Docuity EHR · the clinic chart
The chart that keeps its word.
Docuity EHR is a lightweight clinical record for a single clinic or a small group. Patients, encounters, and SOAP notes you sign and lock, kept over an audit trail you can actually verify. No modules to configure. No per-seat pricing.
Built for clinicians who chart all day and the admins who keep the clinic straight. One Docuity ID signs you into every app in the suite. Tour the features.
01What it is
One quiet screen per patient.
Not a hospital platform pretending to be small. Docuity EHR does the everyday clinic record and stops there, so the surfaces stay legible and the whole thing stays fast on a clinic workstation.
- 01Patient list with MRN, demographics, and a chart per person.
- 02Chart tabs: problems, medications, allergies, vitals, and documents.
- 03Encounters, each with a structured SOAP note.
- 04Members and roles, so the front desk and clinicians see the right controls.
- 05A clinic audit log you can open and read.
02The encounter
Draft freely. Sign once. Then it holds.
The signature is the moment the record becomes evidence. Everything before it is a draft; everything after it is fixed and legible.
- 01Draft
Open an encounter and write the SOAP note. A light autosave keeps the draft as you type, so nothing is lost between rooms.
- 02Review
The note stays fully editable while it is a draft. Nothing is final, and nothing is stored as signed until you say so.
- 03Sign
Signing takes the sign_note capability, a per-form token, and a same-origin request. What is on the screen is exactly what gets stored.
- 04Locked
The signature locks the note and closes the encounter. From here it is read-only. Corrections are additive, never silent.
Need to correct a signed note? You append an addendum, or mark it entered in error, which strikes the text through without erasing it. The original stays readable, and both actions land in the audit log with your name on them.
03The audit trail
A record you can prove, not just trust.
Every clinical read and write is written to an append-only log, one chain per clinic. Each entry carries a hash of the entry before it, so the chain verifies end to end: alter or drop a single row and the recomputation stops matching. In production a failed audit write fails the request rather than proceeding unlogged.
Illustrative. Admins with the view_audit capability read the real chain in the app.
04Honest by default
What is true, and what we will not pretend.
- Per-clinic isolation. Every query is scoped to your clinic. A request for a record outside your membership is refused, and the refusal is itself audited.
- Sign-in lives in Docuity ID. Signed sessions, passkeys first, and same-origin checks on every write. This app never sees your password.
- In transit, TLS throughout. And a tamper-evident audit chain at rest for who did what, when.
What we do not claim
No HIPAA certification, no SOC 2 report, and no BAA. Chart contents are not field-encrypted beyond your database and disk. We would rather write that plainly than let a badge imply otherwise.
Read the full security postureStart with one clinic.
Create your Docuity ID, open a clinic, and add your first patient in a few minutes. Bring the rest of the team in when you are ready.