Data sovereignty
Data sovereignty is the principle by which the therapist retains effective ownership over each client's clinical record — who reads it, where it is stored, how long it remains, and under which jurisdiction it is processed. It is the opposite of the marketplace model, where the intermediating platform is the real owner of the relationship with the client.
In clinical practice, data sovereignty translates into three layers. First, jurisdiction: information must live on European infrastructure under GDPR, never replicated to the U.S. nor handed over to third parties to train AI models. Second, control: the therapist decides retention, export and destruction; no provider can refuse a GDPR right-to-be-forgotten request. Third, portability: the data format is standard (JSON, PDF, FHIR where applicable) so that switching software does not mean losing it. The opposite model, still dominant in Spanish dental and medical prospecting (Doctoralia, ZocDoc), inverts the relationship: the platform owns the "patient record" and the professional rents access. When the professional leaves, the clinical data stays inside the marketplace. That is a legitimate model for directories, but incompatible with the practice of psychotherapy, where confidentiality and continuity of the bond are the very ground of the work.
Inside nexmin
nexmin is built GDPR-first: infrastructure on Google Cloud Madrid, AES-256 encryption at rest, an Identity Vault that separates identity (the person) from patient (the clinical role) so the right to be forgotten can be honoured without losing anonymised aggregate data, and retention configurable per organisation. If you cancel, you export your full base and nexmin deletes it. No fine print.
Related terms
Last updated: 2026-06-11