Privacy Policy

Last updated: June 2026  ·  Benevita Home Health Care

Benevita Home Health Care ("we", "our", "Benevita") is committed to protecting the privacy and security of your personal and health information. This policy explains what data we collect, how we use it, and your rights — in compliance with Kenya's Data Protection Act 2019, HIPAA principles, and GDPR where applicable.

1. Information We Collect

  • Identity data: name, national ID, date of birth, gender
  • Contact data: phone number, email address, home address
  • Health data: medical history, diagnoses, medications, vital signs, visit reports
  • Insurance data: insurer name, policy number, pre-authorisation codes
  • Usage data: browser type, device, pages visited, timestamps (non-identifiable analytics only)

2. How We Use Your Information

  • To match you with licensed nurses and coordinate home visits
  • To communicate appointment confirmations, reminders, and reports
  • To process insurance claims and billing
  • To maintain clinical records required by Kenya's health regulations
  • To improve the safety and quality of our services

3. Legal Basis for Processing

We process health data on the basis of (a) your explicit consent, (b) performance of the healthcare contract you enter into with us, and (c) compliance with legal obligations under the Health Act, CAP 242, and the Data Protection Act 2019.

4. Sharing Your Information

We do not sell your personal data. We share your data only with:

  • Assigned nurses and doctors involved in your care
  • Your insurance provider, with your consent, for claims processing
  • Referral partners (e.g., hospitals), where you have authorised a referral
  • Regulatory bodies if required by law

5. Data Retention

Clinical records are retained for 10 years following your last contact with us, as required by Kenyan health regulations. Consent records are kept for 3 years following revocation. Audit logs are retained for 7 years.

6. Your Rights

  • Access: request a copy of your personal data
  • Correction: request inaccurate data be corrected
  • Erasure: request deletion (subject to clinical record retention obligations)
  • Withdrawal of consent: withdraw marketing or research consent at any time
  • Data portability: receive your data in a structured, readable format

To exercise any right, email us at privacy@benevita.co.ke.

7. Security

We use TLS 1.3 encryption in transit, AES-256 encryption at rest, role-based access controls, and maintain a full audit trail of all access to health records in compliance with HIPAA security principles and ISO 27001.

8. Cookies

Our public website uses only essential session cookies. We do not use tracking or advertising cookies. No personal data is shared with advertising networks.

9. Contact

Data Protection Officer: privacy@benevita.co.ke
Benevita Home Health Care, Nairobi, Kenya