-
suRxit is designed to comply with GDPR and HIPAA for all patient data.- MedKG-Rx is designed to comply with GDPR and HIPAA regulations.
-
Data minimization: only collect and process necessary data.- All patient data is processed with explicit consent and is never used for secondary purposes without approval.
-
Data subject rights: support access, correction, and deletion requests.
Patient Consent Workflow- Patients (or their representatives) must provide informed consent before data ingestion.
-
Explicit patient consent is required before processing any PHI.- Consent records are auditable and revocable.
-
Consent records are securely stored and auditable.- Data minimization and purpose limitation principles are enforced.
-
Users can withdraw consent at any time via the UI.