Comprehensive data protection and privacy policy governing the collection, use, and protection of personal information.
This Privacy Statement elucidates the utilization and safeguarding of personal information gathered by HealthFlo. It is applicable to any data collected and may include, but is not limited to, your personal information, medical history, clinical records, prescriptions, laboratory reports, blood test results, imaging reports, pathology reports, and any other medical or diagnostic data that you voluntarily provide to HealthFlo and, as permitted by applicable law, any personal information acquired from different sources.
This Policy underlines the requirement to comply with the rules and regulations applicable to HealthFlo AI SOLUTIONS PVT. LTD. (herein referred to as HealthFlo or Company or Data Fiduciary or Us/We) and the Clients, Patients, Customers, Suppliers, Third parties, etc., (herein referred to as, "Data Principal", "You" or "Your") with regard to any data collected may include, but is not limited to, your personal information, medical history, clinical records, prescriptions, laboratory reports, blood test results, imaging reports, pathology reports, and any other medical or diagnostic data that you voluntarily provide to HealthFlo.
The HealthFlo takes the security and privacy of your data seriously. The HealthFlo needs to gather and use information or 'data' about you as part of medical requirements. It intends to comply with all legal obligations under the relevant laws of the jurisdiction including Digital Data Protection Act, 2023, Information Technology Act, 2000, General Data Protection Regulation ('GDPR') in alignment with HIPAA guidelines and PHI, in respect of data privacy and security.
This policy applies to any collected data that may include, but is not limited to, personal information, medical history, clinical records, prescriptions, laboratory reports, blood test results, imaging reports, pathology reports, and any other medical or diagnostic data that Patients, Clients, Customers, Suppliers, Third parties, etc voluntarily provide to HealthFlo.
The Company/HealthFlo is a 'Data Fiduciary' for the purposes of your personal data. This means that we determine the purpose and means of processing your personal data.
means personal information, medical history, clinical records, prescriptions, laboratory reports, blood test results, imaging reports, pathology reports, and any other medical or diagnostic data.
means any data about an individual who is identifiable by or in relation to such data; information that relates to a living person who can be identified from that data on its own, or when taken together with other information which is likely to come into our possession.
in relation to personal data means an automated operation or set of operations performed on digital personal data, including collection, recording, organisation, structuring, storage, adaptation, alteration, retrieval, use, alignment or combination, indexing, sharing, disclosure by transmission, dissemination or otherwise making available, restriction, erasure or destruction.
means any person who alone or in conjunction with other persons determines the purpose and means of processing personal data.
means the individual to whom the personal data relates and where such individual is a child includes the parents or lawful guardian of such a child.
Access your data and request its correction or deletion if inaccurate or no longer necessary.
Withdraw consent at any time. HealthFlo will cease processing within a reasonable time upon withdrawal.
• Provide authenticated personal data to HealthFlo and handle data with care ensuring integrity and accuracy
• Not misuse any data or information provided by HealthFlo for official purposes
• Not transfer or share HealthFlo data to third parties without prior approval
• Not store HealthFlo data on unauthorized personal devices or cloud services
• Report security incidents or suspected unauthorized access immediately
• Collect and process data legally with prior consent clearly describing what data is collected
• Make reasonable efforts to ensure personal data is accurate and complete
• Provide proper procedure and effective redressal mechanism
• Protect personal data with necessary security measures
• Not retain data longer than necessary unless required by law
Robust policies and procedures for data handling
End-to-end encryption and access controls
Secure facilities and audit logs
You have the right to request access to your personal information held by HealthFlo. We will make sincere efforts to respond to your request in a timely manner. You can request rectification of your data by contacting HealthFlo at the designated contact information.
In the event of a privacy breach, HealthFlo shall promptly assess the impact and take necessary steps to mitigate risks and prevent further breaches. We will notify the designated Data Protection Authority within 72 hours and affected individuals when required by law.
HealthFlo will not be held responsible for verifying the authenticity of personal information provided by service providers. It is the duty of data principals to ensure that the information they supply is authentic and accurate.
If you have any grievances or complaints regarding the processing of your personal information, you can submit them in writing to HealthFlo. We will address your grievance as quickly as possible.
This Privacy Statement comes into effect on ______________ 2025 and replaces all existing policies related to this subject matter.
Failure to comply with this Policy may result in serious consequences including damages, legal actions, fines, and penalties. HealthFlo AI SOLUTIONS PVT. LTD. reserves the right to amend this Policy from time to time.