1. Introduction

This Acceptable Use Policy (“AUP”) forms part of the overall Service Agreement, including the Terms & Conditions, Privacy Policy, and Data Processing Addendum (“DPA”) between The Unforsaken house of Hephzibah (“Hospital”) and Users, which may include patients, staff, contractors, third-party service providers, and authorised visitors (“Users”).

This AUP governs your use of all hospital systems, digital platforms, communication channels, tele-mental health services, electronic medical records (EMR), and any other technology, device, or network operated by or on behalf of the Hospital (“Hospital Systems”).

Use of Hospital Systems indicates your acceptance of this AUP.

2. Purpose of the AUP

The purpose of this policy is to:

1. Protect patient confidentiality and clinical data
2. Ensure safe and lawful use of digital and physical resources
3. Support a therapeutic environment
4. Promote compliance with relevant Nigerian laws including

3. Acceptable Use Requirements

Users must:

1. Use Hospital Systems solely for legitimate clinical, operational, administrative or authorised personal purposes.
2. Access only the data and systems for which you have been granted authorisation.
3. Maintain strict confidentiality of patient information, including written records, EMR, telehealth recordings and psychological assessments.
4. Use secure passwords and protect devices from authorised access.
5. Comply with all hospital policies relating to security, privacy, professional conduct, and clinical governance.
6. Ensure that any online communication with patients or colleagues is respectful, professional, and compliant with relevant laws.
7. Report suspected breaches, data loss, or inappropriate behaviour immediately to the Hospital Administrator or Data Protection Officer (DPO).

4. Prohibited Activities

Users are strictly prohibited from:

4.1 Misuse of Patient Information

1. Accessing, sharing, or storing patient data without authorisation
2. Taking screenshots, photos or recordings of patient information
3. Using patient data for research without National Health Research Ethics Committee (NHREC) approval.
4. Discussing cases in public areas or on social media

4.2 Misuse of Hospital Systems

1. Using Hospital systems to access pornography, violent content, illegal material, or unapproved social networks.
2. Attempting to bypass security systems or firewalls
3. Introducing malware, unauthorised software, or unapproved devices
4. Using hospital email for harassment, abusive language, or personal business activities

4.3 Fraud, Financial Abuse & Misrepresentation

1. Submitting false information
2. Misrepresenting your identity
3. Attempting unauthorised billing, fee alteration, or fraudulent claims

4.4 Disruptive Behaviour

1. Any action that compromises patient safety or interferes with therapeutic services
2. Aggressive, threatening, or abusive conduct toward staff or patients

5. Communications & Electronic Messaging

By using Hospital Systems, you consent to monitoring of communications strictly for:

1. Security and fraud prevention
2. Compliance auditing
3. Protection of patient confidentiality

Hospital-provided communications channels may not be used for:

1. Personal business enterprises
2. Political campaign activity
3. Unlawful solicitation
4. Unapproved mass emailing

6. Security & Data Protection

Users must comply with:

1. Nigeria Data Protection Act (NDPA) 2023
2. Hospital's Data Protection Addendum (DPA)
3. All cybersecurity protocols

Users must immediately report:

1. Loss or theft of a device.
2. Suspected hacking or phishing.
3. Data leak or confidentiality breach.

The Hospital reserves the right to restrict or suspend accounts for security reasons.

7. Telehealth & Remote Services

Users must:

1. Use only approved tele-therapy platforms
2. Ensure private, confidential environments during virtual sessions
3. Avoid recording any clinical session unless expressly approved and documented

Patients must not:

1. Share telehealth links publicly
2. Record sessions without consent
3. Permit third parties to join without approval

8. Third-Party Services & Payments

If you make any payment for hospital services, you warrant that:

1. You have legal authorisation to use the payment method
2. Information provided is true and accurate

The Hospital may use the third-party providers. Your information may be shared with them according to the Privacy Policy.

We reserve the right to refuse or cancel a transaction where fraud, unlawful activity, or system misuse is suspected.

9. Consequences of Violating the AUP

Violations may result in:

1. Access restrictions
2. Termination of accounts
3. Clinical discharge (for patients)
4. Disciplinary action (for staff/contractors)
5. Reporting to regulatory authorities
6. Legal action under Nigerian law

10. Modification of the AUP

The Hospital may update or amend this AUP periodically. Continued use of Hospital Systems continues acceptance of the updated policy.

11. Contact Information

For questions, reporting breaches, or DPA inquiries: