← Back to Home

Privacy Policy

How we collect, use, and protect your personal information

Last Updated: December 2024

At Iffa Health ("we," "our," or "us"), we are committed to protecting your privacy and ensuring the security of your personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our CareBridge platform and related services.

1. Information We Collect

1.1 Personal Information

We collect personal information that you provide directly to us, including:

  • Account Information: Name, email address, phone number, professional credentials
  • Healthcare Information: Patient data, medical records, treatment plans, visit reports
  • Profile Information: Specialization, experience, location, availability
  • Communication Data: Messages, reports, feedback, support requests

1.2 Technical Information

We automatically collect certain technical information, including:

  • Device Information: Device type, operating system, browser type
  • Usage Data: App interactions, feature usage, session duration
  • Location Data: GPS coordinates for visit verification (with consent)
  • Log Data: IP address, access times, error logs

2. How We Use Your Information

We use your information for the following purposes:

  • Service Delivery: Providing healthcare coordination services
  • Communication: Sending notifications, updates, and alerts
  • Quality Improvement: Analyzing usage patterns to enhance our services
  • Compliance: Meeting legal and regulatory requirements
  • Security: Protecting against fraud and unauthorized access

3. Information Sharing and Disclosure

3.1 Healthcare Coordination

We share information with authorized healthcare providers involved in patient care, including:

  • Assigned doctors and nurses
  • Patient guardians and family members
  • Healthcare administrators
  • Emergency responders (when necessary)

3.2 Service Providers

We may share information with trusted third-party service providers who assist us in:

  • Cloud hosting and data storage
  • Payment processing
  • Communication services
  • Analytics and monitoring

3.3 Legal Requirements

We may disclose information when required by law or to:

  • Comply with legal obligations
  • Respond to court orders or subpoenas
  • Protect our rights and property
  • Ensure user safety and security

4. Data Security

We implement comprehensive security measures to protect your information:

  • Encryption: End-to-end encryption for all data transmission
  • Access Controls: Role-based access with multi-factor authentication
  • Secure Storage: Encrypted databases with regular security audits
  • Network Security: Firewalls, intrusion detection, and monitoring
  • Staff Training: Regular security awareness training for all employees

5. HIPAA Compliance

As a healthcare platform, we are committed to HIPAA compliance:

  • Business Associate Agreements: With all healthcare partners
  • Administrative Safeguards: Policies, procedures, and training
  • Physical Safeguards: Secure facilities and equipment
  • Technical Safeguards: Access controls, audit logs, and encryption

6. Your Rights and Choices

You have the following rights regarding your personal information:

  • Access: Request copies of your personal information
  • Correction: Update or correct inaccurate information
  • Deletion: Request deletion of your personal information
  • Portability: Export your data in a machine-readable format
  • Opt-out: Unsubscribe from marketing communications

7. Data Retention

We retain your information for as long as necessary to:

  • Provide our services
  • Comply with legal obligations
  • Resolve disputes
  • Enforce our agreements

Healthcare records are retained according to applicable medical record retention laws.

8. International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence. We ensure appropriate safeguards are in place for international transfers, including:

  • Standard Contractual Clauses
  • Adequacy decisions
  • Certification schemes

9. Children's Privacy

Our services are not intended for children under 13. We do not knowingly collect personal information from children under 13. If we become aware that we have collected personal information from a child under 13, we will take steps to delete such information.

10. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by:

  • Posting the new Privacy Policy on our website
  • Sending you an email notification
  • Providing notice through our mobile application

Contact Us

If you have any questions about this Privacy Policy or our data practices, please contact us:

  • Email: privacy@iffahealth.com
  • Phone: +233 244 188 312
  • Address: Accra, Ghana

This Privacy Policy was last updated on December 2024