Terms of Service
Last updated: March 2026
1. Service Description
Chron is a clinical record summarisation platform designed for NHS EPR (Electronic Patient Record) migrations. The service ingests legacy EPR data, pseudonymises patient identifiers, uses AI to generate structured clinical summaries, and provides a clinician review workflow for approval and export.
2. Not Medical Advice
Chron is a decision support tool. AI-generated summaries are drafts that require clinical review and approval before any use in patient care. Clinical responsibility for the accuracy and appropriateness of patient record summaries remains with the reviewing clinician at all times.
Chron does not provide medical advice, clinical diagnoses, or treatment recommendations. The platform assists with data migration only.
3. Intended Users
Chron is intended for use by NHS trusts, Integrated Care Boards, and their authorised personnel during EPR migration programmes. Access to the Chron application requires authentication through NHS Identity (Microsoft Entra ID) or organisation-approved credentials.
4. Data Processing
Data processing between Chron Health Ltd and each NHS trust is governed by a separate Data Processing Agreement (DPA) executed prior to any patient data being processed. The DPA specifies:
- Categories of personal data processed
- Processing purposes and lawful basis
- Sub-processor details
- Data retention periods
- Security measures and breach notification procedures
No patient data is processed until a DPA is in place between Chron Health Ltd and the relevant NHS organisation.
5. Data Security
All patient data is processed and stored exclusively within Azure UK South. Patient identifiers are pseudonymised before AI processing. Source records are purged automatically after summarisation. Full details are provided in the Data Protection Impact Assessment (DPIA) shared with each trust during onboarding.
6. Intellectual Property
The Chron platform, including its software, design, and documentation, is the intellectual property of Chron Health Ltd. NHS trusts retain full ownership of their patient data at all times. AI-generated summaries become the property of the commissioning trust upon approval.
7. Limitation of Liability
Chron Health Ltd provides the platform on an "as is" basis for the purposes described in the service agreement with each trust. To the maximum extent permitted by law:
- Chron Health Ltd shall not be liable for clinical decisions made on the basis of AI-generated summaries
- Total liability shall not exceed the fees paid under the relevant service agreement in the 12 months preceding any claim
- Chron Health Ltd shall not be liable for indirect, consequential, or incidental damages
8. Service Availability
Chron Health Ltd will use commercially reasonable efforts to maintain service availability. Specific uptime commitments and support response times are defined in the service level agreement (SLA) within each trust's contract.
9. Termination
Either party may terminate the service agreement as specified in the contract terms. Upon termination, Chron Health Ltd will securely delete all patient data within 30 days and provide a certificate of destruction.
10. Governing Law
These terms are governed by the laws of England and Wales. Any disputes shall be subject to the exclusive jurisdiction of the courts of England and Wales.
Contact
For questions about these terms, contact us at hello@chron.health.