Privacy Policy
Effective Date: 1 December 2025
Red Giants Medical Centre (RGMC) is committed to protecting the privacy and confidentiality of your personal data and sensitive personal data in accordance with the Personal Data Protection Act 2010 (PDPA) of Malaysia. This Policy outlines how we collect, use, maintain, and disclose your data.
1. Data Collection and Sources
We collect personal data from you and third-party sources when you:
Register as a patient or client at RGMC.
Make an appointment or utilise our medical services (e.g., consultations, treatment, procedures).
Use our website or interact with our online platforms ($\text{[https://rgmc.com.my/](https://rgmc.com.my/)}$).
Communicate with us via telephone, email, or in person.
A. Types of Data Collected
The data we collect may include, but is not limited to:
| Category | Examples of Data Collected |
| Personal Identity | Name, NRIC/Passport number, date of birth, nationality, gender, photograph. |
| Contact Information | Residential address, email address, phone numbers (mobile and landline). |
| Sensitive Personal Data | Medical history, reports, diagnoses, treatment records, lab results, allergies, family medical history. |
| Financial/Payment Info | Insurance details, billing information, payment records (but not full credit card numbers). |
| Website/Technical | IP address, browser type, cookies, device information, and usage statistics. |
2. Purposes of Processing Your Data
Your personal data is collected and processed for the following essential purposes:
To provide Medical Services: To deliver appropriate medical advice, diagnosis, treatment, and ongoing care.
Administration and Operations: For appointment scheduling, billing, processing claims (insurance/third-party payers), and managing patient records.
Communication: To contact you regarding appointments, follow-up care, test results, or changes to our services.
Legal & Regulatory Compliance: To comply with legal requirements, regulatory obligations (e.g., Ministry of Health), and court orders.
Improvement of Services: For internal auditing, service analysis, and quality assurance to enhance patient care and services.
3. Disclosure of Personal Data
RGMC treats your medical data with the strictest confidence. We will only disclose your data to third parties under the following circumstances:
With Your Explicit Consent: To your authorised representatives, family members, or emergency contacts.
Referrals: To other healthcare providers (e.g., specialists, laboratories, hospitals) for referral, consultation, or continuity of care.
Third-Party Payers: To your medical insurance providers, employers, or third-party guarantors for billing and claims processing.
Legal Requirements: Where required by law, regulatory bodies, government agencies, or court orders (e.g., mandatory reporting of infectious diseases).
Service Providers: To third-party service providers (e.g., IT support, data storage providers) who assist RGMC in its operations, strictly under non-disclosure agreements.
4. Security and Retention
Security Measures: RGMC implements stringent administrative, physical, and technical safeguards (including electronic medical record security, access controls, and firewalls) to protect your data from loss, misuse, unauthorised access, disclosure, alteration, or destruction.
Retention Period: We retain your personal data and medical records for as long as necessary to fulfil the purposes outlined in this Policy, or as required by Malaysian legal, regulatory, or administrative requirements governing medical practice.
5. Your Rights as a Data Subject
In accordance with the PDPA 2010, you have the right to:
Access: Request access to your personal data held by RGMC (subject to legal limitations).
Correction: Request correction or update of any inaccurate, incomplete, or outdated personal data.
Withdraw Consent: Withdraw your consent to the processing of your data, subject to any existing legal obligations or contractual requirements. Withdrawal may affect our ability to provide certain services.