Privacy Policy

RITU IVF is a specialized ferNlity and gynaecology center founded and operated under the leadership of Dr. Ritu Agarwal, a renowned IVF specialist with over 13+ years of experience. We offer IVF, IUI, ICSI, donor programs, and advanced reproducNve treatments, serving paNents across India and abroad. In delivering these services, we collect and process sensiNve personal and medical informaNon which we are commiUed to protecNng.

The purpose of this Privacy Policy is to ensure that RITU IVF Fer.lity & Gynaecology Centre (hereinaWer referred to as the “Clinic” or “We” or “Us”) maintains transparency and accountability in the manner in which it collects, processes, stores, uses, discloses, and protects the personal, medical, and financial informaNon of individuals who seek or avail medical treatment or any other ancillary services at our facility (hereinaWer referred to as “PaNent” or “You”).

This Policy is designed to:

a. Comply with Legal Obligations

• Section 43A of the Information Technology Act, 2000;
• The Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011 (“SPDI Rules”);
• The Assisted Reproductive Technology (Regulation) Act, 2021 and related rules;
• The Pre-Conception and Pre-Natal Diagnostic Techniques (Prohibition of Sex Selection) Act, 1994 (“PCPNDT Act”);
• Clinical Establishments (Registration and Regulation) Act, 2010;
• Any rules or guidelines prescribed by the National Medical Commission (NMC);
• Any applicable obligations under the Consumer Protection Act, 2019 and Indian Contract Act, 1872, relating to valid informed consent.

b. Inform and Empower the Patient

• Made aware of the categories and nature of personal or sensitive information collected;
• Informed of the lawful purpose for which such information is being collected and processed;
• Made aware of the manner in which such information will be handled, stored, and safeguarded;
• Empowered to exercise their legal rights, including the right to access, correct, restrict, or withdraw consent with respect to their information, subject to legal limitations.

c. Establish Accountability and Governance

• Uphold patient confidentiality and medical ethics;
• Prevent unauthorized access, loss, or misuse of personal data;
• Maintain clear accountability through designated roles such as the Grievance Officer, responsible for addressing complaints and requests related to personal information.

d. Facilitate Lawful Data Processing for Medical Services

• Provide high-quality reproductive and gynecological healthcare services including diagnostics, procedures, surgeries, counselling, follow-ups, and administrative support;
• Fulfil insurance and billing obligations;
• Comply with medical audit, regulatory inspection, and record-keeping requirements;
• Respond to legal claims, court orders, government requests, or investigations by competent authorities.

e. Provide Clarity on Data Sharing and Disclosure

• Situations under which the Clinic may disclose personal or medical information to third parties (such as partner labs, external consultants, regulatory agencies, legal authorities, insurance providers, or medical auditors), with or without prior consent, depending on applicable legal mandates;
• Safeguards in place when data is shared with such entities.

f. Maintain Trust and Ethical Standards

• Protecting the privacy, dignity, and autonomy of each patient;
• Upholding internationally recognized standards of data ethics, such as confidentiality, informed consent, proportionality, and non-discrimination;
• Building long-term patient trust by providing clarity, security, and responsiveness in data handling.

We are committed to maintaining the highest standards of legal and ethical compliance in all aspects of our operations, particularly with respect to the collection, storage, use, and disclosure of personal and sensitive personal data or information. This Privacy Policy is formulated and enforced in accordance with the applicable laws of India, including but not limited to the following statutory provisions, rules, and regulations:

3.1. Information Technology Act, 2000 and Allied Rules

• Section 43A of the Information Technology Act, 2000;
• SPDI Rules, 2011 (lawful collection, processing, and transfer of sensitive personal information);
• Information Technology (Intermediary Guidelines and Digital Media Ethics Code) Rules, 2021 (where applicable).

3.2. Assisted Reproductive Technology (Regulation) Act, 2021 and Rules, 2022

• Collection, maintenance, and secure storage of medical and consent records for a minimum of ten years;
• Explicit, informed, and voluntary consent for each ART procedure;
• Maintenance of a Central Database subject to inspection and audit.

3.3. PCPNDT Act, 1994

• Prohibition of sex selection and disclosure of fetal sex; record-keeping obligations for ultrasound and diagnostic procedures;
• Registration/renewal with Appropriate Authority; maintenance of Form F and mandatory signage.

3.4. Clinical Establishments (Registration and Regulation) Act, 2010 (where applicable)

• Standard treatment protocols, record-keeping, display of rates;
• Audit/inspection readiness; maintenance of digital/physical records.

3.5. Biomedical Waste Management Rules, 2016

• Safe handling/storage/disposal of biomedical waste; authorized collection and segregation;
• Regular documentation and reporting per local PCB guidelines.

3.6. National Medical Commission (NMC) Ethics and Professional Conduct Regulations

• Compliance with Code of Ethics Regulations, 2023 (confidentiality, disclosure, advertising, patient data);
• Doctor–patient confidentiality and lawful disclosure.

3.7. Other Applicable Statutes and Policies

• Indian Contract Act, 1872; Indian Penal Code, 1860; Consumer Protection Act, 2019;
• Right to Information Act, 2005; Epidemic Diseases Act, 1897 (as applicable).

A. Personal Identification Details

• Full Name, Age, Gender, Marital Status
• Address, Phone Number, Email
• Aadhaar Card/PAN/Voter ID (for identity verification)

B. Medical & Health Information

• Medical, reproductive, and family history
• Diagnostic test results, reports, scans, ultrasound images
• History of pregnancy, miscarriage, treatment cycles
• IVF/IUI/ICSI procedural data
• Semen, oocyte, embryo-related information (including donor data)
• HIV, Hepatitis, and STI screening reports

C. Financial Information

• Payment records, invoices, billing history
• Insurance details or third-party payer details
• Bank or UPI information (if applicable)

D. Consent Documentation

• Signed consent forms for procedures, treatment, counselling, donation, freezing, etc.
• Video consents and biometric records (where applicable)

We collect, process, and retain your personal, medical, and financial information to enable the provision of safe, effective, and legally compliant medical care in accordance with Indian law. The legal bases include performance of contract, legal compliance, medical necessity, and, where applicable, explicit informed consent.

A. Medical Diagnosis and Treatment

• Assessment of health, reproductive status, and eligibility for ART/gynecological interventions;
• Design/execution of personalized treatment protocols (ovulation stimulation, IVF, ICSI, IUI, cryopreservation, embryo transfer);
• Donor selection/matching (if applicable);
• Fitness for anaesthesia/surgery and pre-operative risks;
• Accurate clinical records per statutory guidelines.

B. Compliance with Statutory and Regulatory Obligations

• ART Act 2021 requirements (registration, reporting, patient/donor records);
• PCPNDT Act compliance (ultrasounds and embryo-related disclosures);
• Biomedical Waste Rules and Clinical Establishments Act obligations;
• Audit/inspection and record production for authorities/courts.

C. Administrative and Operational Efficiency

• Patient intake, counselling, scheduling, follow-ups;
• Documentation (consents, histories, OT forms, discharge summaries, billing);
• Inter-department coordination (reception, lab, OT, pharmacy);
• Quality control, audits, and risk mitigation (ART/NABH guidelines).

D. Financial Transactions and Insurance Processing

• Treatment estimates, invoices, payment records;
• Reimbursement/claims via schemes, insurers, or TPAs;
• Compliance with Income Tax Act, 1961 and GST Act, 2017.

E. Informed Consent and Legal Documentation

• Valid, informed, specific consents (Indian Contract Act, IPC Sections 87–89, ART Rules 2022);
• Recording of consent changes/withdrawals affecting protocol.

F. Emergency Communication and Legal Protection

• Contact in case of complications/emergencies/updates;
• Records for defence in disputes/complaints/litigation/inquiries;
• Protection via documentation of decisions, timelines, communications.

G. Research, Audit, and Quality Improvement

• Anonymized/aggregated outcomes for audits, research, or regulatory reporting (subject to consent where required);
• Monitoring success rates, adverse events, outcomes.

H. Communication and Patient Engagement

• Reminders, instructions, lab results, follow-up care via SMS/email/phone/WhatsApp (as per consent);
• Information on services/discounts/awareness programs (opt-out available).

All personal and sensitive information is collected solely for the aforementioned purposes and is used only to the extent necessary to ensure medical efficacy, legal compliance, and patient safety.

We uphold confidentiality, integrity, and availability per the Information Technology Act, SPDI Rules, ART Act, and other regulations. Safeguards include:

6.1 Physical and Administrative Safeguards

• Secure storage of physical records in restricted areas;
• Role-limited access to patient files;
• Regular staff training on privacy and ethics.

6.2 Electronic and Technical Safeguards

• AES-256 encryption, password protection, secure EMR/practice software;
• Secure hosting with real-time backup and firewalls;
• Role-based access controls (RBAC).

6.3 Video Consent and CCTV Storage

• Video consents for specified procedures (as mandated);
• Secure storage accessible only to authorized personnel/regulators;
• CCTV retention 30–90 days based on risk/legal advisories.

6.4 Retention of Records

• Retention for at least 10 years per ART Rules, 2022;
• Donor-related ART records retained permanently or until superseded;
• Post-retention: certified destruction or anonymization.

6.5 Third-party and Cloud Storage Protocols

• NDAs/DPAs with vendors; Indian jurisdiction or equivalent standards (ISO 27001, HIPAA);
• Encrypted/logged transfers; no third-party access without consent or lawful authority.

6.6 Breach Notification & Incident Response

• Incident response team for identification, containment, notification, and corrective/preventive actions;
• Audit trail of access logs and consent updates.

By maintaining a rigorous and legally compliant data protection framework, Ritu IVF aims to protect your privacy and build trust through ethical and secure management of all sensitive and personal data.

Your data may be shared, with consent or as mandated by law, to:

• Other treating doctors, embryologists, counsellors, or partner hospitals
• Government authorities (ART Board, PCPNDT Authorities, Courts, NMC)
• Insurance agencies, auditors, or third-party billing systems
• Technology vendors (e.g., EMR providers) for clinic functioning

We do not sell or rent your personal data to any third party for marketing purposes.

• If you interact with us via our website, Google Forms, WhatsApp, or email, we may collect cookies or session data;
• We may use your contact information for service updates, newsletters, or appointment reminders;
• You may opt out of non-essential communication anytime by writing to us.

• Access your medical records (upon written request with ID proof)
• Request correction, deletion, or restriction of your data
• Withdraw any previously given consent (except when required by law)
• Lodge a complaint with our Grievance Officer

Please note, we may retain data as required under applicable laws despite consent withdrawal.

If you have any concerns regarding the usage of your information or privacy rights, please contact:

Rajesh Yadav
Grievance Officer

Email: drrituivf@gmail.com

Phone: 9057000555

Clinic Address: First Floor, Sunshine Sheodan Heights, Plot No. 15, New Sanganer Road, Vivek Vihar, Shyam Nagar, Jaipur, Rajasthan 302019, India

We reserve the right to amend this policy to comply with changes in the law or operational requirements. Updated versions will be available at our clinic and/or website. Continued use of our services implies acceptance of any such changes.

By availing consultation, undergoing treatment, or submitting your data to RITU IVF in any form, you acknowledge that you have read, understood, and consented to the terms of this Privacy Policy.