Privacy Policy | VitaPath Pathology Laboratories

01 Introduction

VitaPath Pathology Laboratories ("we," "us," or "our") is committed to protecting the privacy and confidentiality of our patients' personal and health information. This policy describes our practices regarding the collection, use, and disclosure of information as required by the Protection of Personal Information Act (POPIA) and the National Health Act.

02 Collection of Health Information

We collect personal information directly from you or through your healthcare provider. This includes:

Clinical Data: Test request forms, medical history, and clinical samples (blood, tissue, etc.).
Bio-metric Data: In some cases, fingerprints or photos for positive patient identification.
Third-Party Data: Information from your medical aid or referring doctor necessary for accurate diagnosis and billing.

03 Automated Processing & Results

Laboratory results are generated through high-precision automated systems. These results are sensitive personal information. We use automated notifications (SMS or Email) to alert you when results are ready, but full reports are only accessible through secure, encrypted channels to maintain medical professional secrecy.

04 Data Retention & Destruction

Medical records are retained in accordance with the Health Professions Council of South Africa (HPCSA) guidelines. Generally, records are kept for a minimum of 6 years. Once the retention period expires, data is permanently de-identified or physically destroyed using secure medical-waste protocols for biological samples and certified shredding for paper records.

05 Security Measures

We implement world-class security protocols, including:

End-to-end encryption for all data in transit.
Firewalls and intrusion detection systems at our data centers.
Physical access controls at our laboratory facilities.
Mandatory privacy training for all pathology staff and couriers.

06 Your Legal Rights

As a data subject, you have the right to:

Request a copy of the personal information we hold about you.
Object to the processing of your data (though this may prevent us from conducting medical tests).
Lodge a complaint with the Information Regulator of South Africa if you believe your privacy has been compromised.

Need a formal copy of our PAIA manual?

Request Full Documentation