Data Privacy
How DokEMR handles account, clinic, support, and platform data.
DokEMR may process account, professional, clinic, subscription, billing, support, usage, security, and technical information needed to create and maintain a clinic workspace.
Patient information entered by clinics may include demographics, contact details, clinical notes, diagnoses, medications, prescriptions, certificates, laboratory orders, laboratory results, images, billing records, portal activity, and other clinic records.
Information is processed to provide EMR services, manage accounts and roles, secure access, support clinic workflows, generate documents, process subscriptions and billing, respond to support requests, improve reliability, and comply with applicable requirements.
DokEMR may use operational logs, audit trails, and security events to protect the platform, investigate issues, and maintain accountability.
For patient records entered by a clinic, the clinic or healthcare provider generally determines why and how the data is collected and used. DokEMR processes that data as part of providing the platform.
Clinics should provide appropriate privacy notices to patients and ensure that users access only data they are authorized to handle.
DokEMR uses role-based access, session controls, audit trails, encrypted credentials, access gating, and other technical and organizational safeguards designed to protect clinic and patient data.
No safeguard is perfect. Clinics should keep devices, browsers, networks, and user access practices secure to reduce risk.
DokEMR may use service providers for hosting, email, payment, support, analytics, OCR, AI review, or other platform functions where configured and necessary.
DokEMR does not sell patient records. Data may be disclosed when required by law, authorized by the clinic, needed to provide configured services, or necessary to protect security and legal rights.
Clinic and patient records are retained as needed for clinic operations, legal, accounting, audit, support, security, and continuity purposes unless deletion, export, or retention changes are lawfully requested and technically feasible.
Data subject requests should generally be directed to the clinic or healthcare provider that controls the patient relationship. DokEMR can assist clinics with platform-side support where appropriate.
This page is provided for product transparency and is not a substitute for legal advice. Clinics should consult their own legal or data protection adviser for their specific obligations.