Skip to content

Privacy overview

MedInsight processes personal and health-related data on behalf of clinical tenants.

Roles

Role MedInsight Customer clinic
Controller Tenant organization
Processor MedInsight platform

Lawful bases (GDPR Art. 6–9)

  • Contract — providing the SaaS platform to the tenant
  • Legitimate interest — security monitoring, fraud prevention
  • Legal obligation — audit retention where required
  • Special category data (Art. 9) — health data processed under tenant instruction with appropriate safeguards

152-FZ (Russia)

Personal data of Russian citizens is processed according to tenant configuration. Operators must register with Roskomnadzor where applicable. Cross-border transfers require legal assessment.

Data subjects

Patients, clinicians, and administrators. Rights: access, rectification, erasure, restriction, portability — see DSAR runbook.

Contact

Security and privacy inquiries: security@medinsight.local (configure for production).