This Health Data Consent Agreement ("Consent Agreement") governs the authorization and management of health data shared through the PranaChain platform, website located at https://pranachain.com, mobile applications, and related services (collectively, the "Services") operated by PranaChain Inc.
By using the Services to store, manage, or share health data, you acknowledge and agree to the terms described in this Consent Agreement.
1. Purpose of the Platform
PranaChain provides infrastructure that enables individuals to securely store, manage, and control access to their healthcare records.
The platform allows users to grant or revoke access to their health data for authorized parties, including:
- Doctors
- Hospitals
- Laboratories and diagnostic centers
- Pharmacies
- Insurance providers
- Healthcare researchers
PranaChain acts as a technology platform facilitating secure data access and consent management.
2. Ownership of Health Data
Users retain ownership and control of their health data uploaded to the platform. Specifically:
- You control access to your medical records.
- You may grant or revoke access permissions at any time.
- You determine which organizations may access your data.
PranaChain does not claim ownership of user health records.
4. Types of Health Data That May Be Shared
Health data shared through the platform may include:
- Medical reports
- Prescriptions
- Laboratory test results
- Diagnostic imaging references
- Treatment history
- Health conditions or allergies
- Physician notes
Users control which data categories are shared with authorized parties.
5. Identity Verification (KYC)
To protect the integrity of the platform and to comply with applicable identity verification, anti-fraud, and data protection regulations, PranaChain requires users and healthcare providers to complete a Know Your Customer ("KYC") verification process before accessing certain features of the Services.
As part of KYC verification, you may be required to provide:
- A valid government-issued identification document
- Proof of address
- Professional registration or licensing details (for healthcare providers and institutions)
- Any additional documentation reasonably required to confirm your identity
Information collected during KYC verification is used solely for identity verification, fraud prevention, account security, and compliance with applicable laws and regulations. This information is processed and stored in accordance with our Privacy Policy.
Access to certain platform features may be limited or unavailable until KYC verification has been successfully completed. PranaChain reserves the right to suspend, restrict, or terminate an account where verification cannot be completed, where submitted information is incomplete, or where there is reasonable cause to believe the information provided is false, inaccurate, or fraudulent.
6. Data Storage and Security
Health records are not stored directly on the blockchain. Medical records are stored in secure, encrypted off-chain storage systems.
The blockchain itself stores only:
- Cryptographic hashes
- Consent permissions
- Access audit logs
- Verification records
This architecture provides data integrity, traceability, and consent enforcement.
7. Revocation of Consent
Users may revoke previously granted consent at any time through the platform. However, users acknowledge that:
- Data already accessed by authorized parties cannot be retrieved or deleted from those parties.
- Healthcare providers may retain copies of records in accordance with applicable medical recordkeeping regulations.
Revocation prevents future access but does not retroactively remove previously shared data.
8. Research and Anonymized Data
Users may choose to participate in research programs. If consent is provided, PranaChain may allow access to anonymized or de-identified health data for:
- Medical research
- Pharmaceutical studies
- Healthcare analytics
- Public health research
Research data will not include personally identifiable information unless explicitly authorized by the user. Participation in research programs is voluntary, and users may withdraw consent at any time.
9. Responsibilities of Users
Users are responsible for:
- Ensuring uploaded health records are accurate.
- Managing consent permissions.
- Verifying the identity of parties requesting access.
PranaChain does not verify the medical accuracy of user-submitted data.
10. Responsibilities of Healthcare Providers
Healthcare providers using the platform agree to:
- Access health data only with proper patient consent.
- Comply with applicable healthcare privacy laws.
- Use the platform solely for legitimate healthcare purposes.
Healthcare providers are responsible for complying with their own professional and regulatory obligations.
11. Security and Risk Acknowledgement
While PranaChain implements strong security measures, including encryption and access controls, users acknowledge that:
- No digital system can guarantee absolute security.
- Unauthorized access may occur due to external factors beyond our control.
Users accept these risks when using digital health infrastructure.
12. No Medical Advice
PranaChain does not provide medical advice, diagnosis, or treatment.
The platform is intended only to facilitate secure storage and controlled sharing of health records.
Users should consult qualified healthcare professionals for medical advice.
13. Withdrawal of Consent
Users may withdraw consent for data sharing at any time through the platform's consent management system.
- Future data access requests will be denied.
- Existing healthcare providers may retain records previously obtained.
14. Changes to This Agreement
PranaChain may update this Consent Agreement periodically. Updates will be published on https://pranachain.com with an updated revision date.
Continued use of the Services after changes indicates acceptance of the updated agreement.
15. Contact Information
If you have questions about this Consent Agreement, please contact:
PranaChain Inc.
167 Ferry St
Windsor, ON N9A 0C5
Canada