Data Protection & Security Policy

Introduction

This Data Protection & Security Policy explains how Tiba collects, uses, stores, and protects personal and health data when delivering our multi-tenant hospital platform, AI-powered clinical tools (including OCR, voice transcription, and clinical consultation), and patient portal with consent management. We follow the principles of lawfulness, fairness, transparency, purpose limitation, data minimization, accuracy, storage limitation, integrity, and confidentiality—and we put patient control at the center of cross-facility data sharing.

Scope

This policy applies to all data we process across our products and services, including: the Tiba multi-tenant Hospital Management System (HMIS); AI document digitization, intelligent data retrieval, and AI clinical consultation features; the patient portal and consent management workflows; our APIs (including Scribe); and support services. It also covers data handled by authorized subprocessors on our behalf. Data is always segregated by tenant (hospital) and by patient consent where cross-hospital access is involved.

Data We Collect

• Account data: Name, email, organization and hospital details for staff and administrators.
• Operational data: Usage logs, device/browser metadata, and system events necessary to run and secure the platform.
• Support data: Tickets, emails, and chat transcripts when you contact us for help.
• Clinical and patient data: As configured by our hospital customers and in line with patient consent—including records processed by our AI (e.g. digitized documents, transcripts, and data used for retrieval and clinical decision support). Patient consent governs which facilities may access which health data.

How We Use Data

• To provide and improve our multi-tenant HMIS, AI features, and patient portal.
• To enforce patient consent and data isolation between hospitals.
• To secure the platform, prevent abuse, and ensure reliability and uptime.
• To offer support and respond to inquiries.
• To meet legal, regulatory, and compliance obligations (includingSOC 2).

Legal Basis

We process data based on contractual necessity (e.g. delivering the services you have contracted for), legitimate interests (e.g. security and platform improvement), legal obligations, and—where required by applicable law—consent. For patient health data and cross-hospital sharing, consent and contractual necessity are central; our patient portal allows individuals to grant, limit, or revoke access per facility.

Data Sharing & Subprocessors

We do not sell personal or health data. We may engage vetted subprocessors to deliver specific functionality (e.g. cloud infrastructure, email, analytics). These processors are bound by data processing agreements and security obligations consistent with our standards. Patient and hospital data are never shared across tenant boundaries except as explicitly permitted by patient consent through our consent management system.

International Transfers

Where data is transferred across borders, we implement appropriate safeguards such as standard contractual clauses (SCCs) and, where applicable, regional hosting options so that transfers comply with applicable law.

Security Measures

Tiba is designed for healthcare: we apply enterprise-grade security across our multi-tenant platform and AI services.

• Encryption in transit (TLS 1.3) and at rest (AES-256).
• Secret management, key rotation, and environment isolation.
• Role-based access control (RBAC) and least-privilege permissions; hospital-specific authentication and tenant isolation.
• MFA/SSO for administrative access; account and session controls.
• Comprehensive audit logging and immutable log retention for access and consent events.
• Network security (firewalls, VPCs, WAF, rate limiting).
• Backups with tested restore; defined RPO/RTO objectives.
• Vulnerability scanning, dependency monitoring, and periodic penetration testing.
• Secure SDLC, code reviews, and change management.
• Tenant data segregation and data minimization; SOC 2 aligned controls.

Data Retention & Deletion

We retain data only for as long as necessary to fulfill the purposes described in this policy or as required by law (including healthcare and audit retention requirements). Upon request or contract termination, we delete or anonymize data in line with our defined procedures and timelines, subject to any legal hold or regulatory obligation.

Your Rights

Depending on your jurisdiction, you may have rights to access, rectify, erase, restrict, object, port your data, or withdraw consent. Patients can manage consent and access to their health data through the Tiba patient portal (grant/revoke per facility, view audit logs). We respond to verified data protection requests within statutory timeframes.

Cookies & Similar Technologies

We use essential cookies for authentication and security, and optional analytics cookies to improve the service. You can manage preferences through your browser or in-product settings where available.

Incident Response

We maintain an incident response plan including detection, containment, eradication, recovery, and post-incident review. Where legally required, we notify affected customers and regulators within applicable timelines (e.g.breach notification rules).

Contact

For data protection requests or questions, contact us at privacy@tiba.co.ke.

Updates to this Policy

We may update this policy to reflect changes in our practices or legal requirements. Material changes will be communicated through the product or by email. Last updated: January 2026.