Raxa considers privacy of the information collected from patients to be of utmost importance and follows a strict policy to protect the information. This policy lays down the practices and procedures that we follow in collecting, storing and handling the information provided by patients.
Collection of Information
Raxa collects demographic details like name, address and telephone number that could help to identify the patient. We also collect medical information related to the patient and this could include physical and physiological conditions, results of laboratory tests, details of medicine prescribed and other information related to the treatment of the patient at Raxa. We also collect information related to financial transactions concerning the treatment of the patient at Raxa. The patient by providing such information to us authorises us to use it in accordance with the terms of this policy.
Purpose of collection and usage of information
Raxa collects only the information which we consider relevant to provide the best healthcare to the patient. The information thus collected is used only for the purpose of providing the required healthcare to the patient. The information will be stored for such a period as reasonably necessary to provide continuous health care to the patient or till the time the consent to use the information is revoked by the patient. The information could be used for statistical purposes like analysis of area-wise outbreak of a disease.
Access to data
Raxa has a state-of-the-art privacy system ensuring that only those who have explicitly been given access to the data actually use it. Personnel performing various functions are only provided access to those parts of patient data which are necessary for them to perform their function. Access to the software handling patient data is restricted by a password based authentication system. A log of access to information of each user is also kept by the system.
Security practices and procedures
Raxa follows security practices and procedures that are consistent with international standards like the IS/ISO/IEC 27001 on Information Technology, Security Techniques,Information Security Management System Requirements. We follow well defined administrative, technical and physical security control procedures to provide reasonable protection to information provided by patients.
Transfer of information
Raxa may, in some cases, transfer information to third parties if it is necessary to meet the healthcare needs of the patient. Such transfer of information will only be done if the third party follows the same level of data protection as that followed by Raxa and the patient authorises Raxa to transfer such information to third parties.
Disclosure to Government
In some cases Raxa will have to disclose the information collected from patients to the Government to fulfil its legal obligations Such disclosure will only be carried out with agencies of the Government or agencies authorised by it and no information other than that which is required to be disclosed under law will be transferred to such agencies.
Changes in policy
Grievance Redressal Mechanism
If a user has any grievance related to the privacy of information provided to Raxa they may contact us at firstname.lastname@example.org.