CareEHR — Shared Family Health Records

CareEHR is operated by Petrichor Labs, a Canadian company.

What we collect

When you sign in via ConsentKeys, we store a pseudonymous identifier, display name, and email address. These are ConsentKeys-generated pseudonyms, not your real identity.

When you upload documents, they are stored encrypted at rest in our cloud infrastructure. We do not read, analyze, or share your documents.

Who can see your data

Only family members you explicitly invite can see documents in a care profile. Provider links give time-limited, read-only access to doctors — and every access is logged.

We (Petrichor Labs) do not access your health documents unless required to investigate a technical issue you report, or as required by law.

Data storage

All documents are encrypted at rest (AES-256). All data is transmitted over TLS. Our infrastructure is hosted in Canada where possible.

Product analytics

We use self-hosted PostHog analytics through logs.petrichorlabs.ca to understand which pages and flows are used, where people drop off, and which product changes make CareEHR easier for families to use. We use this for internal product improvement, not for advertising or selling health data.

Your rights

Under PIPEDA (Canada's federal privacy law), you have the right to access, correct, and delete your personal information. Contact us at privacy@petrichorlabs.ca to exercise these rights.

Contact

Petrichor Labs · Canada · privacy@petrichorlabs.ca