Healthcare AIPrimary sector: HealthcareLast reviewed: May 12, 2026

Nuance DAX Copilot (Microsoft)

Name: Nuance DAX Copilot (Microsoft) — AI Governance Scoring (EFROS Index)
Creator: Stefan Efros
Published: 2026-05-13
License: https://creativecommons.org/licenses/by/4.0/

Microsoft Corporation (Nuance) · EFROS US AI Vendor Governance Index entry

By Stefan Efros, CEO & Founder, EFROS

Updated · June 4, 2026

Composite governance score

70/ 100B

B = strong posture. Deployable in regulated workloads with documented compensating controls.

Axes scored: 9 / 11

Trust-center maturity: 5 / 5

Sector weighting: Healthcare

About this vendor

Ambient clinical AI scribe. Captures clinician-patient encounters and generates structured clinical notes. EHR-integrated (Epic, Cerner, athenahealth, others).

Enterprise tier: DAX Copilot (per-clinician licensing, EHR-integrated)
Vendor homepage: https://www.nuance.com/healthcare/dragon-ai-clinical-solutions/dax-copilot.html

Twelve-axis governance scoring

Each axis is scored Yes / Partial / No / N/A against public evidence — vendor trust portals, BAAs/DPAs, SOC 2 report cover pages, published methodology documents. N/A applies when the axis is structurally inapplicable (foundation models, for example, defer Section 1557 to the downstream healthcare deployer).

Axis	Status	EFROS note	Source
BAA / DPA available	Yes	DAX Copilot is covered under Microsoft Online Services HIPAA BAA. Inherits the full M365/Azure BAA scope.	Microsoft Nuance DAX HIPAA
Training-data opt-out	Yes	Clinical encounter audio and generated notes are not used for foundation-model training. Customer-isolated processing.	Nuance DAX Copilot documentation
US data residency option	Yes	US data residency via Azure US regions. Customer-configurable.	Microsoft Azure Data Residency
SOC 2 Type II report	Yes	Microsoft Azure / M365 commercial environment compliance stack applies (SOC 2 Type II + SOC 1 + SOC 3 + ISO 27001/17/18 + FedRAMP).	Microsoft Service Trust Portal
ISO/IEC 42001 attestation	No	No DAX Copilot-specific ISO/IEC 42001 attestation as of May 2026.	Microsoft Service Trust Portal
NIST AI RMF self-attestation	Partial	Microsoft Responsible AI framework applies. No DAX-specific NIST AI RMF self-attestation document.	Microsoft Responsible AI
Colorado AI Act readiness	No	No DAX-specific Colorado AI Act public statement.	Public posture review
HHS-OCR Section 1557 readiness	Partial	BAA in place. Section 1557 algorithmic non-discrimination obligations for clinical decision support remain deployer responsibility; Microsoft documents the technical controls.	Microsoft Healthcare compliance
FRB SR 11-7 readiness	N/A	Healthcare-vertical positioning.	DAX positioning
ABA Formal Op 512 readiness	N/A	Healthcare-vertical positioning.	DAX positioning
Subprocessor list public	Yes	Microsoft Online Services subprocessor list applies.	Microsoft Service Trust Portal

Trust-center maturity

5/ 5

Inherits Microsoft Service Trust Portal, the reference standard. DAX-specific documentation present on the Nuance side.

Source: Microsoft Service Trust Portal

Deep dive

Overview

DAX Copilot has the strongest healthcare-vertical governance posture in the market because it inherits the Microsoft/Azure/M365 compliance stack while being healthcare-positioned at the product layer. The result is platform compliance at the standard of the M365 stack combined with clinical workflow fit. The remaining gap is Section 1557 readiness, where the deployer still owns clinical-decision-support validation.

Strengths

Inherits Microsoft/Azure HIPAA BAA, US residency, SOC 2, ISO 27k, FedRAMP
EHR-integrated (Epic, Cerner, athenahealth, etc.)
Default no-train, customer-isolated processing
Most mature trust portal of any healthcare AI vendor

Weaknesses

No DAX-specific ISO/IEC 42001
No Colorado AI Act-specific statement
Section 1557 clinical-decision-support readiness is deployer-side

Best-fit use case

Health systems and clinics with Microsoft 365 / Azure standardization where DAX Copilot's EHR integration matches the deployed EHR. Epic + DAX is the highest-leverage combination.

Avoid when

Practices on EHRs without DAX integration (some smaller specialty EHRs). The workflow value depends on EHR integration depth.

Operator's take

Deploy Nuance DAX Copilot (Microsoft) when health systems and clinics with Microsoft 365 / Azure standardization where DAX Copilot's EHR integration matches the deployed EHR. Epic + DAX is the highest-leverage combination. The composite score of 70 (grade B) reflects a defensible posture for regulated US workloads. Skip the vendor when practices on EHRs without DAX integration (some smaller specialty EHRs). The workflow value depends on EHR integration depth. In every deployment, treat the cells above as a snapshot — the acquisition that gets to production safely is the one that re-verifies the trust-center posture before contract signature and rebuilds the matrix at renewal.

How this scoring is computed

The composite score blends eleven scoreable axes (BAA, training opt-out, US data residency, SOC 2, ISO/IEC 42001, NIST AI RMF, Colorado AI Act, Section 1557, SR 11-7, ABA Op 512, subprocessor transparency) with the trust-center maturity score. Axes marked N/A are excluded from the denominator so vendors are not penalized for sector-inapplicable axes. The vendor's primary sector amplifies the most relevant axes — healthcare vendors weight Section 1557 ×2, legal vendors weight ABA Op 512 ×2, banking vendors weight SR 11-7 ×2 — so the composite reflects what matters in the actual buying context.

Read the full methodology →

Disagree with this scoring?

EFROS publishes scoring rationale per cell with a public source. If you have evidence that a specific axis should score differently — a new BAA, a new certification, a documented policy change — submit a formal challenge below. We re-score and publish the result with the next quarterly edition (or as a mid-quarter changelog entry if the change is material).

Disagree with a score?

Every cell in the EFROS Index is source-cited. If you have a public source that contradicts a score for Nuance DAX Copilot (Microsoft), submit a formal challenge — we re-verify against the source and respond within 14 days.

Similar vendors (same category or sector)

Vendors in the same category as Nuance DAX Copilot (Microsoft), padded with vendors that share its primary sector. All scored on the same twelve axes — useful for head-to-head shortlisting.

A87 / 100

Abridge

Abridge AI, Inc.

View posture →

B72 / 100

Suki AI

Suki AI, Inc.

View posture →

D45 / 100

Heidi Health

Heidi Health Pty Ltd

View posture →

Where Nuance DAX Copilot (Microsoft) shows up in the rest of the Index

Nuance DAX Copilot (Microsoft) is scored in every state and (where applicable) sector slice of the Index. Use these views to compare Nuance DAX Copilot (Microsoft) against its peers from a state or sector lens rather than category.

Healthcare AI sector view →california view →colorado view →new york view →illinois view →texas view →

Disclaimer. Scoring as of 2026-05-13. Posture changes frequently — re-verify with the vendor's trust center before contract. This page is informational; it is not legal advice. EFROS clients get a refreshed posture review as part of the AI Governance Audit.

Take the scoring into production

The Index tells you the posture. These engagements turn the posture into a deployable program — vendor selection, governance policy, sector overlay, audit-ready evidence.

Reserve $5K AI Governance Audit Run AI Risk Score →See full Index →