Skip to content
plural2
Neo Privacy Policy
NeoEHR Privacy Policy
myNeo Health Privacy Policy
Share
Explore

Privacy Policy

NeoEHR – Plural Health(Updated Privacy Policy)
Effective date: 23 January 2026 ​Last updated: 23 January 2026
Plural Health (formerly PlateauMed) (“Plural”, “we”, “us”) operates NeoEHR, an electronic health record and healthcare management platform used by hospitals, clinics, and other healthcare providers (“the Platform” or “NeoEHR”).
This updated Privacy Policy explains how information is collected, processed, stored, and protected when authorised users access and use NeoEHR. It reflects our ongoing commitment to data protection, information security, and compliance with the Nigeria Data Protection Act 2023 and other applicable laws.

1. Purpose and scope

This Privacy Policy applies to:
Healthcare professionals, administrators, and staff authorised to use NeoEHR
Operational and support users accessing NeoEHR on behalf of a healthcare facility
This policy does not replace patient privacy notices issued by hospitals or clinics.
Patient personal data processed through NeoEHR is subject to a separate Patient Privacy Notice.
For the purposes of applicable data protection laws, the relevant hospital or clinic acts as the Data Controller and is responsible for providing patients with appropriate privacy information. Plural processes patient personal data as a Data Processor and makes available a Patient Privacy Notice describing its role, obligations, and data processing activities in support of healthcare delivery.

2. Roles and data protection responsibilities

For the purposes of applicable data protection laws, including the Nigeria Data Protection Act 2023:
Hospitals, clinics, and healthcare facilities using NeoEHR act as Data Controllers, determining the purposes and means of processing patient personal data.
Plural Health Limited acts as a Data Processor, processing personal data solely on documented instructions from the Data Controller.
Plural does not independently determine how patient data is used and does not use patient data for its own purposes beyond providing and supporting the NeoEHR platform.

3. Categories of information processed

3.1 User (staff) information

To enable secure and accountable access to NeoEHR, we process information relating to authorised users, including:
Name
Email address
Phone number
Job title and role
User credentials and access permissions
Activity and access logs
This information is used to manage user accounts, system security, and auditability.

3.2 Patient health and administrative information

On behalf of hospitals and clinics, NeoEHR processes patient information entered and managed by authorised healthcare professionals, including but not limited to:
Patient demographic details
Clinical notes, symptoms, and diagnoses
Vital signs and observations
Laboratory and diagnostic test requests and results
Prescriptions and medication records
Visit records, referrals, and care documentation
Plural processes this information strictly as a data processor and does not create, alter or independently interpret patient health records.

3.3 Technical and usage information

We may collect technical and usage data associated with NeoEHR access, including:
IP address
Device type and browser information
Operating system version
Date, time, and duration of system access
Error logs and performance metrics
This data is used to maintain platform reliability, security and performance.

4. How information is used

Information processed through NeoEHR is used solely to:
Provide, operate and maintain the NeoEHR platform
Enable secure access to patient records by authorised users
Support clinical, administrative and operational workflows
Provide customer support and respond to service requests
Monitor usage, performance and system integrity
Detect, prevent and address technical or security issues
Comply with legal and regulatory obligations
Plural does not use data processed through NeoEHR for advertising, profiling, or unrelated commercial activities.

5. Legal basis for processing

Personal data processed through NeoEHR is handled in accordance with the Nigeria Data Protection Act 2023 on the following lawful bases:
Performance of a contract with healthcare facilities
Provision of healthcare services by licensed providers
Compliance with legal and regulatory obligations
Protection of vital interests, where applicable

6. Data sharing and disclosures

Information processed through NeoEHR may be disclosed only:
To authorised personnel within the relevant healthcare facility
To approved third-party service providers acting under written data processing agreements
Where required by law, regulation, or lawful request by public authorities
All third-party processors are subject to confidentiality, data protection and security obligations consistent with this policy.

7. Data security and confidentiality

Plural implements appropriate technical and organisational measures to safeguard information processed through NeoEHR, including:
Role-based access controls
Authentication and authorisation mechanisms
Audit logs and access monitoring
Secure hosting and infrastructure environments
Data encryption where appropriate
Staff training and confidentiality obligations
While we take reasonable steps to protect information, no system of electronic storage or transmission can be guaranteed to be completely secure.

8. Data retention and deletion

Personal data processed through NeoEHR is retained:
In accordance with instructions from the healthcare facility
In line with applicable healthcare, regulatory and legal requirements
For the duration necessary to support healthcare delivery and system integrity
Deletion or return of data is handled in line with contractual obligations and applicable laws.

9. Patient privacy and rights

NeoEHR is designed to support hospitals and clinics in meeting their patient privacy obligations.
Patient rights, consent management and data access requests are governed by the policies and procedures of the relevant healthcare provider.
Plural supports Data Controllers in responding to patient requests where required by law.

10. International data transfers

Where data is hosted or processed outside Nigeria, Plural ensures that appropriate safeguards are in place to protect personal data in accordance with applicable data protection laws.

11. Updates to this policy

This Privacy Policy may be updated periodically to reflect changes in law, technology, or our data processing practices.
The most recent version will always be made available through NeoEHR or on our website.

12. Contact information

If you have questions or concerns about this Privacy Policy, please contact:
Plural Health Limited Email:
contact@plural.health
Phone: +234 811 502 2222 Address: 4–8 Bankole Lukman Street, Agungi, Lekki, Lagos, Nigeria

Visit the NeoEHR webpage

Privacy Policy
1. Purpose and scope
2. Roles and data protection responsibilities
3. Categories of information processed
3.1 User (staff) information
3.2 Patient health and administrative information
3.3 Technical and usage information
4. How information is used
5. Legal basis for processing
6. Data sharing and disclosures
7. Data security and confidentiality
8. Data retention and deletion
9. Patient privacy and rights
10. International data transfers
11. Updates to this policy
12. Contact information
Visit the NeoEHR webpage
Want to print your doc?
This is not the way.
Try clicking the ··· in the right corner or using a keyboard shortcut (
CtrlP
) instead.