User Privacy Policy

(A) User RegistrationAccount Registration for the user. When you register for an Account, we may ask for your contact information, including items such as name, company name, address, email address, and telephone number. After Login open dashboard, from there you can View / Update Profiles , Medical information , Get Appointment , Change Password & Advance Setting .

(B) Payment InformationWhen you add your financial account information to your Account, that information is directed to our third-party payment processor. We do not store your financial account information on our systems; however, we have access to, and may retain, subscriber information through our third-party payment processor.

(C) User ContentYour all Data/ Medical Information will be secure in Our Server. Your medical information will be strictly confidential without patient consent; it will not be shared with nobody.

Patient Data Protection

Authentication Mechanisms:RIMS IND uses strong authentication methods, such as username and password, to verify the identity of patients accessing their medical data online. This helps ensure that only authorized individuals can access sensitive information within the system.

Verifying email addresses during user and patient registration adds an extra layer of security by confirming the identity of the individual registering for the service.

Authorization Controls: When you add your financial account information to your Account, that information is directed to our third-party payment processor. We do not store your financial account information on our systems; however, we have access to, and may retain, subscriber information through our third-party payment processor.

By implementing authorization controls, RIMS IND minimizes the risk of unauthorized access to patient data and maintains data confidentiality and integrity.

e RIMS IND will Implement MFA to add an additional layer of security beyond username and password authentication. This requires users to verify their identity using multiple factors, such as a one-time code sent to their mobile device.

Encryption during Transmission (HTTPS/TLS): RIMS IND uses secure protocols such as HTTPS (Hypertext Transfer Protocol Secure) and TLS (Transport Layer Security) to encrypt data transmitted between patient devices and the servers. This encryption ensures that data exchanged over the network is protected from interception by unauthorized parties.

Encryption at Rest (Database and Storage Devices):Patient data stored in databases or on storage devices is encrypted using strong encryption algorithms. This means that the data is transformed into a format that is unreadable without the appropriate decryption keys.

Strong encryption algorithms provide an additional layer of security, ensuring that even if physical or digital storage media is compromised (e.g., due to theft or unauthorized access), the encrypted data remains protected and inaccessible to unauthorized individuals.

Your all Data/ Medical Information will be secure in Our Server. Your medical information will be strictly confidential without patient consent; it will not be shared with nobody.

Implementing encryption both during transmission and at rest is a critical security measure that helps safeguard patient information against various security threats, including data breaches and unauthorized access.

Data Lifecycle Management: RIMS IND Implement secure data lifecycle management practices, including secure data disposal and retention policies. Properly managing data throughout its lifecycle minimizes security risks and ensures compliance with data protection regulations.

Role-Based Access Controls (RBAC):RIMS IND implements role-based access controls (RBAC) to restrict access to patient data based on job roles.

RIMS IND utilizes RBAC to enforce granular access control policies within the software system. This means that access permissions are granted based on predefined roles (e.g., doctor, nurse, administrator) assigned to individuals within the organization.

RBAC allows administrators to define which roles have access to specific types of patient data (e.g., medical history, general information, test details) and restricts access to unauthorized users.

Doctor's Access to Patient Data:Patient data, including medical history, general information, and previous medical test details, is accessible only to the assigned doctor when a patient schedules an appointment with that specific doctor.

This access control policy ensures that patient data remains confidential and is only accessible to healthcare providers directly involved in the patient's care.

Access Restrictions Outside Appointments:Patient data is not accessible to individuals who do not have a legitimate need to access it. This restriction prevents unauthorized personnel from viewing or modifying patient information, enhancing data privacy and security.

Secure Servers and Databases:RIMS IND utilizes secure servers and databases equipped with built-in security features. This includes implementing access controls, encryption, and audit logging to protect patient data stored within the system.

Secure servers and databases are designed to withstand cyber threats and unauthorized access attempts, providing a fortified environment for storing sensitive information.

Regular Software Updates and Patch Management:RIMS IND adheres to a proactive approach to security by regularly updating software and applying security patches. This practice helps mitigate vulnerabilities and address known security weaknesses within the system.

By staying up-to-date with software updates and security patches, RIMS IND reduces the risk of exploitation by malicious actors seeking to compromise the integrity of patient data.

Patient Education and Awareness:RIMS IND educates patients about how their medical information will be shared and used within the RIMS IND platform. RIMS IND Empower patients to make informed decisions about their data-sharing preferences and provide them with options to manage consent settings.

Obtaining Explicit Patient Consent:RIMS IND ensures that explicit consent is obtained from patients before collecting or using their data for any purpose. This practice aligns with data protection regulations and demonstrates a commitment to respecting patient autonomy and privacy.

Transparent Communication:RIMS IND's customer executives play a crucial role in ensuring transparent communication with patients regarding how their data will be used, stored, and shared. Clear and concise explanations help patients make informed decisions about their data and understand their rights.

Respecting Patient Preferences:RIMS IND respects patient preferences regarding data sharing and privacy. This may include allowing patients to specify their preferences for data access, sharing with third parties, and opting out of certain uses of their data.