Compliance

Clinvo Health is built to operate within the Indian healthcare regulatory landscape. This page summarises the frameworks we design against. It is informational only and does not constitute a certification or audit report; where specific certifications (ABDM milestone, ISO 27001, SOC 2) are achieved, we will list them here with issuance dates and certificate references.

Digital Personal Data Protection Act (DPDPA), 2023: We process personal and sensitive personal data as a Data Fiduciary under DPDPA 2023. We honour Data Principal rights (access, correction, erasure, withdrawal of consent, nomination, grievance redressal), maintain a Data Protection Officer, and commit to 72-hour breach notification.

Ayushman Bharat Digital Mission (ABDM): The platform is architected to operate as both a Health Information Provider (HIP) and Health Information User (HIU), using FHIR R4 and ABDM's Consent Manager flows for interoperable record exchange.

Information Technology Act, 2000 (and SPDI Rules, 2011): We comply with reasonable security practices and procedures for Sensitive Personal Data or Information (SPDI).

Telemedicine Practice Guidelines, 2020: Video-consultation workflows follow identity-verification, record-keeping, and prescription requirements set by the Board of Governors in supersession of the Medical Council of India.

Specialty-specific obligations: Where relevant specialty workspaces are in use, the platform is designed to support compliance with the Pre-Conception and Pre-Natal Diagnostic Techniques (PCPNDT) Act 1994, the Medical Termination of Pregnancy (MTP) Act, the Mental Healthcare Act (MHCA) 2017, and Dental Council of India record-keeping guidance. See the Privacy Policy for the data categories involved.

For compliance documentation requests (DPA templates, BAA-equivalent agreements, security questionnaires), please email [email protected].