MASTER DATA PRIVACY &
AI GOVERNANCE MANDATE
RSX Hospital Global Network
Table of Contents
ARTICLE I: PREAMBLE & BINDING AGREEMENT
This document constitutes an “Electronic Record” under the provisions of the Information Technology Act, 2000 and the Digital Personal Data Protection (DPDP) Act, 2023. This Policy governs the relationship between RSX Hospital (hereinafter “Data Fiduciary”) and the Patient/User (hereinafter “Data Principal”). This Policy requires no physical or digital signature to be legally binding. Accessing the RSX Platform, entering an RSX Facility, or initiating an AI Consultation constitutes absolute acceptance.
You explicitly acknowledge that RSX Hospital is a technology-first, AI-driven healthcare entity. A significant majority of diagnostic triage, pathology analysis, radiological interpretation, and patient monitoring is performed by autonomous Artificial Intelligence agents, Neural Networks, and Deep Learning algorithms with minimal human intervention.
ARTICLE II: EXTENSIVE LEGAL DEFINITIONS
For the purpose of this Policy, the following terms shall have specific legal meanings:
Refers to RSX’s proprietary Large Language Models (LLMs) and Generative Pre-trained Transformers fine-tuned on medical datasets to simulate clinical interaction, history taking, and differential diagnosis.
Refers to high-fidelity physiological data captured via RSX Scanning Modules, including 3D facial mesh points, retinal vascular patterns, thermal maps, gait analysis, and photoplethysmography (PPG) signals extracted from video feeds.
New data points generated solely by Algorithms based on raw inputs. (e.g., A “Cardiac Risk Score” calculated from voice tremors, which was not explicitly provided by the User but inferred by the System).
The protocol wherein a Registered Medical Practitioner (RMP) reviews AI-generated critical alerts. Note: HITL is not guaranteed for non-critical, general wellness queries.
ARTICLE III: THE AI INFRASTRUCTURE MANDATE
RSX employs Convolutional Neural Networks (CNNs) to analyze:
- Radiology: X-Rays, MRIs, and CT Scans are pre-read by AI to detect anomalies (tumors, fractures) with pixel-level precision.
- Dermatology: Skin lesions are analyzed via computer vision to calculate probability scores for malignancy (e.g., Melanoma).
- Pathology: Blood smear images are counted and classified by automated optical recognition systems.
When authorized, the RSX App/Terminal utilizes device sensors to perform:
- rPPG Extraction: Measuring Heart Rate, SpO2, and Respiration Rate by analyzing subtle color changes in facial skin via video feed.
- Skeletal Tracking: Analyzing posture, gait, and range of motion for orthopedic assessment.
- Thermal Inference: Detecting inflammation or fever signatures (via specialized hardware).
ARTICLE IV: AUTOMATED DATA COLLECTION
RSX operates a “Total-Data” ecosystem. We collect:
Information explicitly provided: Name, Age, Gender, Aadhaar Number (KYC), Insurance Policy Details, Current Symptoms, Past Medical History.
Background data collection for safety and diagnostics:
- Voice Biomarkers: Analysis of vocal tone, pitch, and pauses to detect neurological or respiratory conditions (e.g., Parkinson’s, COVID-19).
- Device Sensors: Accelerometer/Gyroscope data to detect falls or tremors.
- Geolocation: Precise location for emergency ambulance routing.
ARTICLE V: PURPOSE OF PROCESSING
Processing is necessary to generate AI Diagnosis, issue e-Prescriptions, and formulate treatment plans.
CRITICAL CLAUSE: You grant RSX a perpetual, irrevocable, worldwide, royalty-free license to use De-identified (Anonymized) data derived from your interactions to train, fine-tune, and improve our AI Models. This data is stripped of PII (Personally Identifiable Information) and cannot be traced back to you. This is a legitimate business interest for the advancement of medical science.
To report Notifiable Diseases (e.g., TB, HIV) to government authorities (ICMR/NCDC) as mandated by Indian Law.
ARTICLE VI: DPDP ACT COMPLIANCE & RIGHTS
Consent is obtained via a “Consent Manager” framework. It is Free, Specific, Informed, Unconditional, and Unambiguous. You may manage consent granularly via the RSX App Settings.
- Right to Access: Request a summary of personal data and AI inferences held by RSX.
- Right to Correction: Update incorrect health history that may be affecting AI diagnosis.
- Right to Erasure: Request deletion of data (“Right to be Forgotten”), subject to statutory retention periods (e.g., Medical Records must be kept for specific periods by law).
- Right to Nominate: Appoint a beneficiary to manage data rights in the event of death.
All Sensitive Personal Data of Indian citizens is stored exclusively on servers located within the territory of India (MeitY Empaneled Cloud Providers). Cross-border transfer occurs only for specific “International Second Opinions” initiated by the User.
ARTICLE VII: LIABILITY, INDEMNITY & ETHICS
You acknowledge that Medicine is an art of probability, and AI is a statistical tool. RSX AI provides a likelihood of diagnosis, not a certainty. RSX Hospital is NOT LIABLE for errors arising from AI “Hallucinations” (statistical anomalies) if the User fails to consult a Human RMP for critical conditions.
RSX is not liable for incorrect diagnoses resulting from: (a) False data input by the User; (b) Poor quality of uploaded images/scans; (c) Concealment of medical history.
RSX shall not be held responsible for data breaches caused by state-sponsored cyber-attacks, Acts of God, or infrastructure failure beyond reasonable control, provided standard ISO 27001 security protocols were in place.
ARTICLE VIII: GRIEVANCE REDRESSAL
In accordance with the DPDP Act 2023, RSX Hospital has appointed a Data Protection Officer (DPO).
OFFICIAL CONTACT
For Legal Notices, DPDP Access Requests, and Grievances:
Support@rsxhospital.inESCALATION AUTHORITY: DATA PROTECTION BOARD OF INDIA