Docuity EHR · the clinic chart

The chart that keeps its word.

Docuity EHR is a lightweight clinical record for a single clinic or a small group. Patients, encounters, and SOAP notes you sign and lock, kept over an audit trail you can actually verify. No modules to configure. No per-seat pricing.

Built for clinicians who chart all day and the admins who keep the clinic straight. One Docuity ID signs you into every app in the suite. Tour the features.

01What it is

One quiet screen per patient.

Not a hospital platform pretending to be small. Docuity EHR does the everyday clinic record and stops there, so the surfaces stay legible and the whole thing stays fast on a clinic workstation.

  1. 01Patient list with MRN, demographics, and a chart per person.
  2. 02Chart tabs: problems, medications, allergies, vitals, and documents.
  3. 03Encounters, each with a structured SOAP note.
  4. 04Members and roles, so the front desk and clinicians see the right controls.
  5. 05A clinic audit log you can open and read.

02The encounter

Draft freely. Sign once. Then it holds.

The signature is the moment the record becomes evidence. Everything before it is a draft; everything after it is fixed and legible.

  1. 01Draft

    Open an encounter and write the SOAP note. A light autosave keeps the draft as you type, so nothing is lost between rooms.

  2. 02Review

    The note stays fully editable while it is a draft. Nothing is final, and nothing is stored as signed until you say so.

  3. 03Sign

    Signing takes the sign_note capability, a per-form token, and a same-origin request. What is on the screen is exactly what gets stored.

  4. 04Locked

    The signature locks the note and closes the encounter. From here it is read-only. Corrections are additive, never silent.

Need to correct a signed note? You append an addendum, or mark it entered in error, which strikes the text through without erasing it. The original stays readable, and both actions land in the audit log with your name on them.

03The audit trail

A record you can prove, not just trust.

Every clinical read and write is written to an append-only log, one chain per clinic. Each entry carries a hash of the entry before it, so the chain verifies end to end: alter or drop a single row and the recomputation stops matching. In production a failed audit write fails the request rather than proceeding unlogged.

clinic audit chainsha-256
encounter.sign09:14:07
prev 9f3c…a1e4 · this 4be2…7d90
note.addendum.create09:22:41
prev 4be2…7d90 · this c018…2f6b
access.denied09:26:03
prev c018…2f6b · this a7d1…08bc

Illustrative. Admins with the view_audit capability read the real chain in the app.

04Honest by default

What is true, and what we will not pretend.

  • Per-clinic isolation. Every query is scoped to your clinic. A request for a record outside your membership is refused, and the refusal is itself audited.
  • Sign-in lives in Docuity ID. Signed sessions, passkeys first, and same-origin checks on every write. This app never sees your password.
  • In transit, TLS throughout. And a tamper-evident audit chain at rest for who did what, when.

What we do not claim

No HIPAA certification, no SOC 2 report, and no BAA. Chart contents are not field-encrypted beyond your database and disk. We would rather write that plainly than let a badge imply otherwise.

Read the full security posture

Start with one clinic.

Create your Docuity ID, open a clinic, and add your first patient in a few minutes. Bring the rest of the team in when you are ready.