Introduction
Patient Consent To The Use of Telemedicine: The tele-consultation may be videotaped, digitally recorded, filmed, or photographed and used for teaching purposes. The tele-consultantions, in whatever form, available, may also be used to monitor the quality of consultation and to improve the solutions. The patient’s identity will not be revealed by the user/ company. A breach of privacy of personal medical information is theoretically possible. Lack of access to complete medical records may very rarely result in judgment errors.
NCPL PRIVACY POLICY
At Neurosynaptic Communications Pvt. Ltd., (hereafter referred as ‘Company’ in this policy) we deeply care about privacy and confidentiality of Personally Identifiable Information (PII). We believe in transparency and company is committed to being upfront about our privacy practices.
1. SCOPE AND PURPOSE
Software Applications and Medical Devices (Products) supplied by the Company are used by health workers to provide healthcare services to the population, by enabling them to enter clinical information about the patients in their Electronic Medical Record (EMR) and measure & upload various diagnostic parameters for the patients before and/or during an online consultation with a doctor.
The doctors can also use the same Products to provide consultation to patients who are otherwise deprived of quality healthcare either due to distance or cost.
This privacy policy describes the practices followed by Company with regard to information about users that company obtains, either directly or indirectly through third-party affiliates, through the Products. The Company does not control and is not responsible for the privacy practices of, or the data available on, the websites of third parties, and the company urges users to evaluate the soundness of these practices for themselves.
Please read the following carefully to understand what happens to Personally Identifiable Information (PII) that users choose to provide to Company. By visiting Company website and/or using the Products, users are accepting and consenting to the practices described in this policy.
2. SECURITY
The company is committed to ensure the security of users’ personal information. The Products have adequate security measures in place to protect the loss, misuse and alteration of the information. Company also follows all the guidelines put forth by various internationally standardised privacy compliances to ensure the protection of Personally Identifiable Information (PII). The Company uses SSL Technology to create secure connection to upload information to Company’s servers on the cloud and all the data is backed up periodically. The Company is operating in the health care industry with respect to The Health Insurance Portability and Accountability Act(HIPAA) that defines the security and privacy regulations required to protect sensitive patient health information apart from ISO 27001 that is meant for security management systems.
While company has taken utmost care to ensure user’s data security and integrity, unfortunately, the transmission of information via the internet is not completely secure. Although Company shall do its best to protect user’s personal data, Company cannot guarantee the security of user’s data transmitted to company’s site; any transmission is at user’s own risk. Keeping that in mind, Company cannot be held responsible for any compromise of data.
In case of data breach incidents involving Personally Identifiable Information (PII), Company shall provide a reasonable and consistent response to the data subjects, controllers as well as the regulatory authority within stipulated time. In case user needs to reach out to Company regarding any breach incidents, users can contact company by using the contact information provided on this page or on Compnany’s Website.
3. WHAT INFORMATION DO WE COLLECT?
Following information may be collected while using our Products.
- Demographic information about the users including their name, age, gender, address and phone number,
- Clinical information of the patients before and/or during consultation with a doctor e.g., Images related to patients from camera and Internal/External storage,
- Diagnostic Parameter readings which are patient’s health data,
- Permission to access the IMEI of mobile phone or tablet,
- Permission to access Bluetooth, USB and audio ports of the PC/mobile phone/tablet
- Permission for audio and video
- The data that we collect can be typically classified into “Personal information” and “Anonymous”.
The data that we collect can be typically classified into “Personal information” and “Anonymous”.
Personal information is information which can be traced back to a particular user. This can include user’s name, e-mail addresses, phone number or patient’s health records. Company collects personal information when users register or use company’s services. Personal Information also includes user’s health records.
Anonymous information is information which cannot be traced back to any particular user. This is collected using cookies, the Products, and other means. This information is typically used to enable the delivery of various services and also to improve user’s experience while using our products and services. Company may also use third-party advertisers to show user relevant advertisements, user can view their privacy policies at their respective websites. Company cannot be held responsible for what the third-party advertisers do with user’s data.
3.1 When user signs up:
The Product’s registration form requires users to provide company contact information, such as a name, mobile number and e-mail address. By subscribing to the Company’s Products and Services, user has agreed to receive email notifications that are necessary for the Company to communicate important information to you. These emails are notifications only.
On user’s acceptance, the Company also may use this information to send periodic newsletters and/or promotional material from third-party partners or sponsors. User may opt-out of receiving future mailings by changing user’s account settings. Contact information may also be used by the Company to contact user, when necessary.
3.2 When user visits Company’s Website and/or use the Products:
When users use the Products or visit the Website, the Company may collect and store the name of the domain and host from which users access the Internet; the unique Internet protocol (IP) address of the computer users are using; the browser software users use and user’s operating system; the date and time users access our sites; and the Internet address of the site from which user linked directly to our sites. The Company will use IP addresses to identify any visitors who refuse to comply with the Company’s rules or terms of use.
Company may also collect other data like the equipment used to visit the Website or use the Products, the patterns of searching and browsing that preceded access to Products and Website, and the patterns of searching and browsing on the Website and Products.
3.3 When Patients consult a Doctor using the Products:
- information that you give us when you enquire or become a customer or patient of us including name, address, contact details (including email address and phone number);
- the name and contact details (including phone number) of your next of kin, or if you are a minor, the information of your parents;
- details of referrals, quotes, and other contact and correspondence we may have had with you;
- details of services and/or treatment you have received from us or which have been received from a third party and referred to us;
- information obtained from customer surveys, promotions, and competitions that you have entered or taken part in;
- recordings of calls we receive or make;
- notes and reports about your health and any treatment and care you have received and/or need, including clinic and hospital visits and medicines administered;
- patient feedback and treatment outcome information you provide; or
- information about complaints and incidents
If you name someone as your next of kin and provide us with their personal data, you must ensure that this person, or if they are under 18, their parent or guardian, is aware of and consents to the terms outlined in our Privacy Policy.
4. HOW DO WE USE USER’S INFORMATION?
Company does not sell, lease or rent collected or received Personally Identifiable Information (PII) to any non-affiliate companies or entities. Any information provided by user to the Company shall be used only upon consent and Company ensures to address confidentiality and privacy until the information is discarded completely. Company shall, if need be, share user’s information with subsidiaries and trusted partners and Company’s own services providers that support the services that Company provides.
All such affiliates are prohibited from processing Personally Identifiable Information (PII) and are required to maintain the confidentiality and privacy of personal data. Company shall make all reasonable efforts to ensure that personal data is not disclosed to regional/national institutions and authorities, unless required by legal or any other local (within country) or international (outside country) jurisdictional courts where company or its ancillary is situated.
In the usual course of our business, we may disclose your personal data (which will be limited to the extent reasonably necessary) to certain third-party organizations that we use to support the delivery of our services. This may include the following:
- business partners, suppliers, and sub-contractors for the performance of any contract we enter into with you;
- organisations providing IT systems support and hosting in relation to the IT systems on which your information is stored;
- delivery companies for the purposes of transportation; or
- third party service providers for the purposes of storage of information and confidential destruction, third party marketing companies for the purpose of sending marketing emails, subject to obtaining appropriate consent.
Where a third party data processor is used, we ensure that they operate under contractual restrictions with regard to confidentiality and security, in addition to their obligations under Data Protection Laws.
Company uses information collected through tracking technologies, such as cookies and beacons, to improve the functionality of the Products. The Company may collect this information to conduct system administration and site analysis. This is done using analytical, statistical tools/software or performed in collaboration with third parties. Company may also share non-identifiable, aggregated data with our partners and other third parties. It is also used by company to track the total number of users of the Products in aggregate form and identify the type of Internet web browser (e.g., Google Chrome, Mozilla Firefox, etc.) and operating system (e.g., Windows, Android, etc.) used by the visitor. This information allows company continuously to improve our Products.
Clinical information collected during the consultation is used by the Doctor to arrive at a final/provisional diagnosis and decide on the course of treatment for the patient.
5. RIGHTS USER HAVE OVER USER’S DATA:
Your personal data will be kept confidential and secure and will only be used for the purpose(s) for which it was collected and in accordance with this Privacy Policy, applicable Data Protection Laws, clinical records retention periods and clinical confidentiality guidelines.
We normally process personal data if it is:
- necessary to provide you with our services – to enable us to carry out our obligations to you arising from any contract entered into between us and you relating to the provision by us of services or treatments to you;
- in our or a third party’s legitimate interests to do so;
- required or allowed by any applicable law;
- with your explicit consent for example direct marketing communications;
- necessary to establish, make or defend legal claims or court action;
- necessary for a public interest purpose in line with any laws that are applicable. This should assist in protecting the public against dishonesty, malpractice or other seriously improper behaviour for example, investigating complaints, clinical concerns, regulatory breaches.
As stated above, one of the legal grounds for processing data is where it is in our legitimate interests to do so, taking into account your interest/s rights and freedom. This allows us to manage the relationship that exists between you and us and can include the following reasons:
- provide you with information, products or services that you request from us;
- managing all aspects of our relationship with you, our products and services and any third parties who may provide products or services on our behalf;
- allow you to participate in interactive features of our services, when you choose to do so;
- notify you about changes to our products or services;
- keep our records up to date;
- respond to requests where we have a legal or regulatory obligation to do so;
- check the accuracy of information about you and the quality of your treatment or care
- support your doctor, nurse or other healthcare professional;
- to conduct and analyse market research;
- to ensure that content from any of our websites is presented in the most effective manner for you and for your computer;
- to allow us to enforce our website terms of use, our policy terms and conditions or other contracts, or to protect our or other’s rights, property or safety;
- to share your personal information with people or organisations in order to run our business or comply with any legal and/or regulatory obligations including to defend ourselves from claims, exercise our rights and adhere to laws and regulations that apply to us and the third parties we work with; or
- to take part in, or be the subject of, any sale, purchase, merger or takeover of all or part our business.
6. HOW LONG WE RETAIN YOUR DATA
Unless we explain otherwise to you, we will retain your personal data on the basis of the following guidelines:
- for as long as we have a reasonable business need, such as managing our relationship with you and managing our business
- for as long as we provide services and/or treatment to you and then for as long as someone could bring a claim against us and/or
- in line with legal and regulatory requirements or guidance;
- Data collected from the patient for the purpose of medical consultation and such other purpose shall be maintained by the Company for the maximum period prescribed under the law for the time being in force and the same shall become extinct after such period unless the same is accessed by any user of the system at any time. The data stored shall be hibernated after such period and the same shall have to be recuperated when the same is accessed by the user.
7. RIGHTS USER HAVE OVER USER’S DATA:
User has the following rights over user’s data:
- Request an electronic copy of user’s profile: User can ask user’s provider to send user an electronic copy of the data that Company has on user. Company will provide user a summary of the information Company has, within a reasonable time upon receiving the request through user’s provider. User may be charged a reasonable fee for the same.
- Ask us to correct information: If users think that user’s data is incorrect or incomplete, user may send company a request through user’s provider to correct the information. We will comply with all reasonable requests and will notify user in case we do decide to say “no”.
- Ask to delete: You may request the company to delete your personal data, which request shall not be unreasonably withheld, however the company may holds such data as may be needed to exercise the right of freedom of expression; there is a legal obligation to keep that data; or for reasons of public interest (for example public health, scientific, statistical or historical research purposes).
- Right to Opt Out. We acknowledge that you may have specific preferences or requirements related to the services provided by us. Therefore, you reserve the right to opt out of certain services or features offered by us. You also have the right to opt out of receiving non-essential communications such as promotional and marketing-related information regarding the services. To exercise the opt-out right, you shall provide written notification to us clearly specifying the services, features, or components of services (including non-essential communications) from which you wish to opt-out. This notification shall be sent to info@neurosynaptic.com within a reasonable time frame.
8. AMENDMENT TO YOUR DATA
You are responsible for maintaining the accuracy of the information you submit to us, such as your contact information provided as part of account registration. If your personal information changes, you may correct, delete inaccuracies, or amend information by making the change on our member information page or by contacting us through info@neurosynaptic.com. We will make good faith efforts to make the requested changes in our then active databases as soon as reasonably practicable. If you provide any information that is untrue, inaccurate, out of date or incomplete (or becomes untrue, inaccurate, out of date or incomplete), or we have reasonable grounds to suspect that the information provided by you is untrue, inaccurate, out of date or incomplete, we may, at our sole discretion, discontinue the provision of the services to you. There may be circumstances where we will not correct, delete or update your personal data, including (a) where the personal data is opinion data that is kept solely for evaluative purpose; and (b) the personal data is in documents related to a prosecution if all proceedings relating to the prosecution have not been completed.
9. MINORS
The Products and Website are not intended for used by individuals under the age of 18 years unless accompanied by their parent and/ or guardian.
10. LIMITATION FOR USE OF DATA
Company maintains and enforces reasonable and proper information management policies and practices that assure that its collection, maintenance, use, and dissemination of information about an individual is necessary and lawful and the information itself is current and accurate
The Company shall be accountable for its personal data record keeping policies, practices, and systems.
11. COOKIES
Our websites use cookies to distinguish you from other users of our websites. This helps us to provide you with a good experience when you browse our websites and also allows us to improve our websites.
By law, website operators are required to ask for a website user’s permission when placing certain kinds of cookie on their devices for the first time. Where consent is required, the law states that it should be “informed consent”, which means we must ensure that you understand what cookies are and why we want to use them. We are committed to providing the best digital service to you whilst at the same time fully protecting your privacy. For further information on our cookies policy and how we use cookies through use of all our online services, please see below.
What are Cookies?
Cookies are text files containing small amounts of information that are downloaded to your device when you visit a website. Cookies are then sent back to the originating website on each subsequent visit, or to another website that recognises that cookie. Cookies are useful because they allow a website to recognize a user’s device.
Cookies do lots of different jobs, like letting you navigate between pages efficiently, remembering your preferences, and generally improving your user experience. They can also help to ensure that adverts you see online are more relevant to you and your interests.
CATEGORY 1 COOKIES
These cookies are essential in order to enable you to move around our websites and use its features, such as accessing secure areas of the websites. Without these cookies, services you have asked for cannot be provided.
Your consent is not required for the delivery of those cookies which are strictly necessary to provide services requested by you. We use these types of cookies.
CATEGORY 2 COOKIES
These cookies collect information about how visitors use a website, for instance which pages visitors go to most often, and if they get error messages from web pages. These cookies don’t collect information that identifies a visitor. All the information these cookies collect is aggregated and therefore anonymous. It is only used to improve how a website works.
Web analytics that use cookies to gather data to enhance the performance of a website fall into this category. For example, they may be used for testing designs and ensuring a consistent look and feel is maintained for the user. This category does not include cookies used for behavioral/ targeted advertising networks.
We use these types of cookies. By using our website and online services you agree that we can place these types of cookies on your device.
CATEGORY 3 COOKIES
These cookies are used to deliver adverts more relevant to you and your interests They are also used to limit the number of times you see an advertisement as well as help measure the effectiveness of the advertising campaign. They are usually placed by advertising networks with the website operator’s permission. They remember that you have visited a website and this information is shared with other organisations such as advertisers. Quite often targeting or advertising cookies will be linked to site functionality provided by the other organization.
We do not use these cookies on our website.
Please note that third parties (including, for example, advertising networks and providers of external services like web traffic analysis services) may also use cookies, over which we have no control.
For more information on our position on the use of cookies, please contact us: info@neurosynaptic.com.
12. CHANGES
Company reserves the right to make periodic updates and revisions to this Policy. Company also reserves the right to change this policy at any time and without any notice. Any changes will be posted on this page. Please check this page to review whether any changes have been made to the Policy. User’s continued use of our Products and Website constitutes user’s agreement to this privacy statement and any updates. We also encourage users to provide feedback and comments using the contact information below or on the Company’s website.
13. CONTACT
Users of our Products and visitors to our website, who have questions about this privacy policy, the privacy practices of the Company, or their dealings with our Products and website, insofar as their privacy and confidentiality are concerned, may also contact the Company at info@neurosynaptic.com