Back to home

Privacy Policy

Effective 01 May 2026

LabOS (“LabOS”, “we”) operates a Laboratory Information Management System for Indian diagnostic labs. This Privacy Policy describes how we collect, use, and protect personal and health information in accordance with India's Digital Personal Data Protection Act, 2023 (“DPDP”) and ISO 15189 / NABL norms.

1. Who is the Data Fiduciary?

Each lab using LabOS is the Data Fiduciary for the patient data it processes. LabOS acts as the Data Processor on the lab's behalf and processes data only on documented instructions from the lab.

2. What we collect

  • Patient PHI: name, phone, age/sex, address, ABHA id, clinical notes, test results. Names and phone numbers are encrypted at rest; phones are searchable via a salted blind-index (SHA-256 truncated).
  • Lab account data: lab name, registration numbers, NABL number, GST/PAN, addresses, branch names, owner / staff phone numbers and email.
  • Operational data: orders, samples, results, instrument runs, audit logs.
  • Payment data: subscription history. Card / UPI details are processed by Razorpay; we never receive or store full card numbers.

3. Lawful basis

For owner / staff signup we rely on consent (DPDP §6). For patient PHI processed inside a lab tenant we rely on the legitimate interest of providing healthcare services (DPDP §7) plus the consent the lab captures from the patient at the point of care. Each patient record carries a dpdp_consent flag and timestamp.

4. How we secure your data

  • All data hosted on Cloudflare Workers with edge presence in Mumbai (ap-south-1).
  • TLS 1.3 in transit; HSTS, CSP, and X-Frame-Options headers enforced.
  • Patient names and phone numbers encrypted at rest using AES-256-GCM.
  • Session cookies are __Host- prefixed with HttpOnly,Secure, and SameSite=strict.
  • Reports stored in Cloudflare R2 are accessed only via signed, time-bound URLs.
  • Granular audit log per lab: every read / write of PHI is recorded.

5. Retention and deletion

Patient records are retained for as long as the lab tenant requires, subject to applicable medical-record retention laws. Lab reports stored in R2 are auto-purged after their per-test retention window via a daily sweep. On lab account closure, all tenant data is deleted within 30 days unless the lab requests an export first.

6. Your rights under DPDP

Data Principals (patients, staff) may request access, correction, erasure, and grievance redressal. Patients should contact their lab directly; lab owners can email privacy@med-os.in.

7. Sub-processors

  • Cloudflare — hosting, Workers AI, R2 storage (Mumbai region).
  • Turso (libSQL) — primary database, India-residency replicas.
  • MSG91 — transactional SMS for OTP delivery.
  • Resend — transactional email (welcome, password reset, receipts).
  • Razorpay — payment processing for subscriptions.

8. Updates

We will notify lab owners by email of material changes to this policy at least 30 days before they take effect.

9. Contact

Grievance Officer: privacy@med-os.in
Postal correspondence: MedOS, Mumbai, India.