Privacy Policy

Privacy Policy

Privacy Policy

Arthomed Clinic - Dr. Raghu Nagaraj

Website:

Website:

Website:

Effective Date:

Effective Date:

Effective Date:

June 27, 2025

Last Updated:

Last Updated:

Last Updated:

June 27, 2025

Introduction

Introduction

Introduction

At Arthomed Clinic, we are committed to protecting your privacy and safeguarding your personal and health information. This Privacy Policy explains how we collect, use, disclose, and protect your information when you visit our website, use our services, or interact with our clinic. We operate in accordance with global privacy standards, including the General Data Protection Regulation (GDPR), California Consumer Privacy Act (CCPA), India's Digital Personal Data Protection Act 2023, and healthcare-specific regulations.

At Arthomed Clinic, we are committed to protecting your privacy and safeguarding your personal and health information. This Privacy Policy explains how we collect, use, disclose, and protect your information when you visit our website, use our services, or interact with our clinic. We operate in accordance with global privacy standards, including the General Data Protection Regulation (GDPR), California Consumer Privacy Act (CCPA), India's Digital Personal Data Protection Act 2023, and healthcare-specific regulations.

At Arthomed Clinic, we are committed to protecting your privacy and safeguarding your personal and health information. This Privacy Policy explains how we collect, use, disclose, and protect your information when you visit our website, use our services, or interact with our clinic. We operate in accordance with global privacy standards, including the General Data Protection Regulation (GDPR), California Consumer Privacy Act (CCPA), India's Digital Personal Data Protection Act 2023, and healthcare-specific regulations.

By accessing our website or using our services, you acknowledge that you have read, understood, and agree to the terms of this Privacy Policy

By accessing our website or using our services, you acknowledge that you have read, understood, and agree to the terms of this Privacy Policy

By accessing our website or using our services, you acknowledge that you have read, understood, and agree to the terms of this Privacy Policy

Data Controller Information

Data Controller Information

Data Controller Information

Arthomed Clinic

Arthomed Clinic

Arthomed Clinic

Dr. Raghu Nagaraj - Arthroscopy & Robotic Joint Replacement Specialist

Address: No 54, 2nd Floor, ESI Hospital, Link Rd 4, Next to Nalli Silks Corporate Office, Near Indiranagar, Appareddipalya, Indiranagar, Bengaluru, Karnataka 560038, India

Email: [contact@arthomed.in]

Phone: [Clinic Phone Number]

Website: https://arthomed.in/

Types of Information We Collect

Types of Information We Collect

Types of Information We Collect

Personal Information

Contact Details :

Contact Details :

Contact Details :

Name, email address, phone number, postal address

Demographics :

Demographics :

Demographics :

Date of birth, age, gender

Identity Information :

Identity Information :

Identity Information :

Government-issued ID numbers (when required for insurance or legal purposes)

Contact Details :

Contact Details :

Contact Details :

Name, email address, phone number, postal address

Health Information (Protected Health Information - PHI)

Medical History :

Medical History :

Medical History :

Previous injuries, surgeries, treatments, allergies

Current Health Status :

Current Health Status :

Current Health Status :

Symptoms, pain levels, mobility assessments

Treatment Records

Treatment Records

Treatment Records

Surgical procedures, rehabilitation progress, medication history

Insurance Information :

Insurance Information :

Insurance Information :

Health insurance details, policy numbers, coverage information

Financial Information

Payment Data:

Payment Data:

Payment Data:

Credit card information, billing addresses, payment history

Insurance Claims:

Insurance Claims:

Insurance Claims:

Processing information for cashless treatments

How We Collect Information

How We Collect Information

How We Collect Information

Direct Collection

In-Person Consultations:

During medical appointments and examinations

Website Forms:

Contact forms, appointment booking, patient registration

Phone Communications:

Appointment scheduling, follow-up calls

Email Communications:

Medical inquiries, treatment updates

Paper Forms:

Patient intake forms, consent documents

Automatic Collection

Website Analytics:

Through cookies and similar technologies

Diagnostic Equipment:

Medical imaging and testing devices

Security Systems:

CCTV recordings in clinic premises (where legally permitted)

Third-Party Sources

Insurance Providers:

For cashless treatment processing

Referring Physicians:

Medical records and referral information

Laboratory Services:

Test results and diagnostic reports

Legal Basis for Processing

Legal Basis for Processing

Legal Basis for Processing

We process your personal and health information based on the following legal grounds:

Consent

Explicit Consent:

For marketing communications, research participation

Implied Consent:

For standard medical care and website usage

Legitimate Interests

Medical Treatment:

Providing orthopedic care and surgical services

Appointment Management:

Scheduling and confirming medical appointments

Insurance Processing:

Facilitating cashless treatments

Quality Improvement:

Enhancing our medical services

Legal Obligations

Regulatory Compliance:

Meeting healthcare licensing requirements

Insurance Requirements:

Fulfilling policy claim obligations

Court Orders:

: Responding to legal proceedings when required

Vital Interests

Emergency Care:

Providing urgent medical treatment

Public Health:

Reporting communicable diseases when required

How We Use Your Information

How We Use Your Information

How We Use Your Information

Primary Medical Purposes

Diagnosis and Treatment:

Evaluating orthopedic conditions and providing appropriate care

Surgical Planning:

Preparing for arthroscopic and joint replacement procedures

Follow-up Care:

Post-operative monitoring and rehabilitation support

Medication Management:

Prescribing and monitoring therapeutic treatments

Administrative Purposes

Appointment Scheduling:

Managing consultation and surgery schedules

Insurance Processing:

Facilitating cashless treatments and claim submissions

Billing and Payment:

Processing financial transactions

Quality Assurance:

Maintaining high standards of medical care

Communication

Treatment Updates:

: Informing about test results and treatment plans

Appointment Reminders:

SMS, email, or phone call notifications

Health Education:

Sharing relevant orthopedic health information

Emergency Contact:

Reaching you in urgent medical situations

Legal and Safety

Regulatory Compliance:

Meeting healthcare authority requirements

Safety Monitoring:

Identifying potential medical complications

Legal Proceedings:

Responding to court orders or legal investigations

Information Sharing and Disclosure

Information Sharing and Disclosure

Information Sharing and Disclosure

Healthcare Team

Medical Staff :

Doctors, nurses, physiotherapists involved in your care

Specialists:

Referrals to other medical professionals when necessary

Laboratory Services:

Sharing information for diagnostic testing

Business Associates

Insurance Companies:

For cashless treatment processing

Billing Services:

For payment processing and financial management

IT Service Providers:

For secure data storage and website maintenance

Cleaning and Maintenance:

Limited access for facility management

Legal Requirements

Government Authorities:

When required by law or regulation

Court Orders:

In response to valid legal proceedings

Public Health:

Reporting communicable diseases when mandated

Legal and Safety

Regulatory Compliance:

Meeting healthcare authority requirements

Safety Monitoring:

Identifying potential medical complications

Legal Proceedings:

Responding to court orders or legal investigations

Emergency Situations

Family Members:

In medical emergencies with your consent

Emergency Services:

When immediate medical intervention is required

Research and Analytics

De-identified Data:

For medical research and quality improvement (with consent)

Anonymized Statistics:

For healthcare planning and public health research

International Data Transfers

In some cases, we may transfer your data outside India for the following purposes:

Cloud Storage:

Using international cloud service providers with adequate security measures

Medical Equipment:

Diagnostic equipment that may store data on international servers

We ensure all international transfers comply with applicable data protection laws and include appropriate safeguards such as:

Adequacy Decisions:

Transferring to countries with adequate data protection

Standard Contractual Clauses:

Using approved data transfer agreements

Binding Corporate Rules:

When dealing with multinational healthcare organizations

Data Security Measures

Data Security Measures

Data Security Measures

Physical Security

Secure Premises:

Locked filing cabinets for paper records

Access Controls:

Restricted access to medical record areas

CCTV Monitoring:

Security cameras in common areas (where legally permitted)

Technical Security

Encryption:

SSL/TLS encryption for website data transmission

Secure Servers:

Protected data storage with regular security updates

Access Controls:

Role-based access to patient information

Regular Backups:

Secure backup procedures for data recovery

Administrative Security

Staff Training:

Regular privacy and security training for all personnel

Confidentiality Agreements:

All staff sign comprehensive confidentiality agreements

Audit Trails:

Monitoring access to patient information

Incident Response:

Procedures for handling potential security breaches

Network Security

Firewalls:

Advanced network protection systems

Antivirus Software:

Regular malware protection updates

Secure Wi-Fi:

Protected wireless networks in clinic premises

Data Retention

Data Retention

Data Retention

Medical Records

Active Patients:

Throughout the duration of the treatment relationship

Inactive Patients:

10 years from last treatment (or as required by Indian medical regulations)

Pediatric Records:

Until patient reaches age of majority plus 10 years

Financial Records

Billing Information:

7 years for tax and audit purposes

Insurance Claims:

As required by insurance provider agreements

Website Data

Analytics Data:

2 years for website improvement purposes

Communication Records:

3 years for quality assurance

Marketing Data

Consent-based Communications:

Until consent is withdrawn

Newsletter Subscriptions:

Until unsubscribed

We will securely dispose of all personal and health information when the retention period expires, unless required to retain it longer by law.

Your Privacy Rights

Your Privacy Rights

Your Privacy Rights

Access Rights

Right to Access:

Request copies of your personal and health information

Right to Portability:

Receive your data in a structured, commonly used format

Right to Information:

Understand how your data is being processed

Control Rights

Right to Rectification:

Correct inaccurate or incomplete information

Right to Erasure:

Request deletion of your personal data (subject to legal requirements)

Right to Restrict Processing:

Limit how we use your information

Right to Object:

Object to certain types of data processing

Communication Rights

Right to Withdraw Consent:

Withdraw permission for data processing at any time

Right to Opt-out:

Unsubscribe from marketing communications

Right to Data Portability:

Transfer your data to another healthcare provider

Legal Rights

Right to Complain:

File complaints with data protection authorities

Right to Judicial Remedy:

Seek legal remedies for privacy violations

Exercising Your Rights

Email:

[privacy@arthomed.in]

Phone:

[Clinic Phone Number]

Mail:

Privacy Officer, Arthomed Clinic, [Complete Address]

We will respond to your request within:

30 days

for most requests

60 days

for complex requests (with notification of extension)

Immediately

for urgent medical situations

Cookies and Website Technologies

Cookies and Website Technologies

Cookies and Website Technologies

Types of Cookies We Use

Essential Cookies

Session Management:

Maintaining your login status

Security:

Protecting against unauthorized access

Load Balancing:

Ensuring website performance

Functionality Cookies

Language Preferences:

Language Preferences: Remembering your preferred language

Accessibility Settings:

Maintaining accessibility preferences

Form Data:

Temporarily storing appointment booking information

Analytics Cookies

Website Usage:

Understanding how visitors use our website

Performance Monitoring:

Identifying technical issues

Content Optimization:

Improving website content and structure

Marketing Cookies (with consent)

Advertising:

Showing relevant healthcare information

Social Media:

Sharing buttons for social platforms

Retargeting:

Displaying relevant content to previous visitors

Managing Cookies

You can control cookies through your browser settings:

Google Analytics:

For website traffic analysis

Social Media Platforms:

For sharing healthcare information

Payment Processors:

For secure online transactions

Children's Privacy

Children's Privacy

Children's Privacy

Our services are primarily designed for adult patients. However, we may treat pediatric patients for orthopedic conditions.

Parental Consent

Under 18:

We require parental or guardian consent for data processing

Medical Emergencies:

We may process data without consent in urgent situations

Educational Materials:

Age-appropriate health information with parental consent

Special Protections

Limited Data Collection:

We collect only necessary information for pediatric patients

Enhanced Security:

Additional safeguards for children's health information

Parent Access:

Parents can access and control their child's information

Third-Party Services

Third-Party Services

Third-Party Services

Payment Processors

We use secure payment processors for financial transactions:

PCI DSS Compliance:

All payment processors meet industry security standards

Encryption:

Credit card information is encrypted during transmission

Limited Storage:

We do not store complete credit card numbers

Insurance Partners

We work with various insurance companies for cashless treatments:

Data Sharing Agreements:

Formal contracts governing information sharing

Limited Purpose:

Information shared only for claim processing

Patient Consent:

Prior authorization for insurance-related data sharing

Medical Equipment Vendors

Some diagnostic equipment may involve data sharing:

Cloud Storage:

Secure storage of medical images

Remote Analysis:

Specialist consultations through telemedicine

Data Security:

Vendor compliance with healthcare data protection standards

Data Breach Notification

Data Breach Notification

Data Breach Notification

Detection and Response

Monitoring Systems:

Continuous monitoring for potential security incidents

Incident Response Team:

Trained personnel to handle security breaches

Investigation Procedures:

Thorough assessment of any potential breaches

Notification Timeline

Internal Reporting:

Immediate notification to clinic management

Regulatory Authorities:

Within 72 hours of breach discovery

Affected Patients:

Without undue delay, typically within 7 days

Public Disclosure:

If required by law and if breach affects large numbers

Breach Information

We will provide affected individuals with:

Nature of the Breach:

What information was involved

Potential Consequences:

Possible impacts on patient privacy

Remedial Actions:

Steps taken to address the breach

Protective Measures:

Recommendations for affected individuals

Marketing Communications

Marketing Communications

Marketing Communications

Types of Communications

Appointment Reminders:

Essential treatment-related communications

Health Education:

Orthopedic health tips and information

Service Updates:

New treatment options and clinic services

Promotional Offers:

Special pricing for health services (with consent)

Consent Management

Opt-in:

Explicit consent required for marketing communications

Opt-out:

Easy unsubscribe options in all marketing messages

Preference Center:

Ability to choose specific types of communications

Consent Records:

Documentation of all marketing consent

Communication Channels

Email:

Healthcare newsletters and appointment reminders

SMS:

Appointment confirmations and urgent notifications

Phone:

Follow-up calls and treatment updates

Postal Mail:

Written communications when preferred

Cross-Border Healthcare

Cross-Border Healthcare

Cross-Border Healthcare

International Patients

We welcome patients from other countries and provide:

Privacy Protection:

Same privacy standards regardless of patient nationality

Language Support:

Translated privacy notices when possible

Cultural Sensitivity:

Respectful handling of cultural privacy preferences

Medical Tourism

For international patients seeking orthopedic treatment:

Coordination Services:

Assistance with travel and accommodation

Medical Records:

Secure transfer of health information

Follow-up Care:

Coordination with home country healthcare providers

Research and Clinical Trials

Research and Clinical Trials

Research and Clinical Trials

Participation Opportunities

We may invite patients to participate in:

Clinical Research:

Studies on orthopedic treatment effectiveness

Quality Improvement:

Projects to enhance patient care

Medical Education:

Anonymous case studies for training purposes

Research Consent

For international patients seeking orthopedic treatment:

Separate Consent:

Distinct consent process for research participation

Voluntary Participation:

No impact on treatment quality for non-participants

Data De-identification:

Removal of identifying information when possible

Withdrawal Rights:

Ability to withdraw from research at any time

Telemedicine and Digital Health

Telemedicine and Digital Health

Telemedicine and Digital Health

Virtual Consultations

We may offer telemedicine services including:

Video Consultations:

Secure video calls for follow-up appointments

Digital Imaging:

Secure transmission of X-rays and scans

Remote Monitoring:

Digital tracking of recovery progress

Technology Safeguards

Encrypted Platforms:

Secure telemedicine software

Access Controls:

Password-protected virtual consultations

Recording Policies:

Clear policies on session recording

Technical Support:

Assistance with digital health tools

Updates to This Privacy Policy

Updates to This Privacy Policy

Updates to This Privacy Policy

Notification of Changes

Material Changes:

Email notification to registered patients

Minor Updates:

Website notification and updated effective date

Legal Requirements:

Immediate updates for regulatory compliance

Review Process

Annual Review:

Regular assessment of privacy practices

Regulatory Updates:

Monitoring changes in privacy laws

Technology Changes:

Updates based on new technologies

Patient Feedback:

Incorporation of patient privacy concerns

Version Control

Effective Dates:

Clear dating of all policy versions

Archive Access:

Previous versions available upon request

Change Documentation:

Record of all significant modifications

Contact Information

Contact Information

Contact Information

Privacy Officer

Name:

[Privacy Officer Name]

Title:

Privacy Officer, Arthomed Clinic

Phone:

[Direct Phone Number]

Address:

[Complete Clinic Address]

General Inquiries

Clinic Reception:

[Main Phone Number]

General Email:
Office Hours:

Monday-Sunday, 9:00 AM - 8:00 PM

Complaints and Concerns

If you have concerns about our privacy practices, you may contact:

Internal Complaints:

Privacy Officer (contact details above)

Clinic Director: Dr. Raghu Nagaraj

External Authorities:

India: Data Protection Board of India

EU Residents: Local Data Protection Authority

California Residents: California Privacy Protection Agency

Emergency Contact

For urgent privacy concerns related to active medical treatment:

Emergency Privacy Line:
Available:

24/7 for urgent privacy matters

Acknowledgment

By using our website or services, you acknowledge that you have read and understood this Privacy Policy and agree to the collection, use, and disclosure of your information as described herein.

In 2017, Dr. Raghu Nagaraj founded Arthomed clinic with a vision to provide top quality Orthopaedic care with latest technology at affordable cost and supreme care.

We’re Available

Check out Arthomed's Office hours to plan your visit.

Monday

09.00am - 8.00pm

Tuesday

09.00am - 8.00pm

Wednesday

09.00am - 8.00pm

Thursday

09.00am - 8.00pm

Friday

09.00am - 8.00pm

Sunday

09.00am - 8.00pm

© 2025, Arthomed Clinic. All Rights Reserved.

In 2017, Dr. Raghu Nagaraj founded Arthomed clinic with a vision to provide top quality Orthopaedic care with latest technology at affordable cost and supreme care.

We’re Available

Check out Arthomed's Office hours to plan your visit.

Monday

09.00am - 8.00pm

Tuesday

09.00am - 8.00pm

Wednesday

09.00am - 8.00pm

Thursday

09.00am - 8.00pm

Friday

09.00am - 8.00pm

Sunday

09.00am - 8.00pm

© 2025, Arthomed Clinic. All Rights Reserved.

In 2017, Dr. Raghu Nagaraj founded Arthomed clinic with a vision to provide top quality Orthopaedic care with latest technology at affordable cost and supreme care.

We’re Available

Check out Arthomed's Office hours to plan your visit.

Monday

09.00am - 8.00pm

Tuesday

09.00am - 8.00pm

Wednesday

09.00am - 8.00pm

Thursday

09.00am - 8.00pm

Friday

09.00am - 8.00pm

Sunday

09.00am - 8.00pm

© 2025, Arthomed Clinic. All Rights Reserved.