ChartChronicle HealthEMR · HMIS

Legal

Acceptable Use Policy

Last updated 6 June 2026

This Acceptable Use Policy forms part of the Terms of Service. It protects patients, your organisation, other customers and the platform. Breaching it may lead to suspension or termination.

1. Permitted use

Use ChartChronicle Health only for lawful clinical, administrative and public-health purposes, within your authorised role and scope, and with the patient consent and legal basis your jurisdiction requires.

2. You must not

  • access patient records outside your authorised scope, or attempt to defeat role-based access control, facility/organisation scoping or tenant isolation;
  • misuse “break-glass” emergency access (it is logged and reviewed) or tamper with, disable or circumvent the audit trail;
  • share credentials, or allow unauthorised persons to use your account;
  • upload malware, or attempt to probe, scan, overload, or disrupt the platform or its infrastructure;
  • reverse-engineer, decompile, scrape, or copy the software except as permitted by law;
  • enter unlawful content, infringe others' rights, or use the platform to harass, defraud or harm;
  • process personal or patient data without a valid legal basis or the consent your jurisdiction requires;
  • use the platform to provide a competing service, or resell access without authorisation.

3. Security obligations

Keep credentials confidential, enable multi-factor authentication where required, assign roles on a least-privilege basis, promptly revoke access for staff who leave, and report any suspected security issue or unauthorised access immediately (see below). You are responsible for activity under accounts you control.

4. Clinical responsibility

Decision-support tools assist but do not replace professional judgement. The treating clinician remains responsible for every clinical decision. Maintain appropriate clinical governance and downtime procedures for continuity of care.

5. Enforcement

We may investigate suspected violations and may suspend or terminate access, remove offending content, or take other action proportionate to protect patients, customers and the platform, and as required by law.

6. Reporting abuse or vulnerabilities

Report misuse, suspected breaches or security vulnerabilities to security@chartchronicle.com. See our Security page for our responsible-disclosure approach.