RGHS Health

Privacy Policy

Your privacy and the security of your personal health information is our top priority. Learn how we protect, use, and manage your data.

Last updated: January 12, 2024 | Effective Date: January 1, 2024

Privacy Sections

Quick Links

Contact Privacy OfficerPrivacy Support

Privacy Policy Overview

The Rashtriya Grah Sabha (RGHS) Health Services is committed to protecting your privacy and ensuring the security of your personal health information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our healthcare services and digital platforms.

HIPAA Compliance

We are fully compliant with the Health Insurance Portability and Accountability Act (HIPAA) and all applicable healthcare privacy regulations in India. Your protected health information (PHI) is handled with the highest level of security and confidentiality.

Secure Storage

End-to-end encryption for all medical data

User Control

You control who accesses your health information

Limited Access

Only authorized healthcare providers can access your data

What Information We Collect

Personal Health Information (PHI)

  • Medical history, diagnoses, and treatment records
  • Laboratory results, imaging studies, and test reports
  • Prescription medications and treatment plans
  • Vital signs and health monitoring data
  • Insurance and billing information

Personal Identification Information

  • Name, date of birth, and contact information
  • Government-issued identification numbers (RGHS ID, Aadhaar)
  • Emergency contact information
  • Employment and demographic information

Technical Information

  • Device information and browser data
  • IP address and location information
  • Usage patterns and platform interactions
  • Login and authentication logs

How We Use Your Information

Healthcare Services

  • • Provide medical care and treatment
  • • Coordinate care with healthcare providers
  • • Maintain accurate medical records
  • • Schedule and manage appointments
  • • Send appointment reminders and health alerts

Billing & Insurance

  • • Process insurance claims and payments
  • • Verify coverage and benefits
  • • Send billing statements and notices
  • • Handle reimbursement requests
  • • Comply with insurance requirements

Legal & Compliance

  • • Comply with healthcare regulations
  • • Respond to legal requests and subpoenas
  • • Report public health information when required
  • • Conduct internal audits and quality assurance
  • • Maintain regulatory compliance

Service Improvement

  • • Improve healthcare services and outcomes
  • • Conduct quality improvement initiatives
  • • Analyze usage patterns and trends
  • • Develop new features and capabilities
  • • Enhance user experience and accessibility

When We Share Your Information

Important Note

We never sell your personal health information. We only share your information when necessary for your care, with your consent, or as required by law.

Healthcare Providers

We share your information with:

  • • Your primary care physician and specialists
  • • RGHS-empaneled hospitals and clinics
  • • Laboratory and diagnostic service providers
  • • Pharmacy and medication providers
  • • Emergency medical personnel when necessary

Government Agencies

Information may be shared with authorized agencies for:

  • • Public health reporting and disease surveillance
  • • Government healthcare programs and initiatives
  • • Legal proceedings and court orders
  • • National health database contributions (anonymized)
  • • Regulatory compliance and audits

Business Associates

We work with certified partners who help us provide services:

  • • Cloud storage and data processing providers
  • • Medical billing and claims processing companies
  • • IT support and cybersecurity services
  • • Quality assurance and audit firms
  • • All partners sign HIPAA-compliant agreements

Security Measures

Technical Safeguards

  • 256-bit AES encryption for data at rest
  • TLS 1.3 encryption for data in transit
  • Multi-factor authentication (MFA)
  • Regular security audits and penetration testing
  • Intrusion detection and prevention systems

Administrative Safeguards

  • Role-based access control systems
  • Regular employee privacy training
  • Comprehensive audit logs and monitoring
  • Incident response and breach protocols
  • Privacy officer oversight and governance

Data Breach Response

In the unlikely event of a data breach, we have comprehensive response procedures:

  • • Immediate containment and assessment
  • • Notification within 72 hours (if required)
  • • Affected individual notification
  • • Regulatory authority reporting
  • • Free identity monitoring services
  • • Enhanced security measures implementation

Your Privacy Rights

Access Your Information

You have the right to request and receive copies of your personal health information. Access is typically provided within 30 days of your request.

Correct Your Information

You can request corrections to your personal health information if you believe it is inaccurate or incomplete. We will review and respond to your request.

Restrict Use & Disclosure

You can request restrictions on how we use or disclose your health information, though we may not be able to agree to all requested restrictions.

Request Confidential Communications

You can request that we communicate with you about your health information in a specific way or location to maintain your privacy.

Accounting of Disclosures

You can request a list of disclosures we have made of your health information for purposes other than treatment, payment, or healthcare operations.

Data Portability & Deletion

You can request a copy of your data in a portable format or request deletion of certain information, subject to legal and medical record retention requirements.

How to Exercise Your Rights

Online Portal:

Access your patient portal to view and manage your health information 24/7.

Written Request:

Submit a written request to our Privacy Officer for formal privacy rights requests.

Phone Support:

Call our privacy hotline at 1800-RGHS-PRIVACY for assistance with your rights.

In-Person:

Visit any RGHS facility and speak with our patient services representative.

Cookies & Tracking Technologies

We use cookies and similar tracking technologies to enhance your experience on our platform, provide personalized services, and analyze usage patterns. Here's how we use these technologies:

Essential Cookies

These cookies are necessary for the website to function properly and cannot be disabled.

  • • User authentication and session management
  • • Security and fraud prevention
  • • Load balancing and performance optimization
  • • Remember your privacy preferences

Analytics Cookies

These cookies help us understand how visitors interact with our website.

  • • Page visit statistics and user behavior
  • • Feature usage and engagement metrics
  • • Error tracking and performance monitoring
  • • Service improvement insights (anonymized)

Functional Cookies

These cookies enable enhanced functionality and personalization.

  • • Language and regional preferences
  • • Dashboard layout customizations
  • • Accessibility settings and preferences
  • • Recently viewed items and searches

Third-Party Services

We may use third-party services that set their own cookies.

  • • Google Analytics for website analytics
  • • Content delivery networks (CDNs)
  • • Social media integration widgets
  • • Live chat and customer support tools

Managing Your Cookie Preferences

You can control cookie settings through your browser preferences or our cookie management tool:

Contact Our Privacy Team

If you have questions about this Privacy Policy, want to exercise your privacy rights, or need assistance with privacy-related concerns, please contact our dedicated Privacy Office.

Chief Privacy Officer

Dr. Priya Sharma, MD, CIPP/US

Privacy Hotline

1800-RGHS-PRIVACY (Free)

Available 24/7 for urgent privacy matters

Email Support

privacy@rghs.gov.in

Response within 48 hours

Mailing Address

RGHS Privacy Office
Block-A, 2nd Floor, AIIMS Campus
Ansari Nagar, New Delhi - 110029
India

Filing a Privacy Complaint

If you believe your privacy rights have been violated, you have the right to file a complaint with us or with the appropriate regulatory authorities.

Internal Complaint Process

  • • Submit complaint to Privacy Officer
  • • Investigation within 30 days
  • • Written response with resolution
  • • No retaliation for good faith complaints

External Regulators

  • • Ministry of Health & Family Welfare
  • • Personal Data Protection Authority
  • • State Medical Council
  • • Consumer Protection Authority
File Privacy Complaint

Policy Updates & Changes

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. We will notify you of material changes through your registered email address and by posting the updated policy on our website.

Email Notifications

Major changes sent directly to your email

30-Day Notice

Advance notice for significant policy changes

Version History

Previous versions available for reference

Current Version: 2.1 | Effective Date: January 1, 2024

Last Updated: January 12, 2024 | Next Review: July 2024