Trust & Compliance

    CARE for Clinics — Trust & Compliance

    How CARE handles patient data, EMR boundaries, and PDPPL compliance for medical clinics in the GCC. Forward this page to your IT or compliance contact — it answers their questions before they ask.

    PDPPL · Hosted in the GCC · No access to your EMR or patient records · Your receptionist supervises every conversation.

    Back to Clinics

    01 — Data handling

    What CARE stores, where, and for how long.

    What CARE stores
    WhatsApp conversation transcripts (questions and replies), the documents you upload (price list, FAQs, doctor profiles, booking rules), and operational metadata (timestamps, channel ID, escalation events). Nothing else.
    Where data is stored
    All conversation and knowledge-base data is hosted on infrastructure located inside the GCC. Data never leaves the region for processing or backup.
    Retention
    Conversation transcripts retained for the active life of your account. On cancellation, you receive a 30-day export window; all data is permanently deleted within 30 days of cancellation.
    Access
    Only your designated team members (configured in the Staff Console) plus the on-call Thamra Group engineer can access your conversation data. All access is logged.

    02 — Regulatory posture

    PDPPL, in-region hosting, and what we never touch.

    PDPPL compliance
    CARE's data handling, storage, retention, and consent flows are designed to satisfy Qatar's Personal Data Privacy Protection Law. A downloadable PDPPL one-pager is available on request — forward it to your DPO or IT contact.
    MoPH-adjacent boundaries
    CARE never gives clinical advice, never diagnoses, and never recommends treatment. Red-flag symptom detection escalates to your on-call staff within 60 seconds. CARE is not a regulated medical device.
    EMR non-access (architectural)
    CARE has zero integration with your EMR or PMS. There is no API connection, no SSO, no read-only access. Your clinical records system is fully sealed from CARE.
    Patient-facing disclosure
    CARE introduces itself as your clinic's AI receptionist on the first message of every conversation. Patients are not deceived about who they are talking to.

    03 — Operational controls

    What you and your team can do, audit, and revoke.

    Receptionist override
    Every conversation is visible in real time in the Staff Console. Your receptionist can step in, edit a reply before it sends (Suggest mode), or take full control with one tap.
    Audit logs
    Every CARE reply, override, escalation, and outbound message is logged with timestamp and operator ID. Logs are downloadable as CSV.
    Conversation export
    One-click export of any conversation or date range as CSV. Use it for internal audits, patient requests under PDPPL, or external compliance reporting.
    Data deletion on demand
    You can permanently delete any patient's conversation history and contact data on demand from the Staff Console. The deletion propagates to backups within 7 days.