Compliance & Security

Privacy Policy &
Legal Compliance

At Digifort Labs, protection isn't just a feature—it's our foundation. We adhere to the strictest global and local standards to safeguard your medical archives.

Digital Personal Data Protection (DPDP) Act, 2023

Digifort Labs is fully compliant with the DPDP Act 2023. We act as a Data Fiduciary for our direct clients and a Data Processor for the hospitals we serve.

  • Consent: We process personal data only for lawful purposes with explicit consent.
  • Data Minimization: We collect only the data necessary for archival and retrieval services.
  • Rights of Data Principals: Patients and hospitals retain the right to access, correct, and erase their data.
  • Grievance Redressal: Our dedicated Data Protection Officer (DPO) handles all compliance inquiries.

Security Infrastructure

Our defense-in-depth strategy ensures your data is immune to unauthorized access.

Encryption at Rest

All files are encrypted using AES-256 before being stored in our S3-compatible vaults.

Encryption in Transit

All data transfer occurs over TLS 1.3 encrypted channels.

Transparency & Audits

Total visibility is key to trust. Every interaction with a record—whether physical movement or digital access—is logged in our immutable audit ledger.

These logs are available to hospital administrators at any time for compliance verification.

Last Updated: October 26, 2025

For legal inquiries, contact legal@digifortlabs.com