Privacy Policy

Last updated: April 2026

1. Data Collection Framework

WardLink is strictly committed to the secure management of sensitive clinical data. We collect solely the information requisite for ward management, clinical safety validation, and service delivery. This encompasses:

• Professional Identity Data: Practitioner nomenclature and hospital-affiliated contact credentials.
• Patient Health Information (PHI): De-identified patient profiles, medication histories, laboratory diagnostics, and clinical observations inputted by authorized users.
• Collaborative Meta-Data: Ward assignments, team hierarchies, and inter-practitioner communications.
• Telemetry & Diagnostics: Anonymized system performance metrics, crash diagnostics, and usage analytics.

2. Permitted Clinical Data Utilization

All acquired data is processed exclusively to facilitate and augment clinical workflows. Explicit functional applications include:

• Clinical Reference Checks: Rule-based screening of pharmacological reference data for contraindications, drug-drug interactions, and renal dosing references sourced from published literature.
• AI-Assisted Transcription: Secure, transient processing of clinical dictation and medical document text extraction via enterprise-grade infrastructure.
• Care Continuity Optimization: Facilitating asynchronous handovers and secure data synchronization across multidisciplinary medical teams.

WardLink enforces a rigorous prohibition against the sale, syndication, or unauthorized commercial exploitation of user credentials or Patient Health Information (PHI).

3. Data Retention and Expunction Protocol

Clinical records and user metadata are retained strictly for the duration of an active user account to fulfill patient care continuity requirements. Upon formal user or administrative account termination, all associated personal and clinical records are permanently expunged from primary production infrastructure within thirty (30) days, subject exclusively to overriding statutory or regulatory retention mandates.

4. Enterprise Security Architecture

WardLink deploys comprehensive administrative, physical, and technical safeguards. All data is hosted on secure, enterprise-grade cloud infrastructure which maintains rigorous compliance with ISO 27001, HIPAA, and SOC 2 Type II standards. Data is protected by AES-256 encryption at rest and Transport Layer Security (TLS 1.2+) in transit.

5. Authorized Sub-Processors

To deliver core system functionalities, WardLink engages vetted third-party enterprise infrastructure providers:

• Cloud Infrastructure Providers: For robust database hosting, authentication, and encrypted storage.
• Payment Processors: For PCI-DSS compliant processing of subscription transactions. WardLink does not retain or process unencrypted financial instruments.
• Artificial Intelligence Partners: For specialized, isolated processing of clinical document intelligence.

All sub-processors are contractually bound to rigorous data protection and confidentiality agreements.

6. AI Usage & Clinical Data Sources

WardLink employs artificial intelligence strictly for:

• Audio-to-text transcription of clinical dictation
• Optical character recognition (OCR) of medical documents

AI is NOT used for:

• Generating clinical diagnoses or treatment recommendations
• Making autonomous medical decisions
• Producing drug dosing calculations

All pharmacological reference data is sourced from:

• RxNorm (National Library of Medicine) for drug nomenclature and coding
• WHO ICD-11 for diagnostic classification
• Published pharmacological literature for renal, hepatic, pregnancy, and lactation safety profiles

All safety alerts and dosing references are static, rule-based lookups from bundled databases — not machine learning predictions. WardLink does not employ any predictive algorithms for clinical decision-making.

7. User Rights and Governance

Subscribers maintain the immutable right to access, rectify, or compel the deletion of their personal and submitted clinical data. To execute data governance requests or for matters of HIPAA/GDPR compliance, practitioners must submit a formal inquiry to our designated privacy operational team at support@wardlink.link.

8. Policy Amendments

This Privacy Policy may be systematically amended to reflect advancements in medical informatics technologies or shifts in multi-jurisdictional regulatory frameworks. Subscribers will receive definitive notification of material policy modifications via integrated application alerts. Continued utilization of the WardLink platform constitutes binding acceptance of the revised covenants.

9. Legal and Compliance Contact

For formal privacy inquiries, data requests, and regulatory compliance concerns, please contact our administrative team:

• Email: support@wardlink.link
• Address: Cairo, Egypt
• Web Portal: wardlink.link