Your data stays in Nigeria. Every access is logged. You can read the log.
This page explains exactly how PHB protects your data, enforces sovereignty, and gives you visibility of every access — in plain language, with no over-claiming.
Sovereignty Gateway — enforced at the network edge.
Every storage call in PHB routes through a Sovereignty Gateway before it leaves the application layer. The gateway inspects the destination and rejects any attempt to write health data outside Nigeria — this is enforced at the network layer, not just declared in policy.
Primary storage is in Lagos (NG-WEST). A hot mirror sits in Abuja (NG-NORTH) with automatic failover in under 90 seconds. Sovereign backups are kept in-country.
Real-time by default. Humane fallbacks for every situation.
PHB’s default is real-time consent: a provider requests access and you approve it on your phone or via USSD. But Nigeria’s reality demands fallbacks for when you are offline, unreachable or unconscious.
See every access. Raise a query. Pull consent.
The audit log is append-only and Merkle-hashed — entries cannot be altered or deleted without detection. It is retained for 7 years per NDPA requirements.
You can view the log from the app, web, USSD or IVR. You can pull access from any provider at any time, with immediate effect.
Security measures, stated plainly.
Questions about your data?
Read the privacy notice, make a DSAR or contact the Data Protection Officer directly.