Version 2026.05.15 · Effective 15 May 2026
Privacy Policy
How DR.CORD handles patient, staff, clinic, authentication, attachment, audit, and sync data.
Data Collected
DR.CORD may process clinic profile data, staff account data, role and capability settings, patient demographics, PatientID-linked clinical records, appointments, queue tokens, billing records, pharmacy and inventory records, laboratory orders and reports, attachments, operational events, device state, and sync metadata.
Authentication data is handled through Firebase Authentication and related browser persistence. DR.CORD stores operational user profiles separately so clinic-specific role and access decisions can be enforced.
Patient Data Handling
Patient data is organized around clinic and PatientID context so records can be connected to the correct patient journey across reception, consultation, billing, pharmacy, lab, and reports.
Users must ensure patient identity is verified before creating, viewing, printing, sharing, amending, or syncing patient records.
Offline Cache and IndexedDB
DR.CORD uses browser storage including IndexedDB and local persistence to support offline-first workflows. Cached data may include drafts, queued events, operational locks, subscription state, hydration manifests, notification queues, upload queues, display state, presence state, secure cache entries, and migration state.
Local device storage is part of the production architecture. Staff should use trusted devices, lock shared workstations, and clear device access when equipment is reassigned.
Synchronization and Realtime Systems
When online, DR.CORD synchronizes records with cloud services and realtime listeners. When offline or degraded, actions may be queued locally and replayed later with idempotency keys, status tracking, retry metadata, and conflict handling.
A record visible on one device may not immediately appear on another device if either device is offline, reconnecting, blocked by permissions, or recovering a queue.
Notifications and Attachments
Notification permissions may be requested for clinic workflow alerts, operational updates, push messages, and background sync prompts. Users can control browser and operating system notification permissions.
Attachments such as reports, scans, prescriptions, images, and supporting documents may be stored in configured cloud storage and cached locally where needed for preview, upload recovery, or offline continuity.
Audit Logs and Monitoring
DR.CORD records operational events and security-relevant signals to support accountability, patient safety, incident review, and clinic administration.
Audit logs may include actor ID, clinic ID, branch, role, aggregate identifiers, action type, timestamps, workflow status, sync state, device/runtime state, and error metadata.
Retention and Access
Retention periods, exports, deletion workflows, and access reviews are governed by clinic policy, applicable law, and FRIMROOT configuration. Deleting local cache does not necessarily delete cloud records or audit logs.
Access to patient and operational data should be limited to authorized staff with a valid operational need.
Terms
Rules for using DR.CORD as a clinical operations platform.
Storage Policy
Browser storage, IndexedDB, service worker, offline cache, and notification permission behavior.
Offline/PWA
How installable app mode, offline cache, delayed sync, and recovery work.
AI Disclaimer
AI outputs are assistive and must be verified by qualified professionals.