Next-EMR
Sign inStart free

Notice version: v1-2026-05

Privacy Notice

This notice explains how your personal data — including health information — is collected, used, stored, and shared when you receive care at a clinic that uses Next-EMR. It is written to comply with the applicable data protection regulations of the country where care is delivered and aligned health-information standards.

Who is the data controller?

Your clinic is the personal information controller (PIC) for your medical record. Next-EMR Cloud Solutions Inc. (the platform provider) processes data on behalf of the clinic as a personal information processor (PIP) under a Data Processing Agreement.

What data we collect

  • Identifiers: name, date of birth, sex, phone, email, address, government IDs (e.g., PhilHealth PIN, Senior Citizen / PWD ID).
  • Clinical data: medical history, diagnoses, vitals, prescriptions, lab results, imaging, encounter notes, screening scores.
  • Specialty-specific records (where applicable): visual acuity, prenatal visits, dental chart, growth measurements, immunizations, behavioral screening, joint exams.
  • Account data (clinicians and patients with portal access): credentials, sign-in timestamps, audit-log events.

How we use it

  • Delivering clinical care: documenting visits, prescribing, scheduling, and follow-up.
  • Clinic operations: appointment reminders, insurance / PhilHealth claim submission, billing.
  • Compliance: hash-chained audit logging of every access to your record for legal and regulatory review.
  • Quality and safety: drug-drug interaction checks, allergy alerts, severity-band classification of screening scores.
  • Continuity of care: sharing with pharmacies (e-prescribing) and authorized referral providers, only with your consent or as required by law.

How long we keep it

Medical records are retained for the period required by health regulations in your jurisdiction (typically 10 years for adult patients; longer for pediatric and obstetric records). Audit-log entries are retained for at least the same period to support compliance investigations.

How we protect it

  • AES-256-GCM encryption of personal health data at rest, with per-record initialization vectors.
  • Tenant isolation: every query scoped to your clinic so other clinics cannot see your record.
  • Role-based access control: clinicians, billing staff, and admins each see only what their role requires.
  • Append-only, hash-chained audit log: any access to your record is recorded in a tamper-evident chain.
  • Two-factor authentication and account lockouts on all clinician accounts; encrypted transport (TLS) on all network traffic.

Your rights

You have the right to access your record, request correction of inaccurate data, request deletion where allowed by law, and file a complaint with the appropriate regulator.

Send any data-subject request to your clinic's Data Privacy Officer. We will respond within 15 business days.

Sharing of substance use disorder records

Records related to substance use disorder (SUD) treatment, where created in our Behavioral Health module and flagged under 42 CFR Part 2, may not be re-disclosed to other parties without your specific written consent or a court order, even if those parties would otherwise be permitted to receive your general medical record.

Changes to this notice

We will increment the notice version at the top of this page when material changes are made and may re-prompt you for consent at your next visit.