Legal

Confidentiality Notice

Last updated: Not yet finalized · Effective date: Not yet effective

DRAFT — Not reviewed by legal counsel

This notice reflects how Dr. Prison handles confidential information today, but the language has not been reviewed or approved by counsel. A reviewed version will supersede this draft once published with an effective date.

What this notice says, in plain English

  • We won't share what you tell us, except where the law forces us to.
  • This is a contract promise, not attorney-client privilege. A judge can subpoena our records.
  • If your matter genuinely needs privilege, we'll route the sensitive parts through a partner attorney so the work product is protected.
  • Inside Dr. Prison, only the staff working on your case sees your information. Audit logs record every access.

1. Scope of this notice

This Confidentiality Notice covers the substance of what clients and sponsors share with Dr. Prison — the facts of a case, a presentence report, medical history, family circumstances, disciplinary history, and the like. The Privacy Policy covers how we handle personal data as data; the Terms of Service covers our contractual relationship. All three operate together. Where they overlap, the more protective provision controls.

2. Our confidentiality promise

Dr. Prison and every member of our staff and contractor network agree, as a binding contractual obligation, that they will not disclose information shared with us in the course of services to any third party except as this notice expressly permits. This promise is civilly enforceable. It continues to apply after services end, after an account closes, and — as to any individual staff member or contractor — after they leave Dr. Prison.

3. This is not attorney-client privilege

Contractual confidentiality is not the same as attorney-client privilege. Privilege is a creature of law that can block a court from compelling the production of communications between a client and their attorney. Because Dr. Prison is not a law firm and our staff are not acting as your attorneys, communications with us are not privileged. A court, a grand jury, or the BOP can issue a subpoena or a valid order that compels us to produce records, and we will comply to the extent the law requires. If your matter needs true privilege, see §6 and talk to us about routing the sensitive parts through a partner attorney.

4. When we will disclose

We will disclose client information only in these situations:

  • With your written or on-platform consent, to a person or organization you name.
  • To a partner attorney you have engaged through §6, when and as needed to support that engagement.
  • In response to a lawful subpoena, valid court order, search warrant, or BOP administrative request backed by regulatory authority.
  • As required by mandatory-reporting laws (for example, credible reports of child abuse or imminent serious harm to an identifiable person).
  • To our service vendors (hosting, encrypted storage, payment processing, email delivery) only to the extent they need the information to perform their contract with us, and only under written agreements that bind them to equivalent confidentiality terms.

5. Notice process when we receive a demand

When we receive a subpoena, court order, or other compelled-disclosure demand, and the law does not prohibit us from telling you about it, we will notify you in writing at the address and email on file at least five (5) business days before producing records, unless the demand specifies a shorter timeline. That notice gives you the opportunity to seek legal protection (for example, a motion to quash or narrow the demand). In a narrow set of cases — gag orders, grand-jury subpoenas that prohibit disclosure, or national-security letters — we may be legally prohibited from notifying you; where we are later permitted to notify you, we will.

6. When you need true privilege

For any service where attorney-client privilege genuinely matters — direct appeals, §2255 motions, compassionate-release filings, civil-rights litigation, and similar matters — Dr. Prison routes the work through a partner attorney of record. The attorney opens a separate engagement with you under a distinct engagement letter. Dr. Prison then works at the attorney's direction and as their support, so that privilege attaches to the work product. Pricing always itemizes Dr. Prison's platform fees separately from the attorney's fees, and Dr. Prison does not share in legal fees. The attorney's professional obligations to you (loyalty, confidence, candor) run directly from the attorney to you, not through Dr. Prison.

7. Internal access controls

Inside Dr. Prison, access to client information is role-based and follows the principle of minimum necessary access. Only the staff members assigned to your service order, the coach assigned to your case, and the supervisors accountable for those assignments can read your records. Every access is recorded in our append-only audit log, which includes who viewed what, when, and from what IP. Staff are trained on this notice during onboarding and annually thereafter.

When a sponsor acts on behalf of a mail-only inmate, the sponsor necessarily has broad visibility into the inmate's profile, communications, and service records — the sponsor is operating the account. Once the inmate gains tablet access and takes over their own account, the inmate can narrow what the sponsor sees and revoke the sponsor's proxy authority. Private inmate-to-staff communications (for example, a disciplinary-hearing brief discussed only between the inmate and their coach) are never exposed to a sponsor without the inmate's consent. Every change to sponsor proxy scope is audit-logged.

9. Staff and vendors

Every Dr. Prison employee and contractor signs a written confidentiality agreement before accessing client data, and that agreement survives their departure. We rely on a small set of vendors (hosting, encrypted storage, payment processor, email infrastructure) whose contracts with us bind them to equivalent confidentiality obligations. The current vendor list is maintained as part of the Privacy Policy (see Privacy §6) and updated when it changes.

10. Technical safeguards

Confidentiality is enforced not only by promise but by technical controls: TLS 1.2+ in transit, Argon2id password and PIN hashing, libsodium (NaCl secretbox) per-file encryption for sensitive documents at rest with master keys stored outside the web root, an immutable audit log whose UPDATE and DELETE grants are revoked at the database-user level, rotating session tokens on privilege change, concurrent-session limits, and file-system permissions that exclude the web user from secret material. See Privacy Policy §8 for the full description.

11. Retention

Confidentiality survives the closure of an account. While an account is active, records are retained for as long as needed to deliver services. After closure, communications, filings, and service records are retained for seven (7) years before being purged. Audit-log entries are retained indefinitely to preserve the integrity of the record. Confidentiality obligations continue to apply during retention — retained records are protected to the same standard as records of active clients — and after purge, no one at Dr. Prison retains independent copies.

12. If something goes wrong

If we discover an unauthorized disclosure or security incident that affects your data, we will notify you within the timeline required by applicable state law (and generally no later than 72 hours after confirmation). That notice will describe, to the best of our knowledge at the time: what happened, what categories of information were involved, who appears to have been affected, what steps we have taken to contain and remediate, and what steps we recommend you take. We will follow up with additional information as our investigation progresses.

13. Questions and complaints

If you have a confidentiality concern — including any concern about a specific staff member or contractor — contact us at confidentiality@drprison.org. We do not retaliate against any client or sponsor who raises a confidentiality concern in good faith, and a complaint about a specific staff member is routed for handling to a supervisor who is not that staff member. If you are dissatisfied with our response, you may also contact an attorney or the appropriate state or federal agency.

14. Changes to this notice

We may update this notice from time to time. Material changes will be announced to sponsors by email at the address on file and posted on-platform at least 30 days before they take effect. Once the notice is finalized, we will maintain a versioned changelog at the bottom of this page so you can see what changed and when.

15. Acknowledgement at signup

Sponsors check a separate acknowledgement at signup confirming that they have read and understood this notice. That acknowledgement is recorded on the sponsor's account record with a timestamp and IP. Inmates are asked to acknowledge the notice on first tablet login; the acknowledgement is recorded on the inmate's account in the same way. You may re-read this notice at any time at drprison.org/confidentiality.