🔒 Privacy Policy

1. Information We Collect

HealthCharts may collect and process the following categories of information:

• Personal identification information (name, ID number, email, phone number)
• Patient medical records and clinical notes
• Biometric and monitoring information
• Voice dictation recordings and transcripts
• Laboratory results and referrals
• Practitioner, hospital, and clinic information
• Uploaded healthcare documentation
• Audit logs and system access activity
• Trusted device and login verification data

2. Purpose of Collection

Your information is collected and processed for the following purposes:

• Providing electronic medical record services
• Supporting practitioner workflows
• Enabling patient-family communication
• Clinical coordination between healthcare providers
• Biometric and patient monitoring
• Voice transcription and clinical documentation
• Hospital administration and reporting
• Security monitoring and fraud prevention
• Compliance with healthcare regulations

3. Legal Basis for Processing

HealthCharts processes information under one or more of the following lawful bases:

• User consent
• Provision of healthcare services
• Healthcare operational requirements
• Legal and regulatory obligations
• Protection of patient interests
• Authorized family or POA access

4. Data Security & Protection

HealthCharts implements technical and organizational safeguards to protect information against unauthorized access, disclosure, alteration, or destruction.

• Role-based access control
• Hospital-level data isolation
• Session and authentication security
• Audit logging and activity monitoring
• Secure password hashing
• Trusted device verification
• Controlled practitioner approvals
• POPIA consent workflows

5. Information Sharing

Information may only be shared with:

• Authorized healthcare practitioners
• Hospitals and clinical facilities
• Approved family members
• Verified Power of Attorney representatives
• Legal authorities where required by law

HealthCharts does not sell personal or medical information to third parties.

6. Voice AI & Transcription

Voice dictation and AI-assisted transcription features may process audio recordings to generate medical documentation. AI-generated transcripts may contain errors and must be reviewed by qualified practitioners before clinical use.

7. Your Rights Under POPIA

Under POPIA, users may have the right to:

• Access personal information
• Request corrections or updates
• Request deletion where legally permissible
• Object to certain processing activities
• Withdraw consent
• Request audit or disclosure records
• Lodge complaints with the Information Regulator

8. Data Retention

Medical and operational records may be retained according to healthcare, clinical, legal, and regulatory obligations. Retention periods may vary depending on:

• Healthcare legislation
• Hospital requirements
• Clinical necessity
• Audit and compliance obligations

9. Cookies & Trusted Devices

HealthCharts may use cookies, trusted-device tokens, and session technologies to:

• Maintain secure login sessions
• Reduce unauthorized access
• Support authentication workflows
• Improve user experience

10. Third-Party Services

HealthCharts may integrate with trusted healthcare or communication services, including:

• WhatsApp OTP systems
• AI transcription providers
• Hospital systems
• Cloud infrastructure providers

Such services are expected to comply with applicable privacy and security standards.

11. Changes To This Policy

HealthCharts may update this Privacy Policy periodically to reflect legal, technical, operational, or healthcare changes. Continued platform use constitutes acceptance of revised policies.

12. Contact Information