Privacy Policy of Medi Assist Insurance TPA Pvt. Ltd.
This Privacy Policy sets out how we use and protect any information that you share with us when you use this website/mobile application. The purpose of this Privacy Policy (as amended from time to time) is to give you an understanding on how we intend to collect, store, transfer, disclose, process and use the information you provide to us through our platform.
We are committed to ensuring that your privacy is protected at all times. We may change this policy from time to time by updating this page. You should check this page from time to time to ensure that you are in agreement with all such updated terms and conditions or changes.
The term ‘Company’ or ‘us’ or ‘we’ refers to Medi Assist Insurance TPA Private Limited having its registered office at Tower D, 4th Floor, IBC Knowledge Park, 4/1 Bannerghatta Road, Bangalore – 560029 India and the terms ‘you’ or ‘your’ refer to the Registered Users or viewers including hospitals, healthcare providers, insured customers, patients etc. of our website/mobile application or portal. The use of this platform is subject to the following terms of use.
By providing your information to us, you hereby consent to the collection, storage, disclosure, processing and transfer of such information for the purposes as disclosed in this Policy. You are providing the information out of your free will. You have the option not to provide the data or Personal Information or Sensitive Personal Data or Information sought to be collected if you do not agree with this Policy.
-
Collection of Information and Usage:
We may collect certain Personal Information, Sensitive Personal Data or Information from you while using our website or directly from the concerned insurer and your employer, if applicable.
Personal Information means any information that relates to you and may include date of birth, employee code, email address, residential address, mobile number, alternate telephone number, etc.
Further, you would be required to give us certain Sensitive Personal Data or Information about you, Sensitive Personal Data or Information shall mean such personal information which consists of information relating to;-
- financial information such as bank account or any other payment instrument details;
- physical, physiological and mental health condition;
- medical records and history;
- any detail relating to the above clauses as provided to body corporate for providing service; and
- any of the information received under above clauses by body corporate for processing, stored or processed under lawful contract or otherwise:
Provided that, any information that is freely available or accessible in public domain or furnished under the Right to Information Act, 2005 or any other law for the time being in force shall not be regarded as Sensitive Personal Data or Information.
We inform you that our website may collect certain Personal Information and/or Sensitive Personal Data or Information about you such as medical and health records including but not limited to your prescription, test reports, past medical history, etc. We understand that the Personal Information and/or Sensitive Personal Data or Information is extremely private to you and assure you that it will be used only for providing required healthcare services as mutually agreed to be rendered by us.
While using our website and for availing any of our services you would be required to give us your Personal Information and/or Sensitive Personal Data or Information.This could be done post login on our website using the credentials given by us, which will be shared with you by email, which is unique to you and you will be required to change the password at the time of first login.
-
Access:
You may be given the privilege to upload and store your medical and health records on our website to which only you shall have access to by using your unique username. This will help you have access to all your medical and health records. We would like to reiterate that barring you, no one shall have access to these records except to the parties as mentioned in the Clause 5 of this Privacy Policy and the same shall be transmitted by us in encrypted form to avoid being hacked and decoded.
-
Purpose for which Personal Information and/or Sensitive Personal Data or Information is collected and processed:
We would like to state that we collect Personal Information and/or Sensitive Personal Data or Information that is absolutely necessary and relevant for us to make your experience hassle-free, convenient, smooth and most importantly, safe. This will also help us in providing you with customized services, assist you with all your queries, resolve the issues faced by you, to follow up with you in order to ensure a long, sustained relationship and most importantly to safeguard you from any kind of fraudulent and unlawful usage.
Personal Information and/or Sensitive Personal Data or Information may be collected by us directly from you for the purpose of processing your medical claims (both, cashless and/or reimbursement) and/or extending cashless facility to you.
For the purpose of extending cashless facility and to ensure your stay at and discharge from the network provider / hospital is seamless, we, through our hospital portal, require certain Personal Information and/or Sensitive Personal Data or Information about you to be provided to us by our network provider(s). This Personal Information and/or Sensitive Personal Data or Information shall be collected by us from the concerned network provider(s) through our hospital portal
Further, for the purpose of processing a reimbursement medical claim, we collect certain Personal Information and/or Sensitive Personal Data or Information about you including but not limited to physical originals / photocopies of medical and health reports, discharge summaries, invoices etc. as issued by network provider(s) or non-network provider(s) to you and as submitted to our designated offices by you.
We use data collection methods / mechanisms such as "Cookies" on certain pages of the website to help analyse our web page flow and promote trust and safety. "Cookies" are small files placed on your hard drive that assist us in providing our services. We offer certain features that are only available through the use of "Cookies".
-
Use of Cookies:
We also use “Cookies” to allow you to enter your password less frequently during a session. Most “Cookies” are “Session Cookies”, meaning that they are automatically deleted from your hard drive at the end of a session. A cookie is a small file which asks permission to be placed on your computers/mobile phone’s hard drive. Cookies allow web applications to respond to you as an individual. The web application can tailor its operations to your needs, likes and dislikes by gathering and remembering information about your preferences. We use traffic log cookies to identify which pages are being used. This helps us analyse data about webpage traffic and improve our portal in order to tailor it to customer needs. We only use this information for statistical analysis purposes and then the data is removed from the system. Overall, cookies help us provide you with a better user experience, by enabling us to monitor which pages you find useful and which you do not. A cookie in no way gives us access to any information stored on your computer, mobile phone or any device through which you access the portal. You can choose to accept or decline cookies. Most web browsers automatically accept cookies, but you can usually modify your browser setting to decline cookies if you prefer. This may prevent you from taking full advantage of the portal.
-
Data Storage:
All your Personal Information and/or Sensitive Personal Data or Information is hosted and/or processed by us at the Company’s data centers located at our registered office situated at Bangalore, India or at such location(s) in India as the Company may so desire to store.
Your Personal Information and/or Sensitive Personal Data or Information is retained by us only for the purpose of providing the required services or for historical or statistical or legal purposes and such retention shall be for a period as required under applicable law.
-
Transfer / Sharing of Information:
We respect your privacy and hereby declare we do not transfer and / or disclose your Personal Information and/or Sensitive Personal Data or Information except as under:
- To law enforcement agencies in connection with an investigation having the interest of general public at large, after having been approved by the due process of law;
- To our associates and affiliates to help detect and prevent fraud, identity theft and other illegal activities, correlate related or multiple accounts to prevent abuse of our services; and to facilitate joint or co-branded services that you request where such services are provided by more than one corporate entity;
- To our full time employees and associates on a need to know basis for the purpose of enabling the Company to provide the necessary services to you;
- We shall also share such information with our associates or affiliates should the Company decide to undergo restructuring in anyway or is acquired by any other entity and ensure that in such an event the other entity continues to follow this policy strictly;
- With the concerned insurer;
- With your employer, if applicable, and on receipt of a formal request from your employer and upon receipt of necessary approval(s).
- Advertisements and links to third-party websites:
Our website may contain certain advertisements and links to third-party websites. We would like to clarify that we do not control or guarantee the accuracy, safety and integrity of the Personal Information and/or Sensitive Personal Data or Information you provide, if you choose to, share your information with these advertisers and third-party websites. It is, therefore, advised that you go through their terms and conditions and privacy policy before providing any Personal Information and/or Sensitive Personal Data or Information about you on these websites.
-
Safety Precautions:
We have stringent, strong, security measures undertaken to ensure against the loss, misuse or alteration of your Personal Information and/or Sensitive Personal Data or Information shared with us. We shall take all necessary precautions to safeguard your information and protect it from any unauthorized use. We have SSL Certificate issued by trusted certification authority and other safety measures in place to safeguard your information with us against any theft or unlawful usage or modification thereof. You are advised, however, that internet technology is not 100% safe and you should exercise discretion on using the same. The Information Security Management System of the Company conforms to the ISO 27001:2013 standard.
-
Consent:
By using our website and providing your Personal Information and/or Sensitive Personal Data or Information, you hereby consent to the collection, storage, disclosure, transfer, processing and usage of your Personal Information and/or Sensitive Personal Data or Information by us as per the terms of this Privacy Policy. Kindly frequent this section to keep yourself updated of any changes made by us in the Privacy Policy.
You hereby confirm to the Company that wherever applicable you have taken necessary consent from your family members and/or your dependents for submission of their Personal Information and/or Sensitive Personal Data or Information with us.
Right to opt out: The Company respects your privacy considerations and hence provides an option to you, to not provide the Personal Information and/or Sensitive Personal Data or Information sought to be collected. Further, you can also withdraw your consent which was earlier given to the Company, and the same must be communicated to the Company in writing. However, we inform you that on your electing to opt out (as envisaged in this section) or on withdrawal of your consent, the Company may not be in a position to provide you necessary services / benefits for which the Personal Information and/or Sensitive Personal Data or Information was sought to be collected.
Further, you will have the option to not provide your consent, or withdraw any consent given earlier, provided that the decision to not provide consent / withdrawal of the consent is communicated to us at grievance.officer@mediassist.in -
Grievance Officer:
The name and contact details of the Grievance Officer is provided hereunder to address all your queries and grievances in accordance with the Information Technology Act, 2000, and Rules made thereunder.
Grievance Officer: Mr. Surendra Tiwari (Chief Administrative Officer)
Email address: grievance.officer@mediassist.in
Contact no: +91 80 4969 8000
Address: Medi Assist Insurance TPA Private Limited, Tower D, 4th Floor, IBC Knowledge Park, 4/1 Bannerghatta Road, Bangalore - 560029If you have any reason to believe that we or any company associated with us has misused any of your Personal Information and/or Sensitive Personal Data or Information please contact us immediately and report such misuse.
We can address any questions, comments and concerns about our online privacy practices and policy. Please write to our Grievance Officer at the above mentioned email address.
Governing law:
If you choose to visit our website, your visit and any dispute over privacy is subject to this Privacy Policy and the website's terms of use. In addition to the foregoing, any disputes arising under this Privacy Policy shall be governed by the laws of India.
This Privacy Policy is compliant with the provisions of The Information Technology Act, 2000 and Rules made thereunder including any modifications or amendments made thereto. The Company may made necessary changes to this Privacy Policy consequent upon any changes or modification in the law. It is hence imperative that you frequently read this Privacy Policy to keep yourself updated of any changes made by us.
Background & applicability
The Companies Act, 2013 (hereinafter referred to as "The Act") under Section 135 has introduced the concept of Corporate Social Responsibility (CSR). It mandates qualifying companies to formulate a CSR Policy and to constitute a CSR Committee to effectively monitor CSR Activities of the Company.
Further the Companies (Corporate Social Responsibility Policy) Rules, 2014 and Amendment Rules 2021 (hereinafter referred to as "CSR Rules") lays down the framework and modalities of carrying out the CSR Projects and programs relating to activities specified in Schedule VII of the Act.
As per the Act and CSR Rules, all qualifying companies require spending at least 2% of its average net profits made during the three immediately preceding financial years. Medi Assist Insurance TPA Private Limited (hereinafter referred to as "Medi Assist" or "The Company") is also covered under the purview of the said provisions. In accordance with aforesaid provisions and CSR rules, the Corporate Social Responsibility (CSR) Committee of the Company was constituted as per the provisions of the said section.
The said policy is governed by and should be read in alignment with the requirements of Section 135 of the Companies Act, 2013 and the corresponding rules made there under, as amended from time to time (‘CSR Rules'), Schedule VII of the Act and Medi Assist group philanthropy's & CSR values.
The policy covers the framework of the CSR activities of the Company.
Company's vision on CSR
Corporate Social Responsibility is the enterprise's responsibility towards the community and environment in which it operates. It is the continuing commitment by business to behave ethically and contribute to economic development of the society at large and building capacity for sustainable livelihood. We believe that CSR is an integral part of our business. Medi Assist constantly endeavours to actively contribute to the social and economic development of the communities in which it operates taking into consideration the interest of all its stakeholders namely Policyholders, Insurers, Employers, Provider Networks, Aggregators and Shareholders.
CSR Policy & key focus
The Company shall undertake any one or more activities which fall within the provisions of the Schedule VII of the Act. The Company shall spend at least 2% of the average net profits of the Company made during the three immediately preceding financial years towards such CSR Activities.
Key focus areas for CSR activities / projects:
-
Healthcare
The healthcare challenge in India spans a number of dimensions, including access to affordable healthcare, awareness & available facilities. More importantly, the COVID Pandemic has demonstrated gaps in the healthcare system to provide timely access to and in the delivery of healthcare services.
Addressing these challenges and strengthening capacity is essential in achieving the objective of inclusive growth. Medi Assist will directly or with support of agencies focus on strengthening capacity with the potential to scale up and bring about improvements in the delivery and accessibility of health and hospital services. These will include strengthening health seeking behavior among low income and vulnerable communities. Medi Assist will invest in supporting the adoption of wellness and preventive healthcare in the communities we serve including matters relating to furthering women's health. -
Education
Education represents a critical area of action to realize India's growth potential and to make it inclusive, by enabling citizens across the population with access to quality education that equips them for taking up higher education or job-oriented skill training or provides them with requisite knowledge to improve their quality of life. Medi Assist will have a special focus on educating underprivileged girls.
Medi Assist will work directly, with government, industry associations and not-for-profit organizations to improve the quality of facilitating programs in capacity-building, particularly focused on insurance and health. -
Skill development and sustainable livelihoods
Enabling India's youth to gain skills that can provide employment is key to realizing the potential of India's demographic dividend and driving inclusive growth. Improving employability of the youth from lower-income sections of society is hence an important focus area.
Medi Assist shall engage with projects that promote entrepreneurial growth which leads to socio-economic sustainability and improves the quality of life. -
Support employee engagement in CSR activities
Medi Assist supports the involvement of its employees in CSR activities. The Company will work towards expanding the scope to extend these benefits to more geographies, and communities, within India.
Corporate Social Responsibility (CSR) committee
In terms of the provisions of Section 135(1) of the Act, the Board of Directors of the Company shall constitute/ re‐constitute the CSR Committee from time to time in compliance with statutory requirements. The CSR Committee shall comprise of a minimum of three directors, at least one of whom, shall be an independent Director as applicable.
Role of CSR committee
As per the terms of reference, the CSR Committee shall:
- Formulate and recommend to the Board, a Corporate Social Responsibility Policy, which shall indicate the activities to be undertaken by the company as specified in Schedule VII of the Act.
- Review and recommend the amount of expenditure to be incurred on CSR activities and monitor the same.
- Identify corporate social responsibility policy partners and corporate social responsibility policy programs.
- Review and monitor the Corporate Social Responsibility Policy of the Company and its implementation from time to time and issue necessary directions as required for proper implementation and timely completion of corporate social responsibility programs; and
- Any other matter as the Corporate Social Responsibility Committee may deem appropriate after approval of the Board or as may be directed by the Board from time to time.
Monitoring, implementation & reporting
The implementation and monitoring of the CSR activities of the Company are set out below:
- CSR Committee (Board Level Committee):
- The CSR Committee at Board level shall be constituted/ re-constituted in compliance with the provisions of section 135 of the Act. The said Committee may constitute or delegate powers to a Sub-Committee for identifying and spending towards CSR activities.
- The Committee shall oversee the operations of the Sub-Committee and shall also recommend to the Board the amount of expenditure to be incurred on CSR activities.
- CSR Sub-Committee:
- The Committee shall consist of a minimum of 3 (three) members, as may be decided by the CSR Committee and at least one of whom, shall be the Chief Executive Officer/one Director. The Sub Committee shall identify the projects for CSR activities, estimate the amount of expenditure, oversee the implementation of the CSR activity and report to the CSR Committee periodically for its approval/ratification.
The CSR Sub-committee shall formulate parameters and monitor the implementation of the projects / programs. The CSR Sub-Committee shall periodically report to the CSR Committee the findings of the monitoring plans undertaken.
An update on implementation of Annual Action Plan shall be placed before the CSR Committee on a half-yearly basis.
The CSR Sub-Committee shall, at least twice in a year, update the CSR Committee details of each project inter alia including following points:
- Budgeted expenditure of the Projects
- Actual Expenses of the Projects ("YTD")
- Status of the Projects
- Timelines for completion of the Project, if any
- Outcomes of inspections carried on the Projects, if any
- Any other details of relevance
As may be required, the CSR Committee may appoint external specialists in the CSR arena to review the progress of the CSR projects/programs.
The CSR Committee shall report to the Board of Directors of the Company the status of the CSR projects/activities undertaken by the Company, the amount spent thereon and the impact on the targeted beneficiaries/society at large at least on a yearly basis. The details of the CSR activities carried out by the Company during a financial year shall be disclosed in the Directors' Report section of the Annual Report and shall be uploaded on the website of the Company.
The Group CFO/ Head of Finance or the person responsible for financial management shall issue a certificate to the Board certifying that the funds disbursed are utilized for the purpose and in the manner as approved by the Board.
Approach - execution of CSR projects
The Company shall carry out CSR activities only in India. The Company may carry out CSR activities either on its own or through a registered public trust or registered society, registered under section 12A and 80 G of the Income Tax Act, 1961 or company established by the Company or its holding company under Section 8 of the Act or as may be approved by the CSR Committee.
Process for undertaking CSR activities/projects
The Company shall adopt the following procedure whilst undertaking/ funding CSR activities/ projects, either directly or indirectly. The procedure is subject to periodic review and revision, as may be required, to ensure effective and timely execution of projects / programs, impact analysis, if applicable and reporting thereon.
- CSR Sub-Committee shall identify projects/programs for execution of CSR activities, formulate an Annual Action Plan, and place the same before the CSR Committee for its consideration and review.
- CSR Committee shall review the Annual Action Plan and recommend the same to the Board of Directors for its approval.
- The Board of Directors shall approve the Annual Action Plan and approve CSR spend on the CSR projects/ programs, on the recommendation of the CSR Committee.
- In case of projects / programs being undertaken through other organizations, execution of Memorandum of Understanding ("MoU") with such entities, which shall inter-alia specify the key roles and responsibilities of each of the parties.
Annual action plan (AAP)
The CSR Sub-Committee shall formulate and recommend to the CSR Committee, who in turn will recommend to the Board of Directors an Annual Action Plan and shall include the following:
- The list of CSR projects or programs that are approved to be undertaken in areas or subjects specified in Schedule VII of the Act.
- The manner of execution of such projects or programs either directly or through implementing agencies.
- The modalities of utilization of funds and implementation schedules for the projects or programs.
- Monitoring and reporting mechanism for the projects or programs, and
- Details of need and impact assessment, if applicable, for the projects undertaken by the Company.
The Company shall undertake the CSR activities during each financial year in accordance with the approved Annual Action Plan.
CSR budget
The Act requires companies falling under the qualifying criteria to spend at least 2% of its average annual net profits (before tax) during the three immediately preceding financial years on CSR activities.
The CSR Committee shall approve individual projects/ programs including contribution towards the Corpus Fund, if any as per the recommendation of the CSR Sub-Committee. The projects/ programs or activities to be chosen by the Company shall correspond to its CSR Policy as well as its annual action plan, as amended from time to time. The excess amount incurred by the Company on CSR projects, programs or activities may be set off against the requirement to spend in succeeding financial year's in consonance with the applicable.
CSR expenditure
CSR expenditure shall include all expenditure including contribution to corpus for projects or programs relating to CSR activities as per the recommendation of the CSR Committee, but does not include any expenditure on an item not in conformity or not in line with activities which fall within the areas or subjects, specified in Schedule VII of the Act.
The Company shall ensure that the administrative overheads shall not exceed the expenditure limit in any financial year as prescribed in the Act. The Company recognizes that any surplus arising out of the CSR activity shall not be part of business profits of the Company and shall be ploughed back into the same project or shall be transferred to the Unspent CSR Account and spent in pursuance of CSR policy and annual action plan of the Company or transfer such surplus amount to a Fund specified in Schedule VII, within a period of six months of the expiry of the financial year. In case the Company spends an amount in excess of the requirements provided under Section 135(5) in a financial year, then the Company may set off such excess amount against the required CSR spend up to immediately succeeding three financial years, subject to approval of the Board of Directors.
Dissemination of the information on website
As per the CSR Rules, the composition of the CSR Committee, contents of the CSR Policy and projects approved by the Board shall be included in the Board' Report and the same shall be displayed on the Company's website.
Policy review & future amendment
The CSR Committee may review this CSR Policy, shall make suitable changes to this CSR Policy as may be required, and shall submit the same for the approval of the Board.