DoulaConnect
Sign in

Legal

Privacy policy

Last updated: 2026-06-03

Summary

DoulaConnect is a non-profit platform for medical schools and teaching hospitals running student doula programs. We collect the minimum information needed to coordinate volunteer doulas with birthing families. We do not store Protected Health Information (PHI).Patient records use system-generated aliases; real patient identity stays in your institution's electronic health record (EMR).

What we collect

  • Account data: name, email, role, and the institution you belong to.
  • Volunteer profile data: phone number (only if you opt into SMS), medical school year, graduation year, languages, bio, and availability notes — entered by you.
  • Inquiry submissions: when a prospective student submits an interest form, we collect the contact and motivation fields shown on that form.
  • Patient records (alias only): a system-generated alias plus non-identifying logistical fields (birth window, hospital unit, parity, language, support preferences, free-form notes). No real names, dates of birth, MRNs, or contact information.
  • Operational logs: standard access logs and error reports for security and reliability.

What we do with it

  • Coordinate doula assignments, shifts, and reminders.
  • Notify you of program activity (invites, status changes).
  • Aggregate usage data to improve the platform.
  • Comply with legal obligations and respond to lawful requests.

Who can see what

  • Each institution's data is isolated.Row Level Security in the database means one institution's admins and doulas cannot see another institution's data.
  • Doulas see only the patient records they are assigned to, and only the alias-only fields.
  • Institution adminssee their program's doulas, patients, inquiries, and assignments.
  • Platform staff (central admin) can access data for support and administration.

PHI policy

DoulaConnect is not a HIPAA-covered electronic health record. The platform stores no Protected Health Information. Entering real patient identifiers into any field violates platform policy and may constitute a HIPAA violation. All users are responsible for compliance with their institution's privacy policies.

Service providers

We use the following third parties to operate the platform:
  • Vercel — application hosting
  • Supabase — database and authentication
  • Resend — transactional email
Each is bound by their own privacy and security commitments.

Your rights

You may request access to, correction of, or deletion of your personal data by contacting your institution admin or the platform team via the Contact page. Volunteers may also edit their own profile data directly in the doula portal.

Contact

Questions about this policy? Reach us via the Contact form.