MINISTRY OF HEALTH

UNITED REPUBLIC OF TANZANIA

UNIFIED COMMUNITY SYSTEM (UCS)

PRIVACY POLICY

The Ministry of Health (MoH) respects your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use the Unified Community System (UCS) mobile application, which includes the CHW and Kituoni components. Please read this Privacy Policy carefully. IF YOU DO NOT AGREE WITH THE TERMS OF THIS PRIVACY POLICY, PLEASE DO NOT ACCESS THE APPLICATION.

1. Collection of Your Information

We may collect information about you in various ways, including:

Personal Data: Demographic and identifiable information (e.g., name, email address, phone number, date of birth, gender, and identification numbers) that you voluntarily provide when participating in activities related to the Application.
Health Data: We collect comprehensive health-related information including but not limited to:
- Medical history, diagnoses, and treatment records
- Vital signs (blood pressure, temperature, weight, height)
- Medication information and prescriptions
- Laboratory test results and medical assessments
- Immunization records and vaccination history
- Maternal and child health information (pregnancy records, delivery details, child growth monitoring)
- HIV/AIDS and tuberculosis testing and treatment data
- Nutritional status and dietary information
- Mental health assessments and counseling records
Community Health Worker (CHW) Data: Information related to CHW activities including home visits, referrals, follow-up records, and service delivery documentation.
Derivative Data: Information collected automatically by our servers, including actions integral to the Application such as timestamps, data entry patterns, and system interactions.
Geo-Location Information: Location-based information from your device, if permission is granted, to provide location-based services including mapping household locations and tracking service delivery areas.
Mobile Device Access: Access to specific features on your device (e.g., camera for capturing photos, Bluetooth for data synchronization).
Mobile Device Data: Device details like device ID, model, operating system version, phone number, and country.
Push Notifications: Notifications about your account, health alerts, appointment reminders, or Application updates.
Data from Surveys: Information provided when participating in health surveys, research studies, or feedback forms.

2. Use of Your Information

Having accurate information helps us provide quality healthcare services and a smooth user experience. We may use the collected information, including health data, to:

Provide, maintain, and improve healthcare services through the UCS platform
Facilitate communication between Community Health Workers, healthcare providers, and patients
Monitor and track health outcomes, disease surveillance, and public health trends
Generate health reports, analytics, and insights for healthcare planning and policy development
Send health alerts, appointment reminders, and important health information
Coordinate referrals and follow-up care between different levels of healthcare facilities
Support research and quality improvement initiatives in healthcare delivery
Ensure compliance with healthcare regulations and reporting requirements
Improve the efficiency and operation of the Application

3. Disclosure of Your Information

We may share your information, including health data, only in specific situations:

Healthcare Providers: With authorized healthcare providers, Community Health Workers, and healthcare facilities involved in your care.
Government Health Agencies: With the Ministry of Health and relevant government agencies for public health monitoring, disease surveillance, and healthcare planning.
By Law or to Protect Rights: To respond to legal processes or protect rights, property, and safety in accordance with applicable laws.
Third-Party Service Providers: With trusted third parties performing services on our behalf, such as data hosting, analytics, and technical support. These providers are contractually bound to protect your data and use it only for specified purposes.
Research Partners: With approved research institutions for public health research, only after de-identification of personal information and with appropriate ethical approvals.

4. Data Retention and Storage

How Long We Keep Your Data:

Active Health Records: Your health data and medical records will be retained for the duration of your active participation in the UCS system and for a minimum of 7 years after your last healthcare interaction, in accordance with Tanzania's health records retention requirements and international healthcare data standards.
Inactive Accounts: If your account remains inactive for 3 consecutive years with no healthcare interactions, your personal identifiable information will be archived and access will be restricted, while anonymized health data may be retained for public health research and planning purposes.
Legal and Compliance Data: Certain information may be retained longer if required by law, for regulatory compliance, audit purposes, or to resolve disputes.
De-identified Data: Aggregated and de-identified health data (data that cannot be traced back to you) may be retained indefinitely for research, public health monitoring, and healthcare system improvement.

5. Your Rights and Data Deletion

You have the following rights regarding your personal and health data:

Access Your Data: You have the right to request access to your personal and health information stored in the UCS system.
Correct Your Data: You may request corrections to inaccurate or incomplete personal information.
Request Data Deletion: You may request deletion of your personal data, subject to certain limitations described below.

How to Request Data Deletion:

To request deletion of your data, you may:

Contact your Community Health Worker who can initiate the request on your behalf
Submit a written request to the Ministry of Health at the contact information provided at the end of this policy
Email your request to ps@afya.go.tz with your full name, contact information, and UCS identification number

Data Deletion Process:

Upon receiving your deletion request, we will verify your identity and process the request within 30 business days.
We will permanently delete or anonymize your personal identifiable information, including your name, contact details, and identification numbers.
You will receive written confirmation once your data has been deleted.

⚠ Limitations on Data Deletion:

While we respect your right to data deletion, certain limitations apply:

Legal Requirements: We must retain certain health records as required by Tanzanian law, healthcare regulations, and international health standards (minimum 7 years for medical records).
Public Health Obligations: Health data related to disease surveillance, outbreak investigations, or public health emergencies may need to be retained for public health protection.
Active Treatment: If you are currently receiving treatment or have ongoing health needs, deletion of critical health information may not be possible until treatment is completed, as it is necessary for your safety and continuity of care.
Anonymized Data: De-identified and aggregated data that cannot be traced back to you may be retained for research and healthcare planning purposes.
Backup Systems: Data stored in backup systems may take up to 90 days to be completely removed from all systems.

6. Security of Your Information

We use administrative, technical, and physical security measures to protect your information, including health data. These measures include data encryption, secure servers, access controls, and regular security audits. However, please note that no data transmission over the internet or electronic storage system can be guaranteed to be completely secure. While we strive to protect your personal and health information, we cannot guarantee absolute security.

7. Tracking Technologies

Cookies and Web Beacons: We may use cookies and tracking pixels to customize and improve the Application. You may modify your device settings to accept or decline cookies, though this may affect some Application features.

8. Policy for Children

The UCS Application collects health information for children as part of maternal and child health services. This data is collected with parental or guardian consent and is used solely for healthcare delivery, monitoring child health and development, and public health purposes. We do not knowingly collect personal information from children for marketing purposes. If you have concerns about your child's data, please contact us using the information below.

9. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any significant changes by posting the new Privacy Policy in the Application and updating the "Last Updated" date. Your continued use of the Application after changes are posted constitutes your acceptance of the updated Privacy Policy.

10. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy, your personal data, health information, or data deletion, please contact us at:

Ministry of Health (MoH) Tanzania

P.O. Box 743
Dodoma, Tanzania

Email: ps@afya.go.tz