Privacy Policy & Consent Form

Last updated: June 2026

NDPA Compliance Statement: Health data is classified as Sensitive Personal Data under the Nigeria Data Protection Act (NDPA) 2023. We enforce strict multi-tenant boundaries and device-level restrictions to keep patient records secure.

1. Introduction

This Privacy Notice and Consent Form template explains how patient personal and medical information is processed on DokiTab. Subscribing hospitals, acting as Data Controllers, utilize DokiTab (acting as Data Processor) to manage electronic health records.

2. What Patient Personal Data is Processed?

To deliver clinical care and billing administration, the platform processes:

  • Demographics: Full name, date of birth, age, gender, address, phone number, and next-of-kin contacts.
  • Sensitive Medical Records: Vital signs, SOAP encounter notes, lab results, prescriptions, allergies, medication administration logs (MAR), and surgical procedures.
  • Clinical Photos: Bedside photos taken securely through the DokiTab mobile application (wounds, diagnostic scans).
  • Financials: Invoices, payment receipts, HMO details, and NHIS logs.

3. Legal Basis for Processing

Under the NDPA 2023, sensitive health data is processed based on:

  1. Explicit Consent: Captured at patient registration (web UI or uploaded consent document).
  2. Medical Treatment: Managed by licensed medical practitioners bound by statutory professional confidentiality obligations in Nigeria.

4. Platform Security Safeguards

DokiTab is built with privacy-first engineering guardrails to prevent data leaks:

  • No Native Gallery Access: Bedside photos taken with the mobile app bypass the device gallery, stream in RAM, encrypt, and upload directly to secure cloud storage. They are never cached on the clinician's phone.
  • Screenshot Block: The mobile app globally prevents screenshot and screen recording capture (`expo-screen-capture`).
  • GPS Geofencing: Mobile clinical access is automatically locked if a device leaves the geofenced parameters configured by the hospital.
  • Clinical Audit Logs: Every patient record access is logged with the staff member's ID, action type, IP address, and timestamp.

5. Patient Rights Under the NDPA

Patients have the following statutory rights, facilitated by the Hospital:

  • Access & Portability: Fulfillable via admin-generated CSV or PDF exports.
  • Rectification: Editing demographic or clinical descriptors.
  • Erasure/Objection: Soft-deletion of demographic entries, subject to medical retention guidelines under Nigerian healthcare law.
  • Consent Withdrawal: The right to object to future data processing.

For Clinical Staff: When accessing DokiTab on personal smartphones or tablets (BYOD) at the bedside, you must adhere to the security rules below to comply with NDPA security requirements.

1. Device Security Baselines

All personal devices utilized by clinical staff for DokiTab bedside rounds must:

  • Run Android 10+ or iOS 15+ with the latest system security patches.
  • Be locked with a secure passcode (minimum 6 digits), password, or biometric verification (FaceID/Fingerprint).
  • Not be rooted or jailbroken (the app runs automated root-detection).

2. bedside Data Handling Rules

When using your device on the ward rounds:

  1. Never Bypass Screenshot Blocks: Do not capture screens or take physical photos of patient charts with other cameras.
  2. Use the Internal Secure Camera: All wound or documentation photos must be taken through `SecureCameraScreen.tsx` inside the DokiTab app. Under no circumstances should patient files be saved to your personal media gallery.
  3. Maintain Location Permissions: Geofencing requires active GPS and WiFi SSID tracking. Bypassing geofencing (e.g. via VPNs or spoofers) is a terminable offense.
  4. Banish Credential Sharing: Every staff member must log in under their unique credentials. Log out immediately after completing bedside round tasks.

3. Lost Devices & Breach Reporting

If a personal device accessing the platform is lost or stolen, notify the Hospital Administrator within one (1) hour to revoke your active JWT tokens. Any security vulnerabilities or leaks must be reported via an `IncidentReport` in the compliance console.