Who we are

PSMI Pvt Ltd is committed to protecting the privacy and security of your personal information. This privacy policy explains how we collect, use, and protect this information.

Introduction

We understand the importance of maintaining the confidentiality and security of your personal information. We are committed to protecting your privacy and ensuring that your personal information is handled in accordance with relevant laws and regulations.

What Personal Information do we collect?

We collect the following personal information from you including:

  • Demographic data.
  • Medical history and treatment information.
  • Insurance and billing information.
  • Biometric information for member verification.
  • Employee personal information.
  • Contractors, customer and supplier personal information.
  • Walk-in visitor’s personal information.
  • Patient or employee next of kin personal details.
  • Employee family details soouse and children.

Where do we get personal information from?

We get information directly from you. Under special circumstances information may be obtained from third parties especially in cases where data subject has no capacity to provide required personal, medical and treatment information.

How do we use your personal information?

We use your personal information to:
Patients

  • Provide medical treatment and care – We may use and disclose your health information to provide you with medical treatment services.
  • Communicate with you about your care and treatment.
  • Communicate with your next of kin in cases where we seek their assistance, require their input, or need to advise them on important matters regarding your care.
  • Bill and collect payment for service – We may use and disclose your health information to obtain payment for the treatment and services we provide to you. This may include sharing information with your insurance company.
  • Biometric data for verifying insurance member status and registering new entrants on behalf of insurance companies.
  • Conduct quality improvement and risk management activities – We may use and disclose your health information for our healthcare operations.
  • This includes activities such as quality assessment and improvement, employee review, and business planning and development.
  • Internal data analytics to inform and enhance our product and service offerings.
  • Participate in Government initiated public health activities.
  • Comply with relevant laws and regulations.
  • For research (With your explicit consent).

Employees

  • Administrative and HR purposes – To manage employee records, payroll, benefits, and performance evaluations.
  • Compliance with laws and regulations – To fulfil bligations under employment laws, tax laws, and other regulatory requirements.
  • Employee relations and communication – To maintain contact information, manage employee engagement, and facilitate internal communication.
  • Health, safety, and well-being – To provide a safe working environment, and support employee well-being initiatives.
  • Security and access control – To manage access to company facilities, systems, and data.
  • Performance management and development – To evaluate employee performance, identify training needs, and support career development.
  • Business operations and management – To analyse workforce trends, plan for future staffing needs, and make informed business decisions.
  • Use children details to better manage and control related benefits.

Contractors, Customers and Suppliers

Contract administration – To manage contracts, invoices, and payments. Procurement and supply chain management – Tomanage supplier relationships, track orders, and ensure timely delivery.

Who do we share your personal information with?

Depending on personal information collected from you, we may share your information with the following:

  • Medical Insurance companies.
  • Healthcare providers and professionals involved in your care. This includes sharing information with doctors, nurses, technicians, and other healthcare professionals who are involved in your care.
  • Regulatory bodies, and the Government.
  • Legal representatives or law enforcement agencies if necessary to pursue or defend a legal claim.
  • Family members involved in your care. (With your explicit consent).
  • Employee personality and character information shared with other Employers. (With your explicit consent).
  • Our data processors who assist us in processing your data.

How long do we keep information?

The Company shall comply with the prescribed timelines and periods as stipulated in the applicable laws andregulations pertaining to the type of personal information.

Sharing of your information outside Zimbabwe?

We do not share any of your information with anyone outside Zimbabwe. In the event that it becomes necessary to share any of your information outside Zimbabwe, such transfers will be conducted in strict accordance with the prevailing laws and regulations.

How do we protect your personal information?

We take reasonable steps to protect your personal information from unauthorized access, use, or disclosure.

These steps include:

  • Implementing physical, technical, and administrative safeguards.
  • Limiting access to authorized personnel.
  • Encrypting electronic records at rest.
  • e Conducting regular security risk assessments and audits.

Your Rights

You have the right to:

  • Request access to your personal information.
  • Request restrictions on the use and disclosure of your personal information.
  • Receive an account of disclosures of your personal information.
  • Request a copy of your personal information.
  • Request correction to your personal information.
  • File a complaint with us or with the relevant regulatory authority.

To exercise any of the rights mentioned above, we may require proof of your identity. Kindly also take note that some limitations may apply to these rights. For example, we may decline your request if it would inadvertently disclose the personal information of another individual. If we are legally or contractually obligated to retain your information, or if we have a legitimate interest in doing so, we may not be able to delete it even upon your request.
All requests must be submitted in writing. We aim to respond to your request within 30 days of receipt. In some cases, we may require an extension, in which case we will inform you of the reason for the delay.

Complaints

If you believe your privacy rights have been violated, you can file a complaint with our Privacy Officer. If you are not satisfied with the remedy provided by our Privacy Officer, you may also file a complaint with the Data Protection Authority of Zimbabwe (POTRAZ) regarding the issues you have raised.

Changes to This Notice

We reserve the right to change this notice at any time. If we make any changes, we will post the new notice on our website and notice boards and provide you with a copy upon request.

Contact Us

If you have any questions or queries about this privacy notice, handling of your personal information, or require a soft copy of this notice, please contact our Data Protection Officer at:
Data Protection Officer
PSMI Pvt Ltd
Parkview Hospital
56 Baines Av Harare
+263774845787
dpo@psmi.co.zw

By using our services or providing us with your personal information, you acknowledge that you have read, understood, and agree to be bound by this privacy notice.

Effective Date
This notice is effective as of 01/01/2025.