Legal & Policy Documents
Privacy Policy

At Dr. Agrawal's R.K. Hospital, Nagpur, we believe that every patient has a fundamental right to privacy. This Privacy Policy ("Policy") explains how we collect, use, store, protect, and share your personal and medical information when you visit our hospital, use our website, or avail any of our healthcare services.

This Policy applies to all patients, attendants, website visitors, and any individual whose information is processed by R.K. Hospital. By using our services or providing your information, you consent to the practices described in this Privacy Policy.

We are committed to complying with applicable Indian laws including the Information Technology Act, 2000, the IT (Amendment) Act, 2008, and the Digital Personal Data Protection Act, 2023 (DPDPA) to ensure the highest standard of data privacy.

We collect different types of information depending on the nature of your interaction with us. This includes:

A. Personal Identification Information

• Full name, date of birth, gender, and age.
• Contact details: mobile number, email address, and residential address.
• Government-issued ID (Aadhaar, PAN, or Passport) where required for billing and insurance purposes.
• Emergency contact information and next-of-kin details.

B. Medical & Health Information

• Medical history, past diagnoses, surgeries, and treatment records.
• Current medications, allergies, and pre-existing conditions.
• Lab reports, X-rays, MRI, USG scans, and other diagnostic data.
• Doctor consultation notes, prescription records, and discharge summaries.

C. Financial Information

• Payment details including billing records, invoices, and receipts.
• Health insurance policy number and TPA (Third Party Administrator) details.

D. Website & Digital Information

• IP address, browser type, device type, and operating system.
• Pages visited, time spent on website, and clickstream data.
• Information submitted via our contact form or appointment booking system.

Your information is used exclusively for legitimate healthcare and operational purposes:

• Patient Care & Treatment: To provide accurate diagnosis, treatment plans, surgical procedures, and follow-up care tailored to your specific medical needs.
• Appointment Management: To schedule, confirm, reschedule, and send reminders for your OPD or IPD appointments via SMS or WhatsApp.
• Billing & Insurance: To generate invoices, process insurance claims, verify coverage, and manage financial transactions related to your treatment.
• Legal & Regulatory Compliance: To maintain medical records as mandated under applicable Indian healthcare laws and government regulations.
• Safety & Security: To monitor hospital premises via CCTV for the safety of patients, staff, and visitors.
• Service Improvement: To analyze anonymized, aggregated data for enhancing our healthcare services, infrastructure, and patient experience.
• Communication: To send you important health updates, post-treatment care instructions, and information about our services. You may opt out of non-essential communications at any time.

R.K. Hospital does not sell, rent, or trade your personal information. We share data only in the following strictly controlled circumstances:

Medical records are among the most sensitive personal data we hold. Our policy for their management is as follows:

• All patient medical records — including OPD notes, IPD files, surgical records, and diagnostic reports — are maintained in strict confidentiality and accessible only to authorized medical personnel.
• Medical records are retained for a minimum period of 7 years from the date of last treatment as per Indian Medical Council guidelines. For minors, records are retained until 7 years after they attain the age of 18.
• You or your authorized legal guardian may request a copy of your medical records. Requests must be submitted in writing to the Medical Records Department with valid photo ID proof.
• A nominal administrative fee may be charged for providing printed copies of medical records, X-rays, or other imaging reports.
• In medico-legal cases, medical records may be disclosed to law enforcement agencies or courts upon receipt of a valid legal order.

Our website uses cookies and similar technologies to enhance your browsing experience. Here is how we use them:

• Essential Cookies: Required for the basic functioning of our website, such as maintaining your session when booking an appointment or filling contact forms.
• Analytics Cookies: We use tools like Google Analytics to understand how visitors interact with our website. All data collected is anonymized and aggregated.
• Performance Cookies: Help us identify slow-loading pages and improve website speed for a better user experience.
• We do not use cookies to track patients across third-party websites, build advertising profiles, or share data with marketing agencies.

We take the security of your data extremely seriously. The following safeguards are in place to protect your information:

• Physical Security: Patient files and medical records are stored in locked, access-controlled areas accessible only to authorized hospital staff.
• Digital Security: Electronic medical records are protected with password-controlled access, role-based permissions, and regular security audits.
• CCTV Surveillance: The hospital premises are monitored 24/7 by CCTV cameras for the safety of patients and staff. Footage is retained for 30 days and accessible only to authorized personnel.
• Staff Training: All hospital staff handling patient data receive regular training on data privacy, confidentiality, and information security protocols.
• Data Breach Protocol: In the event of any data breach that may affect your personal information, we will notify affected individuals and relevant authorities as required by applicable law.

Under applicable Indian privacy laws, you have the following rights with respect to your personal data held by R.K. Hospital:

• Right to Access: You may request a copy of the personal and medical information we hold about you. We will respond to such requests within 30 working days.
• Right to Correction: If any of your personal details are inaccurate or outdated, you may request us to correct or update them. Please bring valid supporting documents for verification.
• Right to Erasure: In certain circumstances (not applicable to mandatory medical record retention), you may request deletion of personal data not required for legal or medical purposes.
• Right to Withdraw Consent: You may withdraw consent for non-essential communications (such as promotional messages) at any time by contacting our reception or using the opt-out link in messages.
• Right to Complain: If you feel your data privacy rights have been violated, you may file a complaint with the Data Protection Board of India or approach the appropriate consumer forum.

R.K. Hospital provides medical services to patients of all age groups, including children. Special protections apply to the data of minors:

• All medical information, consent forms, and data-related decisions for patients under 18 years of age must be handled by a parent or legal guardian.
• We do not knowingly collect personal data directly from children without verifiable parental or guardian consent.
• Medical records for minor patients are retained until 7 years after the patient attains the age of 18, as per MCI guidelines.
• If a parent or guardian believes that personal information of a minor has been collected without proper consent, they should contact us immediately so we can take corrective action.

• R.K. Hospital reserves the right to update or revise this Privacy Policy at any time to reflect changes in law, regulation, or our internal data practices. All updates will be published on this page with a revised "Last Updated" date.
• For significant changes, we will notify registered patients via SMS or email where contact information is available.
• Continued use of our services after any updates to this policy constitutes your acceptance of the revised Privacy Policy.
• This Privacy Policy is governed by the laws of the State of Maharashtra, India. Any disputes shall be subject to the jurisdiction of courts in Nagpur.