Privacy Policy | WellDatum HIMS

"At WellDatum HIMS, we are committed to protecting the privacy and security of Patient Health Information (PHI) and Personal Data. This Privacy Policy outlines how we collect, process, and protect data in compliance with the Digital Personal Data Protection Act (DPDPA) 2023."

1. Data Sovereignty

All data processed by WellDatum HIMS is stored exclusively within sovereign Indian territory. We utilize secure data centers with local data residency to ensure that sensitive health information never leaves the country, complying with DPDPA 2023.

2. Patient Health Information (PHI)

We process information necessary for clinical operations including history, vitals, diagnostic reports, and imaging. This data is used solely for delivery of patient care and clinical decision support.

3. ABDM Compliance

Data is processed in alignment with Ayushman Bharat Digital Mission (ABDM) guidelines. This includes facilitating Health Information Provider (HIP) and Health Information User (HIU) frameworks via secure FHIR APIs.

4. Data Retention

Clinical records are retained as mandated by the National Medical Commission (NMC). Once the statutory period expires, data is either anonymized for research or securely purged.

5. Security Architecture

Our strategy includes AES-256 encryption at rest, TLS 1.3 in transit, and immutable audit trails tracking every data access event to prevent unauthorized leaks.

6. Data Principal Rights

Under the DPDPA, patients have the right to request access to their records, correct inaccuracies, and manage their consent through the hospital's grievance officer.

If you have any questions regarding this Privacy Policy, please contact our data grievance officer at info@pairbytes.com.