Privacy Policy

This Privacy Policy explains how MEDplat, a comprehensive primary healthcare digital solution, collects, uses, stores, processes, and protects personal data. MEDplat is designed for government health programs, NGOs, and development partners to strengthen service delivery across RMNCH, NCDs, nutrition, immunization, disease surveillance, and related health verticals.

1. Purpose

MEDplat collects consent-based personal and health-related information to:

  • Support population-based enumeration and household-level health profiling.
  • Enable clinical and public health service delivery.
  • Facilitate follow-up, screening, referrals, and case management.
  • Improve program monitoring, health analytics, and decision-making.
  • Strengthen health system performance and coverage of essential services.
2. Types of Data Collected
  1. Personal Information:
    Name, age, gender
    Address, village/ward, household details
    Phone number
    Unique local identifiers
    Geo-coordinates (lat/long) captured during visits
  2. Health Information
    Maternal and child health records
    Immunization history and schedules
    Nutrition and growth monitoring data
    NCD screening and follow-up data
    Diagnostic observations and clinical notes
    Referral and service utilization history
  3. Device and Usage Data
    Offline/online usage logs
    Time required to complete forms (for monitoring and optimization)

    MEDplat does **not** collect biometrics unless explicitly enabled for authentication under government-approved workflows.
3. Legal Basis for Data Processing

Data is collected and processed based on:

  • Authorization from national/state health departments or implementing agencies.
  • Public interest in the area of public health, including monitoring, prevention, and treatment.
  • Programmatic requirements under government health initiatives.

Where applicable, data processing is carried out in accordance with Article 6(1)(e) and Article 9(2)(i) of the EU GDPR (public interest in public health), the Digital Personal Data Protection Act, 2023 (India), and applicable national data protection laws in African jurisdictions. Processing is limited strictly to authorized public health purposes.

Any use of Aadhaar, where applicable such as in India, shall be strictly in compliance with the Aadhaar Act, applicable regulations, and judicial directions, and shall not be mandatory for access to health services unless expressly required by law and appropriately notified by the appropriate implementing agencies.

4. Data Storage and Security
  1. Storage
    Data is stored in secure, encrypted databases hosted on government-approved or donor-approved servers.
    Offline data resides in an encrypted local database on the user’s device and syncs when connectivity is available.
  2. Security Controls
    MEDplat applies industry-standard security measures, including:
    • AES-256 encryption at rest
    • TLS 1.2+ encryption in transit
    • Role-based access control (RBAC)
    • Automatic logout and session timeouts
    • Audit logs for accountability and traceability
5. Data Access and Use
  1. Access by Roles CHWs:
    Access only to data for households they serve. Facility Staff: Access to patient-level service delivery data of their facility only. Supervisors and Program Managers: Access to aggregated dashboards and reports. Government Authorities: Access per approved program requirements.
  2. Prohibited Uses:
    No sale or commercial use of data.
    No sharing with unauthorized third parties.
    No use for profiling unrelated to health service delivery.
6. Data Sharing

Data is shared only after consent with:

  • Authorized government health departments.
  • Program monitoring teams.
  • Integrated systems (e.g., DHIS2, HMIS portals) as per approved APIs.

All data sharing is governed by government directives and data sharing agreements.

7. Data Retention

Data is retained for the duration defined by the government or implementing agency. Typically:

  • Individual records are retained until a beneficiary exits the program or as per the national data retention policy.
  • Audit logs and usage records are retained for monitoring and compliance.

Data deletion requests are handled by authorized program administrators only.

8. Data Principal / Data Subject Rights

Subject to applicable national laws and public health exemptions, individuals whose data is processed through MEDplat have the right to:

  • Access their personal data
  • Correct inaccurate or incomplete data
  • Request erasure or anonymization where legally permissible
  • Restrict or object to certain processing activities
  • Withdraw consent where consent is the legal basis
  • Data portability where technically feasible
  • Nominate another person to exercise rights (India DPDP)
  • Lodge a grievance with the designated Grievance / Data Protection Officer

These rights shall be exercised through the implementing government authority, which acts as the Data Controller.

Cross-border transfer of personal or health data, if any, shall occur only with explicit approval of the implementing government authority and in accordance with applicable data protection laws. Such transfers shall be governed by legally recognized safeguards including government-to-government agreements, standard contractual clauses, or approved adequacy mechanisms.

9. Consent

Where applicable, frontline workers are required to follow all consent and notice protocols as per local laws including the Digital Personal Data Protection Act, 2023 (India), GDPR (EU), and applicable African data protection laws:

  • Inform individuals or caregivers about the purpose of data collection.
  • Seek consent for recording health information.
  • Provide information on the data principals right to forget

All Consent procedures follow national guidelines.

Implementing agencies are responsible for registration with the relevant national Data Protection Authority where required by law (including but not limited to Zambia, Kenya, Nigeria, South Africa, and Uganda).

10. Data Breach Protocol

In case of a suspected or confirmed data breach:

  1. Immediate containment measures are triggered.
  2. Incident is reported to the program authority.
  3. A detailed investigation is conducted.
  4. Corrective actions are implemented.
  5. Affected parties are notified as required by policy.
11. Interoperability and Standards

MEDplat supports:

  • HL7 FHIR-based data exchange
  • Integrations with national health registries and HMIS systems
  • Standard coding terminologies where applicable

No identifiable data is shared without authorization.

12. Third-Party Integrations

Any integration with external systems (e.g., national portals, payment systems, etc) occurs only:

  • After government approval
  • Under signed data sharing agreements
  • Using secure APIs
13. Changes to the Privacy Policy

This Privacy Policy may be updated periodically. Significant changes will be communicated to implementing partners and health departments.

14. Contact Information

For questions, concerns, or data-related requests, please contact the designated program authority or the MEDplat implementation team.

For government implementations, the respective state/national health authority is the primary data controller.A designated Data Protection Officer / Grievance Officer shall be appointed by the implementing authority as required under applicable law. Complaints may also be escalated to the relevant national Data Protection Authority.

MEDplat is a Digital Public Good (DPG) and adheres to principles of privacy, transparency, and responsible data use.




Do No Harm Policy

The MEDplat Do No Harm Policy outlines the principles, safeguards, and operational measures designed to ensure that the platform enhances healthcare delivery without causing intentional or unintentional harm to individuals, communities, health workers, or health systems. As a Digital Public Good (DPG), MEDplat is committed to upholding ethical, inclusive, and safe digital health practices across all implementations.

1. Guiding Principles

The Do No Harm Policy is grounded in the following principles:

  1. Safety
    MEDplat must enhance—not compromise—patient safety, data security, and quality of care.
  2. Equity and Inclusion
    The platform ensures fair and equal access to health services regardless of gender, caste, socioeconomic status, ethnicity, geography, or disability.
  3. Respect for Rights and Dignity
    Individuals’ privacy, autonomy, and dignity must be protected in all interactions, data collection processes, and digital workflows.
  4. Transparency and Accountability
    Data collection, processing, and usage are transparent, with clear responsibilities for all stakeholders.
  5. Non-Maleficence
    MEDplat must not introduce risks, biases, or unintended consequences that harm beneficiaries, health workers, or communities.
2. Risk Prevention Measures
  1. Data Protection and Confidentiality
    Strong encryption (AES-256 at rest; TLS 1.2+ in transit)
    Role-based access control to limit exposure of sensitive information
    No unauthorized sharing, sale, or transfer of personal data
  2. Avoiding Misuse of Health Data
    MEDplat prevents:
    • Discriminatory use of health information
    • Surveillance, profiling, or targeting of individuals outside approved health purposes
    • Data manipulation or tampering through strong audit trails
  3. Ethical Use of Digital Tools
    No automated decision-making without human oversight
    Decision support tools assist—but do not replace—clinical judgment
    Clinical alerts are informational and not prescriptive
  4. Protection of Vulnerable Groups
    Special safeguards are applied for:
    • Pregnant women
    • Newborns and children
    • Persons with disabilities
    • Individuals with chronic diseases
    • Marginalized populations
  5. Algorithmic Accountability and Bias Prevention
    Any predictive, risk stratification, or decision-support features within MEDplat shall be periodically reviewed for bias, accuracy, and unintended harm. Automated outputs shall always remain subject to human review and shall not be used as the sole basis for clinical or programmatic decisions.
3. Preventing Harm to Health Workers

MEDplat is designed to reduce burden—not create it.

  1. Reducing Workload
    Zero double data entry by integrating multiple verticals
    Offline-first functionality to avoid stress in low-connectivity areas
    Intuitive, localized interfaces for ease of use
  2. Training and Capacity Building
    Comprehensive onboarding and refresher training for CHWs, ANMs, nurses, and supervisors
    Helpdesk and user support systems are available during deployment and post-rollout
  3. Psychological Safety
    No punitive analytics at the individual worker level
    Data is used for supportive supervision—not punishment or coercion
4. Preventing Harm to Health Systems
  1. Strengthening—not Fragmenting—Systems
    Avoids creation of parallel systems by integrating with government HMIS/DHIS2
    Follows national digital health architecture and standards (FHIR, NDHM)
  2. Responsible Rollouts
    Phased deployment with structured UAT and field pilots
    Continuous monitoring to prevent disruptions in service delivery
  3. Long-Term Sustainability
    Open-source Digital Public Good (DPG)
    Easily maintainable and customizable
    No vendor lock-in
5. Principle of Informed Use
  1. Community Awareness
    Frontline workers must inform beneficiaries about:
    • Why data is being collected
    • How it will be used to support their health
    • Their right to correct information and request updates
  2. Voluntary Participation
    Where applicable, consent is verbal and recorded following national guidelines.
6. Monitoring, Evaluation, and Continuous Improvement
  1. Regular Assessments
    • District/state reviews to ensure system integrity
    • Feedback loops from CHWs, ANMs, facility staff, and program managers
    • Continuous UI/UX improvements to prevent misuse or data entry errors
  2. Incident Reporting Mechanism
    Any harmful event—data breach, system error, or misuse—must be:
    1. Immediately reported to authorities
    2. Investigated thoroughly
    3. Rectified with corrective action
    4. Documented for learning
  3. Community Grievance Mechanism:
    Beneficiaries and community members may report digital harm, data misuse, or service delivery risks through government-designated grievance channels. All such grievances shall be investigated with documented corrective action.
7. Prohibited Practices

MEDplat strictly prohibits:

  • Use of personal data for political, discriminatory, or commercial purposes
  • Stigmatization of high-risk individuals or families
  • Manipulation of data for program performance metrics
  • Any form of coercion or punitive use against health workers
8. Roles and Responsibilities
  1. Government / Implementing Agency
    • Data controller and primary custodian of all collected information
    • Oversight for ethical and responsible system usage
  2. MEDplat Implementation Team (Argusoft and Partners)
    • Ensures ethical system design and secure infrastructure
    • Provides training, support, and incident resolution
  3. Health Workers and Supervisors
    • Ensure ethical use of the platform
    • Follow guidelines for data privacy, consent, and respectful care
9. Policy Updates

This policy may be updated to reflect emerging risks, new regulations, and improved best practices. Implementing partners will be notified of any major changes.

MEDplat is committed to ensuring that all digital interventions uphold safety, dignity, equity, privacy, and ethical standards—protecting both beneficiaries and health workers at every step.