How do insurance denial appeals work?

Upload your denial letter and Lysco analyzes it, identifies the denial reason, cites applicable laws (ACA, ERISA, state regulations), and generates a customized appeal letter. You review and submit it yourself.

Can Lysco predict my appeal result?

Appeal outcomes vary by plan, facts, and documentation. Public data shows consumers rarely appeal denied claims and many denials involve administrative or plan-design issues. Lysco helps users understand the denial, prepare the paperwork, and decide what to do next; it does not predict results.

Is Lysco a law firm or medical practice?

No. Lysco is an informational tool that helps you understand your rights and options. It is not a law firm, medical practice, or insurance company. For specific legal or medical situations, consult a licensed professional.

How much does Lysco cost?

EOB translation is always free and you get one free document analysis and one free appeal letter. Per case: $29 for a denial appeal, medical bill review, or surprise bill dispute. Or upgrade to Pro ($29/mo) or Annual ($199/year) for unlimited everything across all five pillars including the prior authorization helper. Cancel anytime.

Is my health data secure on Lysco?

Yes. Lysco uses AES-256 encryption at rest, TLS for data in transit, and row-level security so only you can access your data. We never sell your data and follow HIPAA-aligned security practices.

Security & Privacy

Your health data needs strong protection

Lysco handles sensitive health information. Here is how we protect your data.

Bank-level

Encryption

TLS 1.3

Transport

Database-enforced

User isolation

6 years

Backups

Auto-hidden

Personal info

Multi-layer

Input checks

SOC 2 certified

Hosting

US only

Data location

Your files are locked like a bank vault

AES-256-GCM encryption with key rotation

Every document you upload is scrambled using the same encryption banks use for your account. Only your logged-in session can unlock it. Even if someone stole the raw data, it would look like random noise.

Nobody can see another user’s records

Database-enforced Row-Level Security

The database itself refuses to return your files to anyone except you. That rule is enforced at the deepest layer — so even if a bug slipped into our code, your data stays isolated from every other user.

No employee reads your documents

Automated AI processing by default

Your uploads are read by AI, not people. Lysco staff cannot open your files unless you ask us for help and explicitly grant access. That access is time-limited, logged, and revoked automatically.

Every access is logged

HIPAA-aligned audit trails

We record who touched your data, when, and why — so there’s a full trail. Our practices follow the same rules hospitals follow for your medical records.

Personal info is automatically hidden

PHI detection + redaction

Before anything gets logged, we strip out Social Security numbers, dates of birth, member IDs, phone numbers, emails, and credit cards. That way your personal details never end up in our system logs.

Bad inputs are blocked before they reach AI

Input validation + injection prevention

Everything you type or upload is checked for shape, size, and safety. Attempts to trick the AI or sneak in malicious instructions are blocked before processing.

Hosted on US servers with SOC 2 security

SOC 2 Type II, HIPAA-eligible infrastructure

Lysco runs on infrastructure that’s independently audited against the same security standard major banks and hospitals use. All data stays inside the United States.

Protected from abuse and bot attacks

Multi-strategy rate limiting

We cap how many requests any one person or IP address can make per minute. That stops brute-force login attacks and keeps the service fast for real users.

Every analysis is double-checked

Built-in accuracy verification

Before you see your report, our system checks the legal citations, the deadlines, and the reasoning for errors. You also see a clear disclaimer: Lysco is information, not legal or medical advice.

Our commitments to you

We never sell your data

Your health information is never sold or shared with advertisers.

You can delete your data

Request full data deletion anytime from settings.

We log all access

Access to your data is logged with an audit trail.

AI outputs are not training data

Your documents are not used to train models.

Clear limitations

Lysco is informational only, not a law firm or medical practice.

Emergency access controls

Emergency access requires strict approval and logging.

Privacy summary

We never sell your personal or health data to anyone.

Your uploaded documents are encrypted and stored securely in isolated storage.

Document analysis happens in-memory and is not used to train models.

We log access to your data for security auditing only.

You can export or delete all your data at any time.

We use industry-standard authentication with secure session management.

All API endpoints are authenticated and rate-limited.

Prompt injection and role-override attempts are detected and blocked.

File uploads are validated against an allowlist of safe types and size limits.

Have a security concern or want to report an issue?

security@lysco.com

We aim to acknowledge reports within 48 hours.