mobile header
Kozhikode+91 9747200002 Kannur+91 9747060006 Thodupuzha+91 9072570123 Payyanur+91 6282901900 Vadakara+91 8943903999

Introduction

"Baby Memorial Hospital", "BMH", "We", "Us", or "Our" to mean and include "Baby Memorial Hospital Limited" Parent Company/Holding Company having and its current and future subsidiaries which includes but not limited to "BMH Care Hospital Limited", "Genesis Institute of Medical Science Private Limited", "BMH Healthcare Service Private Limited", "Payyanur Medical Service and Research Centre Private Limited" and their respective hospital units which includes but not limited to (i) "Baby Memorial Hospital, Calicut", (ii) "Baby Memorial Hospital, Thodupuzha", (iii) Baby Memorial Hospital, Perumbavoor, (iv)"Baby Memorial Hospital, Kannur", (v) "Baby Memorial Hospital, Vadakara";(vi) "Baby Memorial Hospital, Payyanur" are committed to protecting the privacy, confidentiality, and integrity of your personal data. We recognize that when you choose to interact with us - whether through our website, mobile applications, or by accessing our medical services - you place your trust in us. This privacy policy ("privacy policy") applies to the collection, storage, processing, disclosure and transfer of your personal information (defined below) we may collect from you during your interactions with our website, https://babymemorialhospitals.com/, Mobile Applications, Self Service Kiosks, Call Centers, Social Media/Messaging Platforms and offline Interactions at Hospitals as per the below-mentioned laws, when such personal information is shared with BMH for any purpose or transaction or services ("services").

It also details the legal basis for collecting such data, the purposes for which it is used, with whom it may be shared, and your rights concerning your personal data under applicable data protection laws, including the Digital Personal Data Protection Act, 2023 (DPDPA) and rules made thereunder and any other relevant Indian legislation.

By accessing or using our services, you acknowledge that you have read and understood this privacy policy.

This policy does not apply to third-party websites or services that may be linked through our platform. We strongly encourage you to review the privacy policies of those third-party websites as we are not responsible for their data practices.

Note: This privacy policy does not constitute a legal, contractual, or fiduciary obligation between BMH and any party and does not confer any enforceable rights on any individual, unless otherwise provided under applicable law.

Scope

This privacy policy applies to all personal and non-personal data that we collect from:

  • Individuals accessing or using our above mentioned data collection channels
  • Patients availing treatment or diagnostic services at BMH
  • Visitors, bystanders, dependents, or representatives interacting with our healthcare services
  • Job applicants, employees, contractors, trainees, apprentice, service providers and professional advisers engaging with BMH digitally or physically
  • Users submitting enquiries, making payments, participating in surveys, workshops, counselling (including financial counselling) or marketing initiatives.
  • Guardians, caregivers, or authorized representatives providing consent on behalf of minors, autistic individuals, or persons who are mentally unstable or legally adjudged mentally challenged as per applicable law.
  • Research participants enrolled in clinical trials, medical studies, or academic research conducted by or in collaboration with BMH
  • Telemedicine users accessing remote consultations, virtual appointments, or digital health monitoring services
  • Medical tourism coordinators and international patients utilizing BMH services through facilitation agencies
  • Individuals enrolled in academic, clinical training, internship, residency, or nursing education programs conducted by or in affiliation with BMH.

The policy encompasses data collected through all digital platforms owned or operated by BMH, including but not limited to websites, Help desks, Social Media/Messaging Platforms, patient portals, appointment booking tools, teleconsultation platforms, and electronic health record (EHR) systems.

This privacy policy does not cover:

  • Third-party websites or services that are linked from or accessible via BMH's platforms
  • Information collected through non-affiliated entities that BMH does not own or control
  • Practices of third parties not governed or operated by BMH, including but not limited to partner hospitals, labs, or insurance companies, unless data is shared under contractual obligation

Definitions

For the purposes of this privacy policy:

  • "Baby Memorial Hospital", "BMH", "We", "Us", or "Our" to mean and include "Baby Memorial Hospital Limited" Parent Company/Holding Company having and its current and future subsidiaries which includes but not limited to "BMH Care Hospital Limited", "Genesis Institute of Medical Science Private Limited", "BMH Healthcare Service Private Limited", "Payyanur Medical Service and Research Centre Private Limited" and their respective hospital units which includes but not limited to (i) "Baby Memorial Hospital, Calicut", (ii) "Baby Memorial Hospital, Thodupuzha", (iii) Baby Memorial Hospital, Perumbavoor, (iv)"Baby Memorial Hospital, Kannur", (v) "Baby Memorial Hospital, Vadakara";(vi) "Baby Memorial Hospital, Payyanur", including its staff, healthcare professionals, contractors, and authorized affiliates acting on its behalf.
  • "You" / "your" / "user" / "data principal" – refers to any individual accessing, browsing, or using our website, Mobile Applications, Self Service Kiosks, Call Centers, Patient portals, appointment booking tools, teleconsultation platforms, Social Media/Messaging Platforms and electronic health record (EHR) systems or services, including patients, visitors, caregivers, job applicants, or legal representatives.
  • "Website" – refers to the official Baby Memorial Hospital website at https://babymemorialhospitals.com/ and any subdomains or affiliated mobile platforms, tools, or digital services operated or owned by BMH.
  • "Personal data/ personal information" – means any information that relates to an identified or identifiable natural person and is capable of identifying such a person either directly or indirectly. This includes but is not limited to name, contact information, identification details, health records, financial details, and government-issued documents.
  • "Sensitive personal data" – refers to a sub-category of personal data which includes data related to health conditions, medical history, biometric data, genetic information, financial data, Aadhaar or other government-issued identifiers, religious beliefs (if disclosed), or criminal records.
  • "Non-personal data" – refers to data that does not directly or indirectly identify an individual, such as anonymized usage data, IP address, device type, browser information, etc., collected for analytics and site improvement purposes.
  • "Cookies" – Small text files stored on Your device by our website or third-party services to collect non-personal information to enhance your browsing experience.
  • "Guardian" – A person legally authorized to act on behalf of a minor patient or a patient unable to provide consent due to incapacity, including parents or legal representatives. This includes consent provision for individuals diagnosed with mental instability, autism spectrum disorders or similar cases.
  • "Main SPOC (Single Point of Contact)" – The designated individual responsible for managing communications and consent on behalf of a patient, often a caregiver or guardian during hospital admission.
  • "Data fiduciary" – refers to BMH, which determines the purpose and means of processing your personal data, in compliance with the applicable law.
  • "Data processor" – refers to any third party that processes personal data on behalf of BMH under contractual agreement and confidentiality obligations (e.g., IT service providers, payment gateways, diagnostic labs, insurance claim processing service providers).
  • "Digital Personal Data Protection Act (DPDPA)" – The Indian legal framework governing the protection of personal data, outlining rights, duties, and responsibilities for data controllers and processors.
  • "Processing" – means any operation performed on personal data including but not limited to collection, recording, organization, storage, updating, use, sharing, restriction, erasure, or destruction.
  • "Third party" – Any entity other than BMH involved in the processing of personal data, including service providers, business partners, affiliates, or regulatory authorities.
  • "Consent" – means the voluntary, specific, informed, and unambiguous indication by which you signify agreement to the processing of your personal data for one or more specified purposes. Consent must be provided by a guardian, bystander (wherever applicable) or legal representative in the case of minors, individuals with mental instability, or others lacking legal capacity.

Information We Collect

BMH collects data through its website and above mentioned data collection channels for the purposes of medical care, service delivery, improve healthcare services and outreach. Data may be collected directly from users, or indirectly through interaction with third-party services.

The types of information we collect includes, but not limited to:

Personal information

  • Full name, date of birth, gender, and contact details (phone number, email, address, social media coordinates etc.) etc.
  • Health information including medical history, current conditions, treatment details, and diagnostic reports etc.
  • Patient registration and admission data
  • Guardian, bystander, caretaker, or main SPOC details (where applicable) etc.
  • Financial and payment information related to services availed
  • Responses and feedback provided during and after hospital stays
  • Information from referrals and physician networks
  • Consent records for the collection and processing of data, including guardian consent for minors and Mentally challenged or mentally unstable or autistic kids / patients.
  • Past academic qualifications and credentials, including degrees, diplomas, professional registrations submitted for admission and eligibility verification.
  • Academic and financial records including enrolment and program details, qualifications, attendance, examination results, evaluations, certifications, stipends, fee payments and scholarships.

Digital and non-personal information

  • IP address, browser type, device information
  • Usage data including pages visited, time spent, and interaction patterns on our digital platforms
  • Cookies and tracking technology data from website visits, social media engagement, and online campaigns

Sources of Collection

  • Direct input via patient registration, admission forms, feedback surveys (during / after discharge), and health programs
  • Digital platforms including appointment bookings, queries on websites and social media
  • Campaigns, workshops, community connect, health and wellness program
  • Referrals and physician networks
  • CRM and chat bots
  • CCTV surveillance footage and records
  • Events such as workshops, community health initiatives, and marketing campaigns
  • Third-party referrals and healthcare provider networks
  • Medical devices and diagnostic equipment (lab analyzers, imaging systems, monitoring devices that generate patient data)
  • Telephone calls and call center recordings for appointment scheduling, inquiries, and customer service interactions.
  • Voice recordings from clinical consultations captured through the AI Scribe for real-time transcription into patient medical records.
  • Video recordings and photographs taken during surgical procedures, patient interactions, hospital events, and promotional activities.
  • Data Collected by the telemedicine services/Remote Patient Monitoring/Homecare Services/Ambulance Services offered by BMH
  • Personal data of students and resident doctors is collected through academic admission and enrollment processes, training and rotation schedules, attendance and assessment systems, hospital and student management systems, faculty and departmental inputs, and official communications during academic and clinical training within BMH.

Personal information of beneficiaries/dependents/other individuals

If you provide personal information of beneficiaries/dependents/other individuals to BMH, you agree:

  • to inform the individual about the content of this privacy policy, and any other applicable BMH privacy notice provided to you,
  • to obtain any legally required consent of personal information about the individual in accordance with this; and
  • to obtain/provide necessary consents from the legal guardian of children and mentally challenged or mentally unstable or autistic kids / patients whose data you may provide to us for availing our services.

Children's (minor's) personal data

  • BMH handles the personal data of individuals under 18 years of age with enhanced care and in compliance with the Digital Personal Data Protection Act, 2023.
  • Personal data of minors is collected and processed only with verifiable consent from a parent or legal guardian.
  • Data is used solely for medical and related healthcare services and is not processed for any purpose likely to harm the child.
  • Access to such data is strictly controlled and limited to authorized personnel.
  • Parents/guardians may review, correct, or request deletion of their child's data, subject to legal and medical record-keeping requirements.
  • Where applicable, we collect data on behalf of minors, autistic children, or persons unable to provide legal consent, with verifiable guardian consent and legal authorization.
  • BMH applies heightened safeguards and privacy controls when dealing with minors' data, recognizing the special obligation to protect the rights and wellbeing of children.

Purpose for Which We Collect Your Data

The personal data collected is utilized to fulfill various purposes, including but not limited to:

  • Delivering high-quality medical care, including diagnosis, treatment, follow-ups, and managing patient health records.
  • Managing appointments, admissions, billing, and processing payments efficiently.
  • Facilitating communication with patients, guardians, bystanders and healthcare professionals for appointment reminders, test results, health alerts, and treatment plans.
  • Conducting patient satisfaction surveys and feedback collection to enhance service quality.
  • Running health and wellness programs, community connect initiatives, workshops, and campaigns, including targeted communications related to these activities.
  • Documenting and processing personal data for clinical trials, publication of testimonials (with consent), or recording surgical procedures for training, academic publishing, and educational purposes. All such data use is subject to informed consent, ethical clearance, and data minimization.
  • Continuous CCTV surveillance to ensure physical security and monitor activities within BMH premises.
  • Sending promotional materials, newsletters, and information about upcoming events, with consent, through phone calls, SMS, WhatsApp, or email.
  • Improving digital platforms by analyzing usage data to optimize user experience and functionality.
  • Investigating and preventing fraud, unauthorized access, or illegal activities affecting our services.
  • Complying with legal or regulatory requests, including responding to subpoenas or government mandates.
  • Analyzing anonymized or de identified data for clinical research, epidemiological studies, demographic analysis, medical audits, and quality assurance initiatives.
  • Telemedicine and remote healthcare services - Facilitating virtual consultations, remote monitoring, and digital health interventions.
  • Emergency response and critical care - Using contact information to reach family members, emergency contacts, or legal guardians during medical emergencies or critical situations.
  • Insurance coordination and claims processing - Sharing necessary medical information with insurance providers, TPAs, and government health schemes for authorization, reimbursement, and settlement purposes.
  • Using artificial intelligence and machine learning algorithms to provide medical diagnosis support, analyze medical images (X-rays, CT scans, MRIs), predict health risks, suggest diagnoses, or recommend treatment options to assist healthcare professionals.
  • Voice analytics and call quality monitoring to analyze recorded telephone conversations from call centers for quality assurance, training purposes, customer service improvement, sentiment analysis, and compliance verification.
  • Voice-to-text transcription of clinical consultations to automatically document doctor-patient conversations in electronic health records, enabling accurate documentation and improving the quality of medical record-keeping.
  • Videography and multimedia documentation to record surgical procedures, clinical demonstrations, patient testimonials, and educational content for medical training, academic publishing, promotional materials, and documentation purposes, subject to explicit informed consent.
  • Biometric details of patients & employees for identification & authentication
  • For employees we process personal data to manage employment functions including but not limited to recruitment, onboarding, payroll, benefits, performance, attendance, workplace safety, system access, performance analysis, policy compliance, and exit procedures and to fulfil legal, regulatory, and contractual obligations.
  • We process candidate personal data to verify eligibility and qualifications, conduct recruitment assessments, communication, and background verification.
  • We process vendor personal data to verify, onboard, and manage service partners essential to hospital operations, administer contracts and payments, ensure compliance with hospital standards, and meet legal and regulatory obligations.
  • We process personal data of students and resident doctors to manage academic and clinical training activities, maintain academic and attendance records, administer assessments and rotations, ensure access to hospital and educational systems, support regulatory and accreditation requirements, and uphold safety, compliance, and operational needs within the hospital and training environment.

Lawful reasons for processing your personal data

BMH processes personal data strictly under the following lawful bases as outlined by the DPDPA and related laws:

  • Consent: By virtue of the consent separately provided by you, it is agreed that you have freely and explicitly consented to the collection, storage, processing, disclosure, and transfer of your personal information in accordance with this privacy policy and the consent given.
  • Legal compliance: Processing necessary to comply with applicable laws, regulatory requirements, or legal obligations.
  • Contractual necessity: Processing data to provide healthcare and other services as per agreements, including treatment, billing, appointment management, and patient care.
  • Legitimate interests: Processing personal data for purposes including improving healthcare delivery, advancing medical research, and facilitating seamless health services management, all while employing stringent measures to protect privacy and adhering to ethical standards.

Sharing of Information

At BMH, we respect your privacy and are committed to protecting your personal data. We do not sell or rent your personal information under any circumstances without your explicit consent. Your data is shared only under lawful basis, with appropriate safeguards in place to ensure confidentiality, integrity, and purpose limitation.

We may share your personal information in the following circumstances:

1. With your explicit consent

We will obtain your clear and recorded consent before sharing your data, especially in cases involving sensitive personal data or data of minors (with parental or guardian consent, recorded with timestamp), mentally challenged or mentally unstable or autistic kids / patients.

2. With healthcare providers

To ensure high-quality medical care, we may share data with doctors, specialists, laboratories, and allied health professionals directly or indirectly involved in your treatment and care.

3. With service providers and third-party vendors

We engage trusted partners to support operational and technical services. These partners are bound by strict confidentiality agreements and are only authorized to process the minimum data necessary. Examples include:

  • Medical professionals and diagnostic labs
  • Payment gateway providers and banking partners
  • IT service providers, software developers, and cloud storage vendors
  • Patient communication and appointment platforms
  • Marketing partners (only with opt-in consent)
  • Survey firms or patient experience consultants
  • With organ donation networks and transplant coordinators when relevant to patient care and with appropriate consent
  • With insurance companies and TPAs (Third Party Administrators) for processing claims, pre authorization, cashless treatment approvals, and settlement of medical bills as per policy terms

All vendors are thoroughly vetted and contractually bound to maintain data confidentiality and security.

4. With regulatory or legal authorities

We may share data as required by law, in compliance with:

  • Local and central health authorities
  • Law enforcement agencies
  • Judicial, quasi-judicial or administrative authorities
  • Insurance and health regulators
  • Public health or epidemic control authorities
  • With accreditation and quality certification bodies such as NABH or other healthcare accreditation organizations during audits and assessments to maintain hospital standards.

Such disclosures are made only when legally mandated and are reviewed internally to ensure due process.

5. With auditors, legal advisors, and compliance officers

To meet statutory and internal requirements, we may share information with:

  • External and internal audit teams
  • Legal advisors, claims handlers, and compliance teams
  • Risk and governance consultants

6. With investigators or risk consultants

In situations involving suspected fraud, legal disputes, or regulatory investigations, data may be shared for the purpose of detection, resolution, and compliance verification.

7. To safeguard vital interests

In medical emergencies or life-threatening situations, we may share relevant information with:

  • Ambulance services
  • Referred hospitals or emergency care providers
  • Family members or legal representatives

This is done solely to protect your health, safety, or life.

8. For marketing and outreach (only with opt-in consent)

If you have opted in, we may use your data for:

  • Health awareness campaigns
  • Preventive care programs
  • Community outreach and educational initiatives

You can opt out at any time through provided communication channels.

9. With business affiliates

In the event of corporate restructuring, merger, or acquisition, your data may be transferred to business affiliates or successors, with appropriate data protection safeguards in place.

10. Sharing of employee data

We may share employee personal data only with authorized third parties, including payroll providers, statutory authorities, auditors, insurers, IT service providers, and regulatory bodies, strictly on a need-to-know basis to fulfil employment, legal, contractual, and operational obligations, with appropriate confidentiality and security safeguards in place.

11. Sharing of Candidate data

We may share candidate personal data with authorized recruitment partners, verification agencies, interview panel members, and regulatory authorities solely as required to assess suitability for employment, complete mandatory background checks, or comply with legal obligations, ensuring that all disclosures follow strict confidentiality and data protection controls.

12. Sharing of Vendor/partner data

We may share vendor personal data with internal departments, financial institutions, auditors, regulatory authorities, and third-party service providers strictly for purposes of due diligence, contract execution, payment processing, compliance, and operational coordination, ensuring that all recipients are bound by legal, contractual, and security requirements to protect the data.

Note: Every sharing activity at BMH is guided by the principles of minimum necessary disclosure, purpose limitation, and data principal rights. We regularly review our sharing practices to ensure compliance with applicable laws, including the Digital Personal Data Protection (DPDP) Act, 2023.

13. Sharing of Students/Resident Doctors Data

We share personal data of students and resident doctors with academic bodies, clinical departments, regulatory and accreditation authorities, training partners, IT service providers, and authorized third parties strictly as necessary for academic administration, clinical training, compliance, safety, and legal or institutional reporting obligations, with all recipients bound by confidentiality and data protection requirements.

Data storage, processing, retention & disposal

At BMH, we are committed to protecting your personal data in full compliance with applicable Indian data protection laws, including the Digital Personal Data Protection Act (DPDPA), 2023.

All personal data is processed and stored exclusively within India. This is carried out through BMH's secure internal systems and through carefully vetted third-party servers located in Indian data centers that comply with applicable legal, regulatory, and security standards. BMH does not transfer any personal data outside India, ensuring that all data storage, processing, and management activities are fully aligned with national legal requirements.

We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected or as required by applicable laws and regulations. Our data retention practices are based on the following principles:

  • Retention for the duration necessary to provide healthcare and related services, including treatment, billing, insurance claims, audit, tax assessments, dispute resolution, litigations and follow-up care
  • Compliance with applicable legal, contractual, and regulatory requirements
  • Adherence to internal data retention policies approved by BMH's management and Board
  • Secure deletion or anonymization of personal data once it is no longer required for the above purposes, or upon withdrawal of consent (where applicable), unless otherwise required by law. The disposal of data shall follow best practices and future guidelines under the DPDP Act, including secure shredding of physical records and secure wiping or destruction of electronic data to prevent recovery.

This approach reflects our commitment to data minimization, purpose limitation, and responsible data lifecycle management, ensuring the confidentiality and lawful handling of your information.

Security controls

At BMH, we take the security and confidentiality of your personal data very seriously. To protect your information against unauthorized access, loss, misuse, or alteration, we have implemented a robust set of safeguards encompassing technical, administrative, and physical measures:

  • Technical Safeguards: Your data is encrypted both in transit and at rest. We utilize firewalls, secure servers, multi-factor authentication (MFA), and conduct regular vulnerability assessments. All data transmissions are secured via SSL/TLS protocols to ensure confidentiality and integrity.
  • Administrative Controls: Access to personal data is strictly limited through role-based access control (RBAC) and role-based permissions. Our employees receive ongoing training on data privacy and security, and we maintain comprehensive, documented policies and procedures to enforce these standards.
  • Physical Security: Access to our facilities and data centers is tightly controlled with security measures including surveillance systems to prevent unauthorized physical access. Our premises and data centers are under continuous CCTV surveillance to ensure physical security and monitoring of access points.
  • Regular Audits: We conduct both internal and external audits regularly to ensure compliance with applicable data protection standards and to continuously improve our security practices.
  • In line with UIDAI guidelines, Aadhaar and biometric data are stored separately with strict segregation to enhance security.

While we strive to maintain the highest level of data protection, no method of electronic transmission or storage can be completely secure. Therefore, we encourage you to safeguard your credentials carefully and promptly notify us if you suspect any breach of your personal data.

Regardless of where your data is processed, BMH remains committed to maintaining these stringent security protocols to protect your privacy and personal information.

Use of cookies

We may store temporary or permanent 'cookies' on your computer. You can erase or choose to block these cookies from your computer. You can set or amend your web browser controls to accept or refuse cookies. If you choose to reject cookies, you may still use the Website though your access to some functionality and areas of this Website may be restricted. How you can refuse cookies through your web browser, vary from browser to browser. You should visit your browser's help menu for more information. Also, you can delete existing cookies from your browser. If cookies are deleted, the information collected prior to the preference change may still be used; however, we will stop using the disabled cookie to collect any further information from your user experience while serving advertisements or optimizing services to its users, BMH may allow authorized third parties to place or recognize a unique cookie on the User's browser/device. Further, BMH does not exercise control over the sites displayed as search results or links from within its Services. These other sites may place their own cookies or other files on your computer, collect data or solicit personal information from you, for which BMH is not responsible or liable. BMH encourages you to read the privacy policies of all external sites.

Data principal rights

Under the Digital Personal Data Protection Act, 2023 (DPDP Act), you have the following rights regarding your personal data collected and processed by BMH:

  • Right to confirmation and access: You have the right to obtain confirmation from us whether your personal data is being processed and to access the personal data we hold about you.
  • Right to correction: You can request correction of any inaccurate, incomplete, or outdated personal data.
  • Right to data portability: You have the right to receive your personal data in a structured, commonly used, and machine-readable format and to transmit that data to another data fiduciary where technically feasible.
  • Right to withdraw consent: Where processing is based on your consent, you can withdraw your consent at any time. Withdrawal of consent will not affect the lawfulness of processing before such withdrawal.
  • Right to object to processing: You may object to processing of your personal data on legitimate grounds relating to your specific situation, unless otherwise required by law or for health and safety reasons.
  • Right to erasure (right to be forgotten): Subject to certain exceptions under the DPDP Act, you may request erasure or deletion of your personal data if it is no longer necessary for the purpose it was collected or processed.
  • Right to restrict processing: You may request the restriction or limitation of processing your personal data in specific circumstances, such as during verification of accuracy or lawful grounds.
  • Right to complain to the Data Protection Board: If you believe that your rights under the DPDP act have been violated, you have the right to file a complaint with the Data Protection Board established under the act.
  • Patients who are mentally unstable, autistic, or otherwise incapable of consenting have their rights exercised by their legally authorized representatives or guardians in accordance with DPDPA.

NOTE: If you choose not to provide your consent, or if you withdraw your consent at any time, our ability to collect, use, and process your personal data may be limited. This may affect our ability to provide healthcare services, maintain and access medical and treatment records, coordinate clinical care, process billing and insurance claims, comply with applicable legal and regulatory requirements, and ensure continuity, quality, and safety of care.

For students and trainees, withdrawal of consent in partial or full may impact academic administration, training records, clinical postings, assessments, certifications, stipends, and access to learning platforms or institutional facilities.

For employees, withdrawal of consent in partial or full may affect recruitment, onboarding, payroll, benefits administration, statutory compliances, access controls, internal systems, workplace safety, and performance or disciplinary processes.

In such cases, the Hospital or its affiliated institutions may be unable to offer or continue certain services, programs, or engagements that depend on such data collection and processing.

How to raise a DPR (data principal request)?

If you want to request access to, correction of, or deletion of your personal data held by BMH, you can raise a data protection request (DPR) by following these steps:

  1. Send your request: Email or mail a written request to our BMH IT Office/Data Protection Officer (DPO) at dpo@bmhcare.in. Please include your name, contact information, and details about the data you want to access or modify.
  2. Verify your identity: For your security, we may ask you to provide proof of identity before processing your request.
  3. Request acknowledgement: We will confirm receipt of your request within a few business days and inform you about the next steps.
  4. Processing time: We will review and respond to your request as quickly as possible, usually within the timeframes required by law.
  5. Receive response: We will communicate our findings or confirm any changes made to your data securely.

Where to send your DPR request

Email: dpo@bmhcare.in

Address: BMH Data Privacy Office, Baby Memorial Hospital, Indira Gandhi Road, Kozhikode - 673004 Kerala

If you need help or have questions, please reach out to us anytime.

Note: If your request concerns a data principal incapable of self-consent (minor, autistic, or mentally ill individual), please submit a legal authorization or proof of guardianship along with your data principal request (DPR).

Changes to the privacy policy

BMH reserves the right to modify or update this privacy policy at any time. In the event of significant changes, it will be notified through notices on our website. Please review this policy periodically to stay informed about how we protect and process your information.

Communication

BMH may communicate with you using the contact information you provide, such as phone numbers, email addresses, or messaging platforms like WhatsApp. These communications may include:

  • Appointment reminders, test results, treatment updates, and health alerts
  • Information related to billing, payments, and insurance claims.
  • Invitations to participate in health programs, workshops, surveys, and community events (subject to your consent)
  • Promotional messages about hospital services, offers, or campaigns, only after you have given opt-in consent.
  • Important updates about hospital policies, changes in services, or emergencies
  • BMH communicates with employees to share information necessary for employment administration, workplace safety, policy compliance, operational coordination, and organizational announcements.
  • BMH communicates with candidates to provide updates on recruitment status, conduct interviews and assessments, request documentation, and share information relevant to the hiring process.
  • BMH communicates with vendors to manage onboarding, contracts, service delivery, compliance requirements, invoicing, and operational coordination essential for hospital functions.
  • We communicate with students and resident doctors to provide academic updates, clinical rotation schedules, attendance and assessment information, institutional announcements, safety alerts, policy updates, and training-related instructions through the contact details they provide.

You have the right to opt out of receiving marketing or promotional communications at any time by contacting us through the details provided in this policy or using unsubscribe options where available.

Contact Us

In case you require any further clarifications on the content of this policy, need to raise a query with respect to your data privacy rights or terms of use, please contact:
DPO: dpo@bmhcare.in

Details of privacy SPOC: dpo@bmhcare.in

Grievance office information
Email id: GrievanceOffice@bmhcare.in

Address for Communication with BMH
Data Protection Officer,
Baby Memorial Hospital Limited
Indira Gandhi Road, Kozhikode - 673004 Kerala, India