Data Privacy Policy

At Karetrip.com, we are committed to protecting the privacy and confidentiality of our patients' personal information. This Data Privacy Policy outlines how we collect, use, and protect patient data. By using our services, patients agree to the terms and conditions outlined in this policy.

  1. Collection and Use of Patient Data
    2.

    We collect and process patient data solely for the purpose of facilitating medical tourism services and providing personalised care. Patient data may include personal details, medical records, contact information, and any other relevant information necessary for treatment and travel arrangements. We obtain patient consent before collecting or sharing any sensitive personal information.

  2. Data Security
    3.

    We implement appropriate technical and organisational measures to protect patient data from unauthorised access, disclosure, alteration, or destruction. We restrict access to patient data to authorised personnel who have a legitimate need to access it. We regularly review and update our security measures to ensure ongoing data protection.

    2.1 Non-Disclosure Agreement

    1. Karetrip.com (“Company”) agrees to hold all Confidential Information received from the Patient in strict confidence and shall not disclose, distribute, or use it for any purpose other than as necessary to provide the medical tourism services.
    2. The Company shall take all necessary measures to protect the confidentiality of the Confidential Information and prevent unauthorised access, use, or disclosure.
    3. The Company shall only disclose the Confidential Information to its employees or agents who have a legitimate need to know and are bound by obligations of confidentiality no less restrictive than those contained in this Agreement.

    "Confidential Information" shall include any patient data, including but not limited to personal details, medical records, treatment history, financial information, contact information, and any other information disclosed by the patient to the Company, whether in writing, orally, or in any other form, that is identified as confidential or should reasonably be understood to be confidential.

    The obligations of this Agreement shall not apply to any information that:

    1. Was rightfully in the Company's possession prior to its disclosure by the Patient;
    2. Is or becomes publicly available through no fault of the Company;
    3. Is rightfully obtained by the Company from a third party without restriction; or
    4. Is independently developed by the Company without reference to the Confidential Information.

  3. Data Sharing
    4.

    Patient data may be shared with our affiliated medical providers, travel agents, and other necessary parties involved in providing the requested services.We will only share patient data on a need-to-know basis and in compliance with applicable laws and regulations.

    Patient data will not be sold, rented, or disclosed to any third parties without explicit consent, except as required by law.

    3.1 Staff Responsibilities

    All staff members are responsible for maintaining the confidentiality of patient data and are required to adhere to this policy. Staff members shall only access patient data on a need-to-know basis and for legitimate business purposes.

    3.2 Training and Awareness

    We provide regular training and awareness programs to our staff members to ensure they understand their responsibilities and obligations regarding patient data confidentiality. Staff members are required to sign confidentiality agreements and adhere to our Code of Conduct, which includes guidelines for data protection.

    3.3 Access Controls

    Access to patient data is limited to authorised staff members who require it for their job functions. User access rights are regularly reviewed and updated to ensure appropriateness and compliance with data privacy requirements.

    3.4 Confidentiality Measures

    Staff members shall not disclose patient data to any unauthorised individuals or third parties unless required by law. Patient data should not be discussed in public areas or shared through insecure channels (e.g. unencrypted email or instant messaging). Any unauthorised access, use, or disclosure of patient data by staff members will be subject to disciplinary action, up to and including termination of employment.

  4. Retention and Destruction

    5. Patient data will be retained for a period of three (3) years from the date of the last interaction with Karetrip.com, unless otherwise required by law or justified business purposes. The retention period allows us to fulfill the purposes outlined in this policy, including addressing any follow-up inquiries, ensuring continuity of care, and complying with legal and regulatory obligations. After the retention period has expired, patient data will be securely destroyed or de-identified to prevent unauthorised access or use.

  5. Patient Complaint Policy
    6.

    We value patient satisfaction and are committed to addressing any complaints or grievances in a prompt and fair manner. This policy outlines the procedure for submitting and resolving patient complaints:

    5.1 Submission of Complaints

    Patients may submit complaints or grievances verbally or in writing to the Karetrip.com customer support team. Complaints should include sufficient details to allow for proper investigation and resolution.

    5.2 Acknowledgment and Investigation

    We will acknowledge receipt of a complaint within [insert timeframe] and provide a reference number for future communication. An investigation will be conducted by designated personnel to gather all relevant information and assess the complaint.

    5.3 Resolution and Communication

    At Karetrip.com, we strive to address and resolve patient complaints or grievances promptly. Our general turnaround time for complaints is 24 to 48 hours. However, depending on the complexity and nature of the complaint, it may require additional time for a thorough investigation and resolution.

    We will acknowledge receipt of the complaint within 24 hours and provide regular updates to the patient throughout the process. If the resolution extends beyond the initial time frame, we will communicate the reasons for the delay and provide an estimated timeline for completion. Please note that urgent or critical complaints will be given priority and addressed as quickly as possible.

    Upon completion of the investigation, we will communicate the resolution to the patient and, if applicable, any corrective actions taken. All complaints and related information will be treated confidentially and shared only with individuals involved in the complaint resolution process.

    5.4 Quality Indicators

    In addition to timely resolution, we strive to ensure quality outcomes and take appropriate corrective actions, if necessary. Our quality indicators include addressing the root cause of the complaint, implementing improvements to prevent similar issues in the future, and providing appropriate compensation or remedies, as applicable.

    Please note that these quality indicators serve as a guideline for our complaint resolution process and may vary depending on the circumstances. We continuously monitor our performance and strive for continuous improvement.

  6. Contact Information

    7. For any questions or concerns regarding this Data Privacy Policy, or to exercise your rights related to your personal data, please contact our team at enquiry@karetrip.com

    By using our services, patients acknowledge that they have read and understood this Data Privacy Policy and consent to the collection, use, and sharing of their data as described herein.