Back to Blog
Disease Guide6 min readAshvi Health TeamMarch 25, 2026

DPDP Act 2023 and Your Health Data: What You Must Know

DPDP Act 2023 and Your Health Data: What You Must Know

What is the DPDP Act 2023?

The Digital Personal Data Protection Act 2023 is India's first comprehensive data privacy law. It came into effect to protect how companies collect, store, and use your personal data — including health data.

Why Health Data is Special

Health data is the most sensitive personal data you have. It includes:

  • Lab reports and test results
  • Medical history and diagnoses
  • Prescriptions and medications
  • Family health information
  • Genetic and biometric data

Under the DPDP Act, health data gets the highest level of protection.

Your Rights Under DPDP

Right to Information You have the right to know what health data any app or service collects about you and why.

Right to Correction If your health data is inaccurate, you can request correction.

Right to Erasure You can request complete deletion of your health data at any time. Companies must comply within 72 hours.

Right to Consent No company can collect or process your health data without your explicit consent. You can withdraw consent anytime.

Right to Grievance Redressal If a company violates your data rights, you can file a complaint with the Data Protection Board of India.

What to Look For in Health Apps

Before using any health app, check:

  1. Encryption — Is your data encrypted at rest (AES-256) and in transit (TLS 1.3)?
  2. Data selling — Does the app sell your data to third parties?
  3. Deletion policy — Can you delete your data easily?
  4. Consent mechanism — Does the app ask for clear consent before collecting data?
  5. Data storage — Where is your data stored? Is it in India?

How Ashvi Complies

Ashvi Health is fully DPDP Act 2023 compliant:

  • AES-256 encryption at rest for all health data
  • TLS 1.3 for all data in transit
  • Zero data selling — your health data is never sold or shared
  • Full deletion — email security@ashvihealth.com and everything is deleted within 72 hours
  • Explicit consent — we ask before collecting any data
  • Minimal collection — we only collect what's needed to serve you

The Bottom Line

Your health data is yours. The DPDP Act ensures companies respect that. When choosing a health app, pick one that takes privacy seriously — not as a checkbox, but as a foundation.

Curious about your own report?

Ask Velora — she explains everything in your language.

Ask Velora

Related articles

Hemoglobin Kam Hai? ICMR Guide 2026 — Hindi mein
Lab Reports

Hemoglobin Kam Hai? ICMR Guide 2026 — Hindi mein

HbA1c Normal Range in India: What Your Number Means
Disease Guide

HbA1c Normal Range in India: What Your Number Means

CBC Report Explained: Every Value, In Plain Hindi
Lab Reports

CBC Report Explained: Every Value, In Plain Hindi

Join Ashvi Health

Be first to get your lab reports explained in your language.

Join Early Access