HIPAA Compliance

Effective Date: 18 March 2026 · Last Updated: 18 March 2026

Doclinks (“Company”, “we”, “our”, “us”) operates a digital healthcare networking, branding, and communication platform for doctors, hospitals, clinics, laboratories, and healthcare professionals.

This Privacy Policy explains how we collect, use, disclose, process, and safeguard personal data and health-related information in compliance with applicable Indian laws and aligned international standards, including principles of the Health Insurance Portability and Accountability Act (HIPAA), where applicable.

By accessing or using Doclinks, you agree to the terms of this Privacy Policy.

1. Scope

This Privacy Policy applies to:

  • Website visitors
  • Registered healthcare professionals
  • Hospitals, clinics, and labs
  • Patients interacting through the platform
  • Business partners and vendors

2. Information We Collect

2.1 Personal Information

We may collect:

  • Full name
  • Phone number
  • Email address
  • Professional credentials
  • Organization details
  • Address and location data

2.2 Health-Related Information

Where applicable, we may process:

  • Medical records
  • Prescriptions
  • Lab reports
  • Diagnostic results
  • Appointment details
  • Treatment history

2.3 Technical Information

  • IP address
  • Browser type
  • Device identifiers
  • Log data
  • Cookies and analytics data

3. Legal Basis for Processing

We process personal data based on:

  • User consent
  • Contractual necessity
  • Legal obligations
  • Legitimate business interests
  • Healthcare service facilitation

4. Purpose of Data Processing

We use collected data for:

  • Facilitating doctor-patient connections
  • Enabling healthcare branding and communication
  • Appointment coordination
  • Platform improvement and analytics
  • Customer support
  • Legal and regulatory compliance
  • Fraud prevention and security monitoring

We do not sell personal or health data to third parties.

5. Compliance with Indian Laws

Doclinks complies with:

  • The Information Technology Act, 2000
  • SPDI Rules (Sensitive Personal Data or Information Rules)
  • The Digital Personal Data Protection Act, 2023

We implement reasonable security practices and procedures as mandated under Indian law.

6. HIPAA Alignment (Where Applicable)

Although Doclinks operates in India, our security framework aligns with key safeguards established under the Health Insurance Portability and Accountability Act.

Where required through contractual arrangements, we may execute Business Associate Agreements (BAA) with relevant entities.

Doclinks does not automatically qualify as a U.S. Covered Entity unless explicitly agreed under contract.

7. Data Security Measures

We implement administrative, technical, and physical safeguards including:

Administrative

  • Confidentiality agreements
  • Access control policies
  • Internal data protection training

Technical

  • End-to-end encryption
  • Encrypted storage
  • Multi-factor authentication
  • Secure APIs
  • Firewall and intrusion detection systems

Physical

  • Secure hosting infrastructure
  • Restricted system access

8. Data Sharing & Disclosure

We may share data with:

  • Authorized healthcare professionals
  • Hospitals and clinics linked to the patient
  • Cloud infrastructure providers
  • Legal or regulatory authorities (where required)

All third-party vendors are required to maintain reasonable security standards.

We do not disclose data for marketing without consent.

9. Data Retention

We retain data:

  • For the duration of the service relationship
  • As required by law
  • For dispute resolution
  • For regulatory compliance

Data is securely deleted or anonymized when no longer required.

10. User Rights

Subject to applicable law, users may:

  • Access their personal data
  • Request correction of inaccurate data
  • Withdraw consent (where applicable)
  • Request deletion (subject to legal limitations)
  • Request data portability (where feasible)

Requests may be sent to the contact details below.

11. Cookies & Tracking Technologies

Doclinks uses cookies and similar technologies to:

  • Enhance user experience
  • Analyze traffic patterns
  • Improve functionality

Users may control cookie settings through their browser.

12. Cross-Border Data Transfers

If data is transferred outside India, we ensure reasonable safeguards consistent with applicable laws and industry standards.

13. Children’s Privacy

Doclinks does not knowingly collect personal data from minors without lawful guardian consent.

14. Data Breach Notification

In the event of a data breach, Doclinks will:

  • Investigate promptly
  • Mitigate impact
  • Notify affected users and authorities where legally required

15. Changes to this Policy

We reserve the right to modify this Privacy Policy at any time. Updates will be posted on this page with the revised effective date.

16. Contact Information

For privacy-related concerns, data requests, or compliance matters:

Doclinks

Support@doclinks.in

Commitment to Privacy

Doclinks is committed to building a secure, compliant, and trustworthy healthcare ecosystem for doctors, hospitals, clinics, laboratories, and patients across India and beyond.