Privacy Policy

Last Updated: January 25, 2026

1. Introduction

Welcome to eDhanvantari, a comprehensive Electronic Health Record (EHR) system designed, conceptualized, owned, and managed by Kovid BioAnalytics Pvt. Ltd. We are committed to protecting your privacy and ensuring the security of your health information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our platform.

By using eDhanvantari, you agree to the collection and use of information in accordance with this policy. We comply with all applicable privacy laws and regulations, including the Health Insurance Portability and Accountability Act (HIPAA) and the Ayushman Bharat Digital Mission (ABDM) guidelines.

2. Information We Collect

We collect several types of information to provide and improve our services:

2.1 Patient Health Information

  • Medical records, diagnoses, treatment plans, and medical history
  • Prescription information and medication records
  • Laboratory test results and diagnostic reports
  • Appointment schedules and visit records
  • Billing and payment information
  • Insurance information

2.2 User Account Information

  • Name, email address, and contact information
  • Professional credentials and licenses
  • Role and access permissions
  • Account activity and usage logs

2.3 Technical Information

  • IP address and device information
  • Browser type and version
  • Operating system
  • Usage patterns and system logs
  • Cookies and similar tracking technologies

3. How We Use Information

We use the collected information for the following purposes:

  • To provide, maintain, and improve our EHR services
  • To process and manage patient records and appointments
  • To facilitate communication between healthcare providers and patients
  • To ensure compliance with healthcare regulations
  • To prevent fraud and ensure security
  • To send important notifications and updates
  • To analyze usage patterns and improve user experience
  • To comply with legal obligations

4. HIPAA Compliance

eDhanvantari is fully compliant with the Health Insurance Portability and Accountability Act (HIPAA). We implement comprehensive administrative, physical, and technical safeguards to protect Protected Health Information (PHI):

  • Administrative Safeguards: Security management processes, workforce training, and access controls
  • Physical Safeguards: Facility access controls, workstation security, and device controls
  • Technical Safeguards: Access control, audit controls, integrity controls, and transmission security
  • Business Associate Agreements: All third-party service providers sign BAAs to ensure HIPAA compliance
  • Breach Notification: We have procedures in place to detect and report any security breaches as required by HIPAA

We maintain detailed audit logs of all access to PHI and conduct regular security assessments to ensure ongoing compliance.

5. ABDM Compliance

eDhanvantari complies with the Ayushman Bharat Digital Mission (ABDM) guidelines and standards. We support:

  • Integration with ABDM Health ID (Ayushman Bharat Health Account)
  • Interoperability with other ABDM-compliant systems
  • Standardized data formats and protocols as specified by ABDM
  • Secure exchange of health information through ABDM networks
  • Compliance with data privacy and security standards mandated by ABDM

We are committed to supporting India's digital health ecosystem and ensuring seamless integration with national health infrastructure.

6. Data Security

We employ industry-leading security measures to protect your information:

  • Encryption: All data is encrypted in transit (TLS/SSL) and at rest (AES-256)
  • Access Controls: Role-based access controls ensure only authorized personnel can access information
  • Authentication: Multi-factor authentication and strong password requirements
  • Regular Backups: Automated daily backups with secure off-site storage
  • Security Monitoring: 24/7 monitoring and intrusion detection systems
  • Regular Audits: Internal and external security audits and assessments
  • Employee Training: Regular security awareness training for all staff

7. Data Sharing and Disclosure

We do not sell your health information. We may share information only in the following circumstances:

  • With Your Consent: When you explicitly authorize the sharing of information
  • For Treatment: With other healthcare providers involved in your care
  • For Payment: With insurance companies and billing entities
  • For Healthcare Operations: For quality improvement and administrative purposes
  • As Required by Law: When required by court orders, subpoenas, or legal processes
  • For Public Health: As required for public health reporting and disease surveillance
  • With Business Associates: With third-party service providers who have signed BAAs

8. Patient Rights

You have the following rights regarding your health information:

  • Right to Access: Request copies of your health records
  • Right to Amend: Request corrections to inaccurate information
  • Right to Restrict: Request restrictions on how we use or disclose your information
  • Right to Confidential Communications: Request alternative methods of communication
  • Right to Accounting: Request an accounting of disclosures
  • Right to Complain: File a complaint if you believe your privacy rights have been violated
  • Right to Withdraw Consent: Withdraw consent for certain uses of your information

To exercise these rights, please contact us using the information provided in the Contact Information section below.

9. Data Retention

We retain your health information in accordance with applicable laws and regulations. Generally:

  • Patient health records are retained as required by healthcare regulations (typically 7-10 years)
  • Account information is retained while your account is active and for a reasonable period thereafter
  • We may retain certain information longer if required by law or for legitimate business purposes
  • Upon account termination, we securely delete or anonymize information in accordance with our retention policies

10. Cookies and Tracking Technologies

We use cookies and similar tracking technologies to enhance your experience on our platform:

  • Essential Cookies: Required for the platform to function properly
  • Analytics Cookies: Help us understand how users interact with our platform
  • Security Cookies: Help us maintain security and prevent fraud

You can control cookies through your browser settings, though disabling certain cookies may affect platform functionality.

11. Changes to Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. We will:

  • Notify you of significant changes via email or platform notifications
  • Update the "Last Updated" date at the top of this policy
  • Post the updated policy on our website

Your continued use of eDhanvantari after changes become effective constitutes acceptance of the updated policy.

12. Contact Information

If you have questions, concerns, or requests regarding this Privacy Policy or your health information, please contact us:

Kovid BioAnalytics Pvt. Ltd.

Email: info@edhanvantari.com

Privacy Officer: privacy@edhanvantari.com

For privacy-related concerns or to exercise your rights, please contact our Privacy Officer at the email address above.

← Back to Home