Privacy & Data Policy
Healthcare data is sensitive. MedKit is built with encryption, access controls, and privacy-first defaults.
Security (Encryption & Transport)
We use industry-standard encryption for data in transit (TLS/SSL) and apply security controls to protect your account and records. Access is controlled via roles/permissions, and we encourage strong password hygiene for every user.
Note: exact controls and configurations can vary by plan and deployment.
Data Policy (No Resale)
Your business and patient data is used to provide the product and support you. We do not sell your data.
- •No data resale: we don’t sell customer data to advertisers or third parties.
- •Purpose limitation: data is processed for product features (billing, inventory, appointments, prescriptions) and customer support.
Compliance (India DPDP Act, IT Act)
We’re designed to support privacy and security practices aligned with the Digital Personal Data Protection (DPDP) Act and the Information Technology Act (including applicable rules). If you need a formal compliance review or documentation for procurement, contact support@medkit.care.
“HIPAA-aligned” on the website refers to security-oriented practices (encryption, access controls, audit readiness) and is not a legal certification.