Trust Center

How MyHealthHRS protects patient-owned health data

This page explains the core trust rules in clear language: who owns data, who can access it, how emergency access is limited, and what rights patients keep.

Create account Security & Privacy

Data ownership

Health records belong to the person they describe. A family owner, provider, enterprise account, or platform admin does not become the owner of patient health data.

Records stay attached to the person, even if account type, family membership, provider access, or subscription status changes.

Family owners help manage care, but they are not permanent owners of another person’s health records.

Providers can contribute documents or reports, but patient-owned records remain under patient control.

Privacy

MyHealthHRS is designed around privacy-first defaults. Access should be limited to what is needed for the selected task.

Personal health data should not be exposed by default.

Independent family members control what they share with family.

Provider access requires explicit patient consent and a defined scope.

Security

Security controls are designed to protect accounts, sessions, files, provider access, and sensitive identity information.

Role-based access separates patient, family, provider, enterprise, support, developer, auditor, admin, and founder responsibilities.

Passkeys and mobile biometric readiness use native device authentication. MyHealthHRS must not store face or fingerprint data.

Sensitive identifiers should be masked unless the role has a valid reason to view them.

Audit logging

Important actions should leave a clear audit trail so access, sharing, emergency use, exports, and admin actions can be reviewed.

Sharing grants, revocations, provider requests, emergency access, file actions, subscription changes, exports, and admin decisions should be logged.

Audit logs help detect misuse and support compliance reviews.

Denied or blocked actions should also be logged where appropriate.

Emergency access

Emergency access is never unrestricted. It must stay limited, read-only, time-bound, audited, notification-based, and privacy-first.

Emergency QR and break-glass workflows should show only approved emergency profile data.

Full records, wallet documents, analytics, comparison history, and private files remain blocked unless later approved by the patient or family.

Emergency access events should notify the patient and configured family or emergency contacts.

Family permissions

Family care support must respect each person’s account type, privacy, and lifecycle stage.

Dependent members have no login and are managed by the family owner.

Assisted members have login access and can allow family support based on permissions.

Independent members have their own privacy controls and choose what to share with the family.

Provider access

Healthcare providers are connected partners, not the center of the platform. They can only see patient data after consent.

Patients choose records, provider or staff recipient, access duration, and consent confirmation.

Providers may request access, but the patient can approve, reject, or revoke it anytime.

Unverified providers should not access patient-shared records.

Data export rights

Patients should be able to request or download their own health information in portable formats, subject to identity, permission, and ownership checks.

Exports should respect ownership and family permissions.

Platform-wide and bulk exports require stronger controls and founder-level protection.

All export activity should be audited.

Plain-language promise

MyHealthHRS should help people organize and share health information without giving up ownership. Family members can support care with permission. Providers can collaborate only with consent. Emergency access is limited to emergency data. Sensitive actions should be logged, and patients should be able to export their own data.

Plain-language promise