Frequently Asked Questions
Find answers to common questions about MedClinicPro's platform and security.
Is my patients' data secure on shared hosting?
Yes. We utilize application-level encryption, secure routing via our custom MVC framework, and strict directory restrictions (.htaccess). While dedicated servers offer hardware isolation, our software architecture ensures data separation via unique clinic IDs and prevents unauthorized access regardless of the hosting environment.
How does the multi-clinic system work?
The platform uses a centralized database architecture. Every record (patients, appointments, billing) is tagged with a specific `clinic_id`. When a user logs in, the application automatically scopes all database queries to their specific clinic, ensuring data isolation.
Do I need SSH access to install this?
No. The system is specifically designed to be deployed without command-line access. You simply upload the files via FTP/cPanel, import the provided SQL file via phpMyAdmin, and update your database credentials in the configuration file.
What is "Bank-Grade Security"?
It refers to our implementation of rigorous security standards: strong HTTP security headers (CSP, HSTS), PDO prepared statements to block SQL injection, CSRF tokens on all forms, and robust XSS prevention on all output.