Patient Privacy Notice

First Step Investments (Pty) Ltd t/a MediScan | Version 1.0 | Effective date: 1 June 2025 | POPIA Compliant

First Step Investments (Pty) Ltd t/a MediScan ("we", "us", "MediScan") is committed to protecting your personal information in accordance with the Protection of Personal Information Act 4 of 2013 ("POPIA") and all applicable South African health-data legislation, including the National Health Act 61 of 2003. This notice explains what information we collect, why we collect it, how long we keep it, and what rights you have.

1. Who is the Responsible Party?

First Step Investments (Pty) Ltd t/a MediScan is the Responsible Party as defined by POPIA. Our registered Information Officer can be reached at:

Email: privacy@medi-scan.co.za
Postal: PO Box XXX, Johannesburg, 2000, South Africa

The healthcare facility at which you are registered acts as an Operator processing your data on behalf of MediScan under a Data Processing Agreement.

2. What Personal Information We Collect

Category	Examples	Sensitivity
Identity	Full name, South African ID number, date of birth, gender	Personal
Contact	Phone number, address	Personal
Biometric	Fingerprint template hash, facial recognition vector	Special (biometric)
Clinical / Health	Encounter records, diagnostic forms, uploaded documents (X-ray, MRI, etc.)	Special (health)
Consent records	Date, type and outcome of each consent given	Personal
Audit trail	Timestamp, action, user agent - who accessed what and when	Personal

We do not collect racial or ethnic information beyond what is clinically required by the receiving healthcare facility.

3. Lawful Basis for Processing

Consent (s 11(1)(a)) - You provided explicit written or electronic consent during registration. You may withdraw consent at any time (see Section 8).
Contractual necessity (s 11(1)(b)) - Processing is required to provide identity verification services to your healthcare facility.
Compliance with legal obligation (s 11(1)(c)) - The National Health Act and Regulations Relating to Categories of Acts Performed by Health Care Personnel require accurate patient identification.
Legitimate interest (s 11(1)(f)) - Maintaining a secure audit trail to prevent fraudulent healthcare claims.

For biometric and health data (Special Personal Information), we rely exclusively on your explicit written consent (POPIA s 27(1)(a)) supplemented where applicable by the medical treatment exception (s 32).

4. How We Use Your Information

Verifying your identity at point of care to prevent medical identity fraud.
Enrolling and storing biometric templates to enable fast, secure identification.
Transmitting clinical encounter summaries to the facility's Hospital Management System (HMS) via a secured, encrypted webhook.
Generating anonymised population-level reporting for public-health analytics (no individual can be re-identified).
Maintaining an immutable audit log required by POPIA and the National Health Act.

5. Data Sharing and Cross-Border Transfers

Recipient	Purpose	Location	Safeguard
Healthcare facility staff	Patient identification & care	South Africa	Staff NDA + T&Cs
Hospital HMS	Encounter synchronisation	South Africa (facility data centre)	Encrypted webhook (TLS 1.2+), Data Processing Agreement
Google Firebase (Firestore)	Cloud data storage	US (us-central1) / EU fallback	Google's Standard Contractual Clauses (GDPR Article 46); POPIA s 72 adequacy assessment on file
Regulators	Legal compliance	South Africa	Mandatory disclosure under POPIA, NHA, or court order only

We do not sell your personal information to any third party.

6. Retention Periods

Record type	Minimum retention	Authority
Patient identity & biometric	5 years after last contact	NHA Reg. & POPIA s 14
Clinical encounter records	6 years (adults); until age 21 for minors	Medical Schemes Act / NHA
Consent records	10 years	POPIA & NHA best practice
Audit logs	3 years	POPIA s 14 & internal policy
Uploaded documents	As per clinical record	NHA

7. Security Measures

All data in transit is encrypted using TLS 1.2 or higher.
Biometric templates are stored as one-way hashed vectors; the original fingerprint image is never retained.
Firestore security rules enforce role-based access - staff can only access patients at their assigned facility.
WebAuthn (FIDO2) passkeys are used for device-bound biometric verification where supported.
PINs are salted and hashed using SHA-256 and are never transmitted in plain text.
All access is logged in an append-only audit collection.

8. Your Rights Under POPIA

You have the right to:

Access (s 23) - Request a copy of all personal information we hold about you.
Correction (s 24) - Request correction of inaccurate, incomplete, misleading or out-of-date information.
Deletion (s 24) - Request deletion of information we no longer have a lawful basis to hold (subject to statutory retention obligations above).
Object (s 11(3)) - Object to processing based on legitimate interest.
Withdraw consent - Withdraw consent at any time; this will not affect the lawfulness of processing before withdrawal but may limit our ability to verify your identity or provide services.
Complain (s 74) - Lodge a complaint with the Information Regulator of South Africa at inforegulator.org.za if you believe we have violated POPIA.

Submit rights requests to privacy@medi-scan.co.za. We will respond within 30 days.

9. Automated Decision-Making and Profiling

MediScan does not use your data for automated decision-making that produces legal or similarly significant effects on you. Identity verification is a technical match solely used to confirm your identity at point of care.

10. Cookies and Analytics

The MediScan web application does not use marketing or tracking cookies. Firebase Analytics may collect anonymised usage telemetry (session duration, feature usage) to improve the product. No personally identifiable information is sent to analytics.

11. Changes to This Notice

We will inform you of material changes by posting an updated notice in the application and, where feasible, by direct notification. The effective date at the top of this page indicates the current version.

12. Contact Us

For privacy inquiries, data requests, or consent withdrawal:

Email: privacy@medi-scan.co.za
Subject line: POPIA Data Request - [Your Full Name]