14 questions tailored to your clinic type. A personalised compliance score and the exact steps to close your gaps, in under 5 minutes.
Failure to implement reasonable security safeguards: unencrypted records, insufficient access controls, or insecure third-party integrations.
Failure to notify the Data Protection Board and affected patients within 72 hours of a confirmed data breach.
14 questions covering consent, data storage, third-party sharing, breach response, and patient rights. Tailored to your clinic type.
Your responses are scored across six DPDP compliance areas, giving you a clear risk level: Largely Compliant, Partially Ready, or High Risk.
A precise list of the gaps that need closing, ordered by risk severity. Plain language, no legal jargon. Actionable for any clinic today.
Built against the DPDP Act 2023, MCI record-keeping guidelines, and PCPNDT obligations where applicable.
Do patients receive a written notice before data is collected? Do you have purpose-specific consent: treatment, referrals, and marketing kept separate?
Can patients access, correct, and permanently erase their personal data on request, and can you respond within 48 hours?
Where is patient data stored? Do you have written retention periods and a documented deletion protocol for when data has served its purpose?
Do every lab, pharmacy, and SaaS tool that receives patient data from you have signed Data Processing Agreements?
Do you have a written incident response plan? Can you detect a breach and notify the Data Protection Board within the mandatory 72-hour window?
Do you have verified parental consent for patients under 18? Are clinical records protected with role-based access controls?
14 questions. Your personalised DPDP risk report at the end.
14 clinic-specific questions. A personalised compliance score and an actionable gaps list at the end. Free, no login required.