Privacy Policy

General Practice Hospital (“GPH”, “we”, “our”, or “us”) is committed to protecting the privacy, confidentiality, and security of all personal and medical information entrusted to us.

This Privacy Policy describes how we collect, use, store, disclose, and safeguard information obtained through our website general Practice, hospital facilities, appointments, consultations, and all related services.

1. Scope of This Policy

This Privacy Policy applies to:

  • Patients (OPD, IPD, emergency, and urgent care)
  • Website visitors
  • Attendants and caregivers
  • Corporate and institutional clients
  • Individuals communicating with us via phone, email, WhatsApp, or other digital channels

2. Information We Collect

a. Personal Information

  • Full name
  • CNIC / Passport number (where legally or medically required)
  • Date of birth and gender
  • Phone number, email address, residential address
  • Emergency contact details

b. Medical & Health Information

  • Medical history and clinical notes
  • Diagnoses, prescriptions, lab results, imaging reports
  • Treatment plans, procedures, and follow-ups
  • Allergies, chronic conditions, and lifestyle factors relevant to care

All medical information is collected strictly for diagnosis, treatment, patient safety, continuity of care, and legal compliance.

c. Appointment & Service Information

  • Appointment requests and schedules
  • Doctor, department, and service selection
  • Visit history and service utilization

d. Appointment & Service Information

  • IP address and browser/device type
  • Pages visited and interaction behavior
  • Cookies and basic analytics data

3. How We Use Your Information

Your information is used for the following purposes:

    • Delivering medical consultations, diagnostics, and treatment
    • Managing hospital operations and patient care workflows
    • Appointment confirmations, reminders, and follow-ups
    • Responding to inquiries and feedback
    • Quality assurance, audits, and internal training (with confidentiality safeguards)
    • Improving healthcare services and website performance
    • Compliance with legal, regulatory, and ethical obligations

4. Medical Confidentiality & HIPAA-Style Safeguards

General Practice Hospital follows international best practices for medical confidentiality, aligned with principles similar to HIPAA (Health Insurance Portability and Accountability Act), even though HIPAA is a U.S. regulation.

We ensure that:

  • Medical records are accessed only by authorized healthcare professionals
  • Patient information is shared strictly on a need-to-know basis
  • Confidentiality obligations apply to all staff, consultants, and vendors
  • Unauthorized access, disclosure, or misuse of medical data is strictly prohibited

Patient medical information will never be disclosed for marketing or non-medical purposes.

5. Legal Basis for Processing

We process personal and medical data based on:

  • Patient consent (explicit or implied)
  • Medical necessity and continuity of care
  • Compliance with applicable Pakistani healthcare laws
  • Protection of vital interests in emergencies
  • Legitimate hospital operational requirements

6. Disclosure of Information

We do not sell, trade, or rent personal or medical information.

Information may be disclosed only:

  • To treating doctors, nurses, and authorized hospital staff
  • To laboratories, diagnostic centers, pharmacies, or specialists involved in care
  • To corporate clients or insurers (only where applicable and authorized)
  • When required by law, court order, or regulatory authority
  • In medical emergencies to protect life or health

All third parties are contractually obligated to maintain confidentiality and data security.

7. No Online Payments

General Practice Hospital does not collect or process online payments through its website.

Any payment-related discussions or transactions occur in person or through official hospital channels, and we do not store credit/debit card or banking details on our website.

8. WhatsApp & Electronic Communication Consent

By contacting General Practice Hospital via WhatsApp, phone calls, SMS, or email, you consent to receive:

  • Appointment confirmations and reminders
  • Follow-up instructions and care coordination messages
  • Relevant service-related communication

WhatsApp communication is used for convenience only and not for emergency medical advice. Patients are advised to visit the hospital or emergency services for urgent medical concerns.

9. Data Security Measures

We implement reasonable and appropriate safeguards including:

  • Restricted access to patient records
  • Secure data storage systems
  • Confidentiality agreements with staff and vendors
  • Administrative and technical controls to prevent unauthorized access

Despite best efforts, no digital system can guarantee absolute security.

10. Data Retention

  • Medical records are retained in accordance with hospital policy and applicable laws
  • Non-medical data is retained only as long as operationally or legally necessary
  • Data is securely deleted or anonymized when no longer required

11. Cookies & Website Tracking

Our website may use cookies to:

    • Improve user experience
    • Analyze traffic and usage trends
    • Ensure basic website functionality

Users may disable cookies via browser settings, though some features may not function optimally.

12. Your Rights

You have the right to:

  • Request access to your personal data
  • Request correction of inaccurate information
  • Withdraw consent (subject to medical and legal limitations)
  • Request deletion of non-medical personal data where applicable
  • Raise concerns or complaints regarding privacy

Requests can be made through the contact details below.

13. Children’s Privacy

Information relating to minors is collected only with parental or legal guardian consent and solely for medical care and treatment purposes.

14. Third-Party Links

Our website may contain links to external websites. General Practice Hospital is not responsible for the privacy practices or content of third-party sites.

15. Policy Updates

We may update this Privacy Policy periodically. Any changes will be posted on this page with an updated revision date. Continued use of our services constitutes acceptance of the revised policy.

16. Contact Information

For privacy concerns, data access requests, or questions, please contact:

General Practice Hospital

17. Consent

By using our website, communicating with us electronically, or receiving medical services at General Practice Hospital, you acknowledge, understand, and agree to this Privacy Policy.