About Contact Login
Data Protection and Privacy

Privacy Policy

DIGAMS is committed to protecting personal and sensitive health data with strong safeguards, lawful processing, and clear accountability.

Effective Date 01/01/2025
Last Updated 01/01/2026
Organisation Impala Healthtech Research Limited
DIGAMS is a digital antimicrobial stewardship and diagnostics platform developed and operated by Impala Healthtech Research Limited ("Impala", "we", "us", or "our"). This Privacy Policy explains how we collect, use, disclose, and protect personal data when you use DIGAMS, in accordance with applicable laws.
DIGAMS supports clinical care, diagnostics, and pharmacy workflows. Because of this, we process personal data and sensitive health data with a strong emphasis on security, confidentiality, and lawful use.

1. About DIGAMS

DIGAMS is a digital health platform that connects clinical care, diagnostics, and pharmacy systems to support evidence-based decision-making and antimicrobial stewardship.

Given the nature of our services, we process personal and sensitive health data, and we are committed to ensuring its security, confidentiality, and lawful use.

2. Information We Collect

We collect the following categories of data:

2.1 Personal Data

  • Name, age, sex, and contact details
  • Unique identifiers such as patient ID and facility ID
  • Location data, including facility-level or geospatial data where applicable

2.2 Sensitive Personal Data

  • Clinical information including symptoms, diagnoses, and prescriptions
  • Laboratory results, including culture and sensitivity tests
  • Medication and treatment history
  • Biometric data where applicable, such as fingerprint identification through integrated tools

2.3 System and Usage Data

  • Device information and log data
  • User activity within the platform
  • Access timestamps and audit logs

3. How We Collect Data

We collect data through:

  • Direct input by clinicians, pharmacists, or authorized health workers
  • Integration with laboratories, health facilities, and partner systems
  • Digitally captured records during service delivery
  • Connected tools such as biometric or diagnostic systems

4. Purpose of Processing

We process personal data to:

  • Support clinical decision-making and improve patient outcomes
  • Enable laboratory diagnostics and sample tracking
  • Improve antimicrobial stewardship and antibiotic use
  • Generate aggregated insights for public health and research
  • Ensure system functionality, security, and performance
  • Comply with legal and regulatory obligations

We only process data for specific, legitimate, and clearly defined purposes.

6. Data Sharing and Disclosure

We may share data with:

  • Authorized healthcare providers and laboratories
  • Health system partners such as district health offices and public health programs
  • Research institutions in anonymized or approved formats
  • Technology partners under strict data protection agreements

We do not sell personal data.

All third parties are required to implement appropriate data protection measures.

7. Data Security

We implement strong technical and organizational safeguards, including:

  • Encryption of data in transit and at rest
  • Role-based access controls and authentication, including MFA where applicable
  • Secure cloud infrastructure and regular system monitoring
  • Audit logs and access tracking
  • Data minimization and anonymization for analytics and AI

8. Data Retention

We retain personal data only for as long as necessary to:

  • Provide healthcare and platform services
  • Fulfill legal, regulatory, and research obligations

After this period, data is securely deleted or anonymized.

9. Your Rights

Under the Data Protection and Privacy Act, 2019, you have the right to:

  • Access your personal data
  • Request correction of inaccurate data
  • Request deletion of your data where applicable
  • Object to or restrict processing
  • Withdraw consent where processing is based on consent
  • Lodge a complaint

10. Contact and Complaints

10.1 Contact Us

For any data protection requests or concerns, contact:

Data Protection Officer (DPO)
Impala Healthtech Research Limited
Email: support@digamsapp.com
Tel: +256 783731032
Address: National ICT Innovation Hub, Plot 9-21, New Portbell Road, Kampala, Uganda

10.2 Escalation to Regulator

If you are not satisfied with our response, you may lodge a complaint with the:

Personal Data Protection Office (PDPO)
National Information Technology Authority - Uganda (NITA-U)
Email: info@pdpo.go.ug
Website: https://www.pdpo.go.ug

11. International Data Transfers

Where data is transferred outside a country, we ensure:

  • Adequate levels of data protection, or
  • Appropriate safeguards such as contractual protections and secure infrastructure

12. Children's Data

Where DIGAMS is used to support care for children:

  • Data is processed in accordance with applicable laws and ethical approvals
  • Consent is obtained from parents or guardians where required

13. Updates to this Policy

We may update this Privacy Policy from time to time.

Updates will be communicated via the platform or other appropriate channels.

This page is part of the public DIGAMS website and is intended to provide clear information about how privacy and data protection are handled across the platform.