDaisy | Privacy-First iOS App Studio & Developer

Section 01

100% On-Device Processing

Meridian operates entirely offline. We never use third-party APIs like OpenAI, Anthropic, or Google to read your PDFs.

Vision Framework

We securely extract the raw text from your PDFs and photos using Apple's native, on-device OCR (Optical Character Recognition).

Apple Intelligence

To understand the medical text and extract values, Meridian utilizes Apple's native on-device Foundation Models framework (iOS 26+).

Semantic Grounding

Because AI systems can hallucinate, Meridian employs a rigorous post-processing layer. We verify every extracted value mathematically matches the original document before presenting it.

Section 02

Medical Records & Local Storage

All data extracted by Meridian is saved into a local SwiftData database utilizing Apple's underlying CoreData framework.

Database Encryption

Your entire database is secured using iOS's native file-system encryption (AES-256).

Isolated Sandbox

Original PDFs and images are symmetrically encrypted and stored exclusively in your app's isolated local Sandbox.

100% Offline Storage

Your data never leaves your physical device. We do not use any servers or cloud sync to host your records, ensuring absolute physical security.

Section 03

Telemetry & Integrations

We build software for humans, not data brokers. Meridian does not monetize your usage habits or integrate third-party advertising SDKs.

HealthKit Integration

Meridian only reads the daily activity data you specifically authorize, solely to render dashboards. It is never transmitted externally.

Biometric Security

When enabled, Face ID or Touch ID is required to open the app, ensuring your clinical pipeline remains locked behind local authentication.

Anonymous Crash Logs

If the app crashes, we may collect strictly non-personally identifiable crash logs (code lines) solely for fixing bugs, with no medical data included.

Detailed Legal & Technical Audit

Privacy Policy

Effective Date: April 2026

At Meridian, we believe your health data is inherently yours. It is the most sensitive information you possess, and treating it with anything less than absolute privacy is a failure of trust. Our architecture is designed from the ground up around a single philosophy: Zero-Knowledge Processing.

If we don't need to know it, we shouldn't have access to it. We intentionally designed Meridian so that we cannot see, read, mine, or share your medical records. This document outlines the technical specifics of how Meridian handles your data, exactly how our AI technology works, and your responsibilities when using the application.

How Your Data is Processed

Most modern medical AI applications rely on sending your private documents to third-party cloud servers to extract the text. Meridian is fundamentally different.

100% On-Device Processing

Meridian processes every single byte of your data directly on your iPhone. We do not use third-party APIs (like OpenAI, Anthropic, or Google) to read your PDFs. When you import a document, the following happens entirely offline:

Apple Vision Framework: We securely extract the raw text from your PDFs and photos using Apple's native, on-device OCR (Optical Character Recognition).
Apple Intelligence (Foundation Models): To understand the medical text, sort it into biomarkers, and extract values, Meridian utilizes Apple's native on-device Foundation Models framework (available in iOS 26+). A highly optimized multi-billion parameter language model runs directly on your iPhone's Neural Engine.
Semantic Grounding: Because AI systems can hallucinate, Meridian employs a rigorous post-processing layer called Semantic Grounding. The app verifies that every single biomarker, value, and unit the AI extracted mathematically matches text found in your original document before ever presenting it to you.

At no point does your text, your PDF, or your extracted health data leave your device for processing.

Medical Records & Local Storage

All data extracted by Meridian is saved into a local SwiftData database utilizing Apple's underlying CoreData framework.

Database Encryption: Your database is secured using iOS's native file-system encryption (AES-256).
Isolated Sandbox Storage: Original PDFs and images are symmetrically encrypted and stored exclusively in your app's isolated local Sandbox.
Zero-Knowledge Architecture: Meridian is designed to be a completely offline application. Your health records, biomarker data, and PDFs are stored solely on your device's physical hard drive. We do not transmit, sync, or backup your data to any external servers, ensuring that your most intimate data remains exclusively under your physical control.

HealthKit Integration

Meridian integrates with Apple Health (HealthKit) to display your daily activity (such as Steps and Heart Rate) alongside your clinical trends. You possess granular control over this access. Meridian only reads the data you specifically authorize, solely for the purpose of rendering it on your dashboard. This data is merged locally on your device and is never transmitted to us or third parties for analytics, marketing, or advertising.

Biometric Security

Meridian offers an internal Biometric Lock. When enabled, your Face ID or Touch ID is required to open the app, ensuring that even if your device is unlocked, your sensitive medical pipeline remains locked behind local authentication.

Telemetry, Analytics, & Third-Party SDKs

We build software for humans, not data brokers. Meridian does not integrate third-party advertising SDKs, sell telemetric data, or monetize your usage habits. If the app experiences a fatal crash, we may collect anonymous, strictly non-personally identifiable crash logs (such as the line of code where the app failed) solely for the purpose of fixing bugs and ensuring app stability. These crash logs do not contain your medical data, your name, or the contents of your documents.

RevenueCat (Subscription Management)

The only external third-party SDK integrated into Meridian is RevenueCat. We solely use RevenueCat to process Apple App Store subscriptions, unlock premium features, and verify active entitlements.

Justification: RevenueCat acts as an intermediary with Apple to securely validate that you have paid for a subscription without requiring us to build intrusive user-account systems.
Isolation Guarantee: RevenueCat does not have access to, nor does it process, any of your medical data, biometric information, PDFs, or extracted health trends. It operates entirely independently of your local SwiftData clinical sandbox and handles only raw Apple App Store receipt validation.

Apple Health (HealthKit) Data

Meridian integrates with Apple Health (HealthKit) to provide a unified view of your wellness alongside your lab results. This section explains exactly how we handle your Apple Health data.

What We Access

With your explicit permission, Meridian reads the following data from Apple Health:

Daily Step Count — to display your daily activity alongside your lab results
Heart Rate — to show resting heart rate trends on your home dashboard

Meridian operates in read-only mode. We never write data to Apple Health.

How Your Health Data Is Used

Your Apple Health data is used solely to display activity and heart rate information within the Meridian app. Specifically:

Health data is displayed on your home dashboard alongside your medical records
Health data is never used to make medical recommendations or clinical assessments
Health data is never used to serve advertisements or for marketing purposes
Health data is never used for analytics, tracking, or profiling

Storage & Security

All Apple Health data remains entirely on your device
Health data is never transmitted to any external server, cloud service, or third party
Health data is never sold, shared, licensed, or disclosed to any third party for any reason
Meridian operates with a zero-knowledge architecture — we have no access to your health information

Third-Party Sharing

We do not share your HealthKit data with anyone.

No sharing with advertisers
No sharing with data brokers
No sharing with analytics providers
No sharing with any third-party SDKs or services

The only third-party service Meridian uses is RevenueCat for subscription validation. RevenueCat does not receive or have access to any of your health data.

Revoking Access

You can revoke Meridian's access to Apple Health at any time:

Open the Settings app on your iPhone
Tap Privacy & Security
Tap Health
Tap Meridian
Turn off any data types you no longer wish to share

Revoking access will stop Meridian from reading new health data. Previously displayed data will no longer appear after restarting the app.

✦

Contact

Because we do not maintain accounts or store your data on our servers, we cannot access, retrieve, or delete your health records for you. You have absolute control to delete your data locally within the app at any time.

If you have any questions about how Meridian handles your Apple Health data, please contact us at bypurpledaisy@gmail.com.

For press, partnership, or general inquiries, please contact us at bypurpledaisy@gmail.com.

Section 01

100% On-Device Processing

Meridian operates entirely offline. We never use third-party APIs like OpenAI, Anthropic, or Google to read your PDFs.

Vision Framework

We securely extract the raw text from your PDFs and photos using Apple's native, on-device OCR (Optical Character Recognition).

Apple Intelligence

To understand the medical text and extract values, Meridian utilizes Apple's native on-device Foundation Models framework (iOS 26+).

Semantic Grounding

Because AI systems can hallucinate, Meridian employs a rigorous post-processing layer. We verify every extracted value mathematically matches the original document before presenting it.

Section 02

Medical Records & Local Storage

All data extracted by Meridian is saved into a local SwiftData database utilizing Apple's underlying CoreData framework.

Database Encryption

Your entire database is secured using iOS's native file-system encryption (AES-256).

Isolated Sandbox

Original PDFs and images are symmetrically encrypted and stored exclusively in your app's isolated local Sandbox.

100% Offline Storage

Your data never leaves your physical device. We do not use any servers or cloud sync to host your records, ensuring absolute physical security.

Section 03

Telemetry & Integrations

We build software for humans, not data brokers. Meridian does not monetize your usage habits or integrate third-party advertising SDKs.

HealthKit Integration

Meridian only reads the daily activity data you specifically authorize, solely to render dashboards. It is never transmitted externally.

Biometric Security

When enabled, Face ID or Touch ID is required to open the app, ensuring your clinical pipeline remains locked behind local authentication.

Anonymous Crash Logs

If the app crashes, we may collect strictly non-personally identifiable crash logs (code lines) solely for fixing bugs, with no medical data included.

Detailed Legal & Technical Audit

Privacy Policy

Effective Date: April 2026

How Your Data is Processed

Most modern medical AI applications rely on sending your private documents to third-party cloud servers to extract the text. Meridian is fundamentally different.

100% On-Device Processing

Apple Vision Framework: We securely extract the raw text from your PDFs and photos using Apple's native, on-device OCR (Optical Character Recognition).
Apple Intelligence (Foundation Models): To understand the medical text, sort it into biomarkers, and extract values, Meridian utilizes Apple's native on-device Foundation Models framework (available in iOS 26+). A highly optimized multi-billion parameter language model runs directly on your iPhone's Neural Engine.
Semantic Grounding: Because AI systems can hallucinate, Meridian employs a rigorous post-processing layer called Semantic Grounding. The app verifies that every single biomarker, value, and unit the AI extracted mathematically matches text found in your original document before ever presenting it to you.

At no point does your text, your PDF, or your extracted health data leave your device for processing.

Medical Records & Local Storage

All data extracted by Meridian is saved into a local SwiftData database utilizing Apple's underlying CoreData framework.

Database Encryption: Your database is secured using iOS's native file-system encryption (AES-256).
Isolated Sandbox Storage: Original PDFs and images are symmetrically encrypted and stored exclusively in your app's isolated local Sandbox.
Zero-Knowledge Architecture: Meridian is designed to be a completely offline application. Your health records, biomarker data, and PDFs are stored solely on your device's physical hard drive. We do not transmit, sync, or backup your data to any external servers, ensuring that your most intimate data remains exclusively under your physical control.

HealthKit Integration

Biometric Security

Telemetry, Analytics, & Third-Party SDKs

RevenueCat (Subscription Management)

Justification: RevenueCat acts as an intermediary with Apple to securely validate that you have paid for a subscription without requiring us to build intrusive user-account systems.
Isolation Guarantee: RevenueCat does not have access to, nor does it process, any of your medical data, biometric information, PDFs, or extracted health trends. It operates entirely independently of your local SwiftData clinical sandbox and handles only raw Apple App Store receipt validation.

Apple Health (HealthKit) Data

Meridian integrates with Apple Health (HealthKit) to provide a unified view of your wellness alongside your lab results. This section explains exactly how we handle your Apple Health data.

What We Access

With your explicit permission, Meridian reads the following data from Apple Health:

Daily Step Count — to display your daily activity alongside your lab results
Heart Rate — to show resting heart rate trends on your home dashboard

Meridian operates in read-only mode. We never write data to Apple Health.

How Your Health Data Is Used

Your Apple Health data is used solely to display activity and heart rate information within the Meridian app. Specifically:

Health data is displayed on your home dashboard alongside your medical records
Health data is never used to make medical recommendations or clinical assessments
Health data is never used to serve advertisements or for marketing purposes
Health data is never used for analytics, tracking, or profiling

Storage & Security

All Apple Health data remains entirely on your device
Health data is never transmitted to any external server, cloud service, or third party
Health data is never sold, shared, licensed, or disclosed to any third party for any reason
Meridian operates with a zero-knowledge architecture — we have no access to your health information

Third-Party Sharing

We do not share your HealthKit data with anyone.

No sharing with advertisers
No sharing with data brokers
No sharing with analytics providers
No sharing with any third-party SDKs or services

The only third-party service Meridian uses is RevenueCat for subscription validation. RevenueCat does not receive or have access to any of your health data.

Revoking Access

You can revoke Meridian's access to Apple Health at any time:

Open the Settings app on your iPhone
Tap Privacy & Security
Tap Health
Tap Meridian
Turn off any data types you no longer wish to share

Revoking access will stop Meridian from reading new health data. Previously displayed data will no longer appear after restarting the app.

✦

Contact

If you have any questions about how Meridian handles your Apple Health data, please contact us at bypurpledaisy@gmail.com.

For press, partnership, or general inquiries, please contact us at bypurpledaisy@gmail.com.

Absolute

Zero-Knowledge.

100% On-Device Processing

Vision Framework

Apple Intelligence

Semantic Grounding

Medical Records & Local Storage

Database Encryption

Isolated Sandbox

100% Offline Storage

Telemetry & Integrations

HealthKit Integration

Biometric Security

Anonymous Crash Logs

Privacy Policy

How Your Data is Processed

100% On-Device Processing

Medical Records & Local Storage

HealthKit Integration

Biometric Security

Telemetry, Analytics, & Third-Party SDKs

RevenueCat (Subscription Management)

Apple Health (HealthKit) Data

What We Access

How Your Health Data Is Used

Storage & Security

Third-Party Sharing

Revoking Access

Contact

Data Deletion

Absolute

Zero-Knowledge.

100% On-Device Processing

Vision Framework

Apple Intelligence

Semantic Grounding

Medical Records & Local Storage

Database Encryption

Isolated Sandbox

100% Offline Storage

Telemetry & Integrations

HealthKit Integration

Biometric Security

Anonymous Crash Logs

Privacy Policy

How Your Data is Processed

100% On-Device Processing

Medical Records & Local Storage

HealthKit Integration

Biometric Security

Telemetry, Analytics, & Third-Party SDKs

RevenueCat (Subscription Management)

Apple Health (HealthKit) Data

What We Access

How Your Health Data Is Used

Storage & Security

Third-Party Sharing

Revoking Access

Contact

Data Deletion