1. Introduction
ICH Apps Foundation Registered Non-Profit ("we", "us", "our") is committed to protecting the private health information (PHI) of patients, clinical staff, and portal users. This policy outlines how we capture, utilize, store, and shield diagnostic records, doctor consultation summaries, telemedicine logs, and browser cookies. All operations comply with the Indian Information Technology Act (2000), NABH guidelines, and JCI data safety standards.
2. Clinical Data Collected
To manage your health portal profile and diagnostic scheduling, we collect:
- Personal Identifiers: Name, age, gender, date of birth, government IDs for inpatient registers.
- Protected Health Information (PHI): Diagnostic symptoms (entered in our AI widget or forms), phlebotomy blood panel reports, past medical history, and e-prescription logs.
- Telemedicine Data: Encryption tokens for WebRTC live video consultations (we do NOT record consult sessions without prior explicit consent).
4. Utilization & Disclosures
Collected data is used solely to:
- Generate e-prescriptions and Pathology Laboratory Information Management System (LIMS) reports.
- Train the non-clinical routing layer of our AI Assistant (individual health records are fully anonymized).
- Settle tax-exempt accounts under Corporate Social Responsibility (CSR) surgical sponsorships.
5. Compliance & Audits
As a registered Non-Profit non-profit operating JCI & NABH compliant portals, we enforce:
- TLS 1.3 encryption across all communication pathways, lab report downloads, and appointment books.
- Anonymized database hashing to verify that third parties cannot access specific symptom diaries or patient logs.
6. Patient Rights
You retain absolute authority over your medical dashboard files. You may request record rectifications, pull back cookie consensus, or request clinical account purging by drafting a letter to our nodal safety desk at privacy@ichappsfoundation.com.