1. Introduction
Arovia Healthcare Solutions ("we," "us," or "our") is committed to protecting the privacy and security of the medical data processed through our Hospital Management Systems. This policy outlines how we handle data for our clients (Healthcare Providers).
2. Data Collection & Processing
We process data solely as a Service Provider. Our software collects:
- Patient Records: Demographics, clinical history, and prescriptions.
- Administrative Data: Billing information, insurance details, and staff records.
- System Logs: For security auditing and performance monitoring.
3. Data Security
We implement industry-standard technical and organizational measures, including:
- End-to-end encryption for data in transit and at rest.
- Role-Based Access Control (RBAC) to restrict data visibility.
- Regular security audits and immutable clinical logs.
4. Data Ownership
The Healthcare Provider (our client) remains the sole owner of all patient data. Arovia does not sell, share, or monetize any clinical or personal data stored within our systems.
5. Compliance
Our systems are designed to support Healthcare Providers in their compliance with local and international healthcare regulations (e.g., NABH standards, HIPAA principles, and GDPR where applicable).
6. Contact Us
For privacy-related enquiries, please contact our Data Protection Officer at privacy@aroviahms.com.