Privacy Policy
Introduction
mobiOs Private Limited provide clinical record management services under the brand MEDICA (“MEDICA”) values your
privacy. In this Privacy Policy (“Policy”), we describe how we collect, use, and disclose information that we
obtain about visitors to our website (the “Site”), users of the MEDICA mobile applications (the “Applications”)
and the services available through our Site (collectively, the “Services”), and how we use and disclose that
information.
The MEDICA Services have been developed for hospitals, general practitioners, dispensaries
and
medical groups (“Providers”) and for patients who have subscribed to the Services (“Patients”) to: (1) facilitate
and coordinate patient medical care and the administration of medical services by Providers and personnel who are
authorized to access and use the Services, including, without limitation, administrators, physicians, nurses, and
other caregivers (“Authorized Personnel”). (2) allow Providers to communicate with patients and/or their
authorized family members and third party caregivers “(“Authorized Caregiver”) about Patient care and
post-treatment progress; and (3) provide Patients and Authorized Caregivers with information about their medical
condition and related Provider services.
MEDICA understands the importance of a Patient's relationship
with
his or her health care providers and the importance of keeping your Personal Information private. Personal
information identifies you as an individual, such as your name, national identity card, address, email address,
date of birth, and mobile number (“Personal Information”).
Health Information is a part of the Personal
Information that we collect from Patients. Health Information is generally described as information that we
collect, receive or create about a Patient and their healthcare.
This Privacy Policy describes our
practices
in connection with information that we collect through your use of the Services and through the Site or
Applications which may may collect information about your visit or access automatically as described below
“Information We Collect Automatically.” By using the Services and/or the Site, you agree to the terms and
conditions of this Privacy Policy.
Personal Information collected from Providers
If you are an Authorized Personnel user, we collect Personal Information about you when the Provider subscribes to the Services as well as when you register to use the Services. The Personal Information about Providers and Authorized Personnel that we collect includes, without limitation, the Provider's and Authorized Personnel's name, position, specialty, email address, phone number, and business postal address. We do not collect Health Information about Providers or their Authorized Personnel.
Personal Information collect from Patients and Authorized Caregivers
If you are a Patient, we collect Personal Information about you when you register to use the Services and through your or your Authorized Caregiver's use of the Services, including when you, your Authorized Caregiver and your Provider communicate with each other. If you are an Authorized Caregiver, we collect Personal Information about you, including, without limitation, your name, email address, phone number and your relationship to the Patient. When communicating with the Provider in using the Services, the Patient, Authorized Caregivers, Provider and its Authorized Personnel may disclose Personal Information about the Patient, which may include Health Information. We do not collect Health Information about Authorized Caregivers. To register to use the Services as a Patient, you must provide your name, primary address, email address and date of birth. If a Patient or Authorized Caregiver uses the “Link Online Accounts” feature of the Services, we will ask you to provide the user names and passwords for those online accounts that the Patient has authorized MEDICA to access in order to collect other Personal Information regarding the Patient and Patient's medical history that is maintained by third parties Patient has identified in Patient's Account as “Authorized Third Parties.” The Personal Information the Patient may permit us to obtain from these Authorized Third Parties may include, without limitation, demographic information, financial information, medical claims history, and other Health Information. We also may collect additional optional information from you, including, for example, Social Security number, employment history, health care insurance information, and demographic data, however, you are not required to provide us with this information to use the Services.
How We Use Your Personal Information
We may use your Personal Information, as follows:
- To provide our Services to you, to communicate with you about your use of our Services, to respond to your inquiries, and for other customer service purposes
- To tailor the educational and other content and information that we may send you, to offer personalized help and instructions, and to otherwise personalize your experiences while using the Site, Applications, or our Services.
- To better understand how users access and use our Site, Applications, and Services, both on an aggregated and individualized basis, in order to improve our Site, Applications, and Services and respond to user desires and preferences, and for other research and analytical purposes.
- To send you important information regarding the Services, changes to our terms, conditions, and policies and/or other administrative information.
- For our business purposes, such as data collection and analysis, audits, developing new products, and enhancing and improving our Site, Applications, and the Services.
- As we believe to be necessary or appropriate: (a) under applicable law, including laws outside your state or country of residence; (b) to comply with legal process; (c) to respond to requests from public and government authorities including public and government authorities outside your state or country of residence; (d) to enforce our terms and conditions; (e) to protect our operations or those of any of our affiliates; (f) to protect our rights, privacy, safety or property, and/or that of our affiliates, you or others; and (g) to allow us to pursue available remedies or limit the damages that we may sustain.
How We Share Your Personal Information
We may disclose your Personal Information, including Health Information (defined below) as follows:
- If you are a Patient, to your Provider, its Authorized Personnel and your Authorized Caregivers, without further authorization for purposes of treatment, payment or operations; for other uses or disclosures permitted by law; or for purposes related to such uses or disclosures.
- If you are an Authorized Caregiver, to the Patient and his/her Provider and that Provider's Authorized Personnel.
- To our third party service providers who provide services such as website hosting, data gathering, data analysis, payment processing, infrastructure provision, IT services, customer service, email delivery services, credit card processing, backup, auditing services and other similar services.
- To a third party in the event of any reorganization, merger, sale, joint venture, assignment, transfer or other disposition of all or any portion of our business, assets or stock (including in connection with any bankruptcy or similar proceedings).
- As we believe to be necessary or appropriate: (a) under applicable law, including laws outside your state or country of residence; (b) to comply with legal process; (c) to respond to requests from public and government authorities including public and government authorities outside your state or country of residence; (d) to enforce our terms and conditions; (e) to protect our operations or those of any of our affiliates; (f) to protect our rights, privacy, safety or property, and/or that of our affiliates, you or others; and (g) to allow us to pursue available remedies or limit the damages that we may sustain.
- To third parties for research or similar purposes, but only if such Personal Information has been de-identified.
Security of Personal Information
We use reasonable administrative, technical, and physical measures to protect Personal Information under our control, and Protected Health Information is specifically per the rules of Sri Lanka. Unfortunately, no data transmission over the Internet or data storage system can be guaranteed to be 100% secure. If you have reason to believe that your interaction with us is no longer secure (for example, if you feel that the security of any account you might have with us has been compromised), please immediately notify us of the problem by contacting us at legal@medica.lk. You should take steps to protect against unauthorized access to your password, phone, and computer by, among other things, signing off after using a shared computer, choosing a robust password that nobody else knows or can easily guess, and keeping your log-in and password private. We are not responsible for any lost, stolen, or compromised passwords or for any activity on your account via unauthorized password activity.
Access to My Personal Information
You may modify Personal Information that you have submitted by logging into your account and updating your profile
information. Please note that copies of information that you have updated, modified or deleted may remain viewable
in cached and archived pages of the Site or Application for a period of time.
You may also contact us
directly if you would like to review, correct, update, delete or otherwise limit our use of your Personal
Information that has been previously provided to us by sending us an email at legal@medica.lk. In your request,
please make clear what information you would like to have changed, whether you would like to have your Personal
Information deleted from our database or otherwise let us know what limitations you would like to put on our use
of your Personal Information. We will try to comply with your request as soon as reasonably practicable. Please
note that in order to comply with certain requests to limit use of your Personal Information we may need to
terminate your account with us and your ability to access and use the Services, and you agree that we will not be
liable to you for such termination. Although we will use reasonable efforts to do so, you understand that it may
not be technologically possible to remove from our systems every record of your Personal Information. The need to
back up our systems to protect information from inadvertent loss means a copy of your Personal Information may
exist in a non-erasable form that will be difficult or impossible for us to locate or remove.
We will
retain
your Personal Information for the period necessary to fulfill the purposes outlined in this Privacy Policy unless
a longer retention period is required or allowed by law.
What Choices Do I Have Regarding Use of My Personal Information?
We may send periodic promotional or informational emails to you, provided that such messages are not based on Protected Health Information. You may opt-out of such communications by following the opt-out instructions contained in the e-mail. Please note that it may take up to 10 business days for us to process opt-out requests. If you opt-out of receiving emails about recommendations or other information we think may interest you, we may still send you e-mails about your account or any Services you have requested or received from us.
Children Under 18
The Services are permitted for use by individuals under the age of eighteen (18) registered under a parent or guardian as a child or dependent with consent.
Changes to this Policy
This Policy is current as of the Effective Date set forth above. We may change this Policy from time to time, so please be sure to check back periodically. We will post any changes to this Policy on our Site, at www.medica.lk/privacy-policy. If we make any changes to this Policy that materially affect our practices with regard to the Personal Information we have previously collected from you, we will endeavor to provide you with notice in advance of such change by highlighting the change on our Site, or otherwise notify you at the email address provided by you at the time you registered for the Services, whichever occurs earlier. Any change to this Privacy Policy will be effective for all information that we maintain, even information in existence before the change. Your use of the Site following these changes means that you accept the revised Privacy Policy.
Contacting MEDICA
If you have questions about the privacy aspects of our Services or would like to make a complaint about our compliance with this Privacy Policy, you may contact us at legal@medica.lk or at our mailing address: MEDICA, No. 12 Ridgeway Place, Colombo 4.