ClinCap

Built for the Faculty of Dentistry, Universiti Malaya

Clinical photography, captured and controlled properly.

ClinCap is a clinical photo management app for dental education. It replaces phone cameras and shared drives with patient-linked capture, digital consent, and secure cloud photo storage in Malaysia, so no photo ever touches a personal device.

Hosted in Malaysia (AWS ap-southeast-5)
7-year minimum retention
No hard deletes, enforced at four layers
Encrypted in transit and at rest

Everything a dental patient photography workflow needs

ClinCap is built around one clinic visit at a time: find the patient, confirm consent, capture, and move on.

Patient-linked photo capture

Search a patient by registration number, or add one in the same step. Every photo in this dental patient photography workflow is tagged automatically, so nothing is misfiled or unattributed.

Digital consent management

The faculty's consent form is shown on-screen, signed with a finger, and stored against the patient. Capture stays gated until valid digital consent exists.

Secure cloud photo storage

Photos are compressed on-device and uploaded straight to encrypted cloud storage. They are never written to the phone's photo gallery, not even briefly.

Offline photo capture

Clinic wifi drops, capture doesn't. Photos queue locally and sync automatically with retry once a connection returns, with no duplicates.

Patient photo timeline

Every photo, grouped by visit date, with the photographer and notes attached. A zoomable viewer makes progression across visits easy to review.

Role-based access control

Lecturers invite students with expiring, usage-capped links, and can deactivate access immediately when someone leaves the programme.

From patient to timeline in four steps

Designed around real clinic sessions, so a photo takes seconds, not minutes.

01

Find or add the patient

Enter the 6-digit registration number. If the patient exists, their record opens instantly; if not, add them in the same step.

02

Confirm consent

If consent isn't already on file, the app shows the form and captures a signature before capture is allowed to proceed.

03

Capture and upload

Take the photo, add optional notes, and it uploads directly to encrypted storage, compressed to the department's chosen quality.

04

Review on the timeline

The photo appears in the patient's timeline immediately, visible to the whole department and ready for review on the web dashboard.

Patient photos deserve more than a shared drive

ClinCap is built to hold up under audit, with consent handling that supports PDPA withdrawal rights throughout.

4

layers of delete protection

AES-256

encryption at rest

TLS 1.2+

encryption in transit

7 yrs

minimum retention

No-delete guarantee, four layers deep

There is no delete endpoint in the API. IAM policy, the storage bucket policy, and object lock retention each independently deny it too.

Minimal PII, handled deliberately

Beyond a registration number, the only personal data is a patient's name and signature on their consent record. Neither is ever logged.

Encrypted everywhere

TLS 1.2+ in transit, AES-256 at rest for both the database and photo storage. No client ever holds direct database credentials.

Access enforced server-side

Every request is scoped to the department and checked against the user's active status, so a deactivated account loses access immediately.

Built on a trusted foundation

ClinCap sits on infrastructure and institutions built for clinical data, not a generic file share.

Institution

Faculty of Dentistry, Universiti Malaya

Deployed for the Oro-maxillofacial department, built around real dental clinic workflows rather than a generic template.

Infrastructure

AWS, Malaysia region

Every data-bearing resource runs in ap-southeast-5, meeting local data residency expectations for clinical records.

Built and supported by

Deta Technologies

Designed, built, and backed by a 5-year technical support and warranty commitment, not a one-off delivery.

A proper desk for lecturers to review from

The same ClinCap data, on the web, laid out for dental case review rather than capture. Lecturers sign in from a browser to see the full department at a glance.

  • Patient list and timeline side by side, built for a wide screen
  • Full-size photo review for dental case discussion and teaching
  • User management and invitations, without needing a vendor
  • Same email sign-in as the app, no separate account to manage

Frequently asked questions

Common questions about how ClinCap handles patient photos, consent, and data residency.

What is ClinCap?

ClinCap is a clinical photo management app that lets dental students and lecturers capture, consent, and organise patient photos securely, built specifically for the Faculty of Dentistry, Universiti Malaya.

Where is patient photo data stored?

All data is stored in AWS's Malaysia region (ap-southeast-5), meeting local data residency expectations. Nothing is stored outside Malaysia.

Can photos be deleted from ClinCap?

No. ClinCap enforces a no-hard-delete guarantee across four layers: there is no delete API endpoint, IAM policy denies it, the storage bucket policy denies it, and object lock retention enforces a 7-year minimum.

Does ClinCap require patient consent before photos are taken?

Yes, when enabled. ClinCap can gate photo capture until a patient has digitally signed the faculty's consent form, and consent can be revoked to support PDPA withdrawal rights.

Is there a web dashboard for lecturers?

Yes. Lecturers can review patient timelines, manage users, and issue invitations from a responsive web dashboard, without needing the mobile app.

Ready to bring ClinCap to your department?

Talk to the team at Deta Technologies about deploying ClinCap for your faculty, including a walkthrough of capture, consent, and the review dashboard.

Currently deployed for the Faculty of Dentistry, Universiti Malaya.