Privacy Policy - VitaPath

Last Updated: January 6, 2026

            Important: VitaPath is committed to protecting your privacy and ensuring the confidentiality of your personal and medical information in compliance with the Protection of Personal Information Act (POPIA) and other applicable South African laws.
        

1. Introduction

VitaPath ("we", "us", "our") respects your privacy and is committed to protecting your personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our pathology services, visit our website, or interact with us.

2. Information We Collect

2.1 Personal Information

Full name, date of birth, and identity number
Contact information (address, phone number, email)
Medical aid details and billing information
Emergency contact information

2.2 Medical Information

Test results and laboratory findings
Medical history relevant to testing
Physician referrals and clinical notes
Biological samples and specimen information

2.3 Technical Information

IP address and browser information
Usage data and website analytics
Login credentials for patient portal access

3. How We Use Your Information

We use your information for the following purposes:

Diagnostic Services: Processing laboratory tests and providing accurate results
Clinical Care: Supporting healthcare professionals in patient treatment
Communication: Sending test results and important health notifications
Billing: Processing payments and medical aid claims
Quality Assurance: Maintaining and improving service standards
Compliance: Meeting legal and regulatory requirements
Research: De-identified data for medical research (with consent)

4. Information Sharing and Disclosure

4.1 Authorized Disclosures

We may share your information with:

Your Healthcare Provider: Test results and clinical reports
Medical Aid Schemes: For claims processing and authorization
Regulatory Authorities: As required by law (e.g., notifiable diseases)
Service Providers: Trusted partners who assist our operations (under strict confidentiality)

4.2 Legal Requirements

We may disclose information when required by:

Court orders or legal processes
Public health authorities
Law enforcement (with proper authorization)
Protection of rights and safety

5. Data Security

We implement comprehensive security measures to protect your information:

Encrypted data transmission and storage
Secure access controls and authentication
Regular security audits and assessments
Staff training on confidentiality and data protection
Physical security of laboratory facilities
Secure disposal of records and samples

6. Your Rights Under POPIA

You have the right to:

Access: Request copies of your personal and medical information
Correction: Request correction of inaccurate information
Deletion: Request deletion of information (subject to legal retention requirements)
Object: Object to processing of your information
Restriction: Request restriction of processing
Portability: Receive your information in a portable format
Withdraw Consent: Withdraw consent at any time (where applicable)
Complain: Lodge a complaint with the Information Regulator

7. Retention of Information

We retain your information for:

Medical Records: Minimum 6 years as per Health Professions Council requirements
Laboratory Results: As required by accreditation standards
Financial Records: As required by tax legislation
Research Data: As approved by ethics committees (de-identified)

8. Cookies and Website Analytics

Our website uses cookies to:

Improve user experience and functionality
Analyze website traffic and usage patterns
Maintain secure login sessions

You can control cookies through your browser settings.

9. Third-Party Links

Our website may contain links to third-party websites. We are not responsible for the privacy practices of these external sites. Please review their privacy policies before providing any information.

10. Children's Privacy

We collect information from minors only with parental or legal guardian consent. Parents/guardians have the right to access, review, and request deletion of their child's information.

11. International Data Transfers

Your information is primarily processed within South Africa. Any international transfers comply with POPIA requirements and include appropriate safeguards.

12. Changes to This Privacy Policy

We may update this Privacy Policy periodically. Significant changes will be communicated via:

Website notification
Email to registered users
Notice at our facilities

13. Contact Us

For privacy-related inquiries or to exercise your rights, contact our Information Officer:

Email: privacy@vitapath.co.za
Phone: +27 (0)11 XXX XXXX
Address: VitaPath Laboratories, Johannesburg, South Africa

14. Complaints

If you believe your privacy rights have been violated, you may:

Contact our Information Officer (details above)
Lodge a complaint with the Information Regulator of South Africa:
Email: inforeg@justice.gov.za
Website: www.justice.gov.za/inforeg

            Consent: By using VitaPath services, you acknowledge that you have read and understood this Privacy Policy and consent to the collection, use, and disclosure of your information as described herein.
        

← Back to Homepage