DIFF Medical Centre's Privacy Policy

Diff Medical Centre strives to provide our patients with excellent medical care and services and the Physicians and Staff of Diff Medical Center are committed to protecting the privacy and the confidentiality in the handling of patient personal information.

The appropriate collection, use and disclosure of patients’ personal health information is fundamental to our day-to-day operations and to patient care and we go to great lengths to ensure that patient privacy is protected.

We are committed to protecting the privacy of all visitors to our websites and mobile applications. This privacy policy is to help you understand what information we collect, how we use it, what choices you have, and other important information regarding the use of information collected through our medical forms, websites, online services, consultations, etc. Our Privacy Policy applies to the personal health information of all our patients that is in our possession and control.

Diff Medical Centre is referred to in this privacy notice, collectively, as “Diff Medical Center,” “DMC” “we,” “us,” or “our.”

If you have any questions or comments about this privacy policy or the ways in which DMC uses the information we collect online, please do not hesitate to contact us using the contact information provided at the bottom of this statement.

Purpose And Scope

We ask you for information to establish a medical relationship and serve your healthcare needs.  We obtain most of our information about you directly from you, or from other health practitioners whom you have seen and authorized to disclose to us.  You are entitled to know how we use your information and this is described subsequently.  We will limit the information we collect to what we need for those purposes, and we will use it only for those purposes.  We will obtain your consent if we wish to use your information for any other purpose

This privacy policy applies to information collected through any websites, mobile applications, and/or online or mobile-enabled technology, and/or digital tools that display or link to this privacy policy (collectively, our “Online Platforms”). This privacy policy also applies to information shared with us by our approved partners and other third-party sources.

This privacy policy does not apply to (i) information collected from you either offline or through websites and other online services that do not display or link to this privacy policy, including third-party websites to which our online services may link, or (ii) information that would be considered “Protected Health Information” under the Health Insurance Portability and Accountability Act of 1996 (HIPAA).


You have the right to determine how your personal health information is used and disclosed.  For most health care purposes, your consent is implied as a result of your consent to treatment, however, in all circumstances express consent must be written. Your written Consent will be documented in patient’s medical records and notify appropriate Health care providers and their supporting staff. 

Patients who have withdrawn consent to disclose personal Health information must sign and date the Consent to Withdrawal Form. It is understood that the consent directive applies only to the PHI which the patient has already provided, and not to PHI which the patient might provide in the future. The National Health Act 2014 permits healthcare providers to collect, use, and disclose personal health information, despite the consent directive, in certain circumstances, such as emergencies, public safety (prevention of infectious diseases, crime, etc.), protection of children, legally authorised disclosure, medical research, etc.

Collection And Use Of Information

We collect information by fair and lawful means and collect only that information which may be necessary for purposes related to the provision of your medical care. 

The information we request from you is used for the purposes defined above.  We will seek your consent before using the information for purposes beyond the scope of the posted Privacy policy. 

Under no circumstances do we sell patient lists or other personal information to third parties.  There are some types of disclosure of your personal health information that may occur as part of this Practice fulfilling its routine obligations and/or practice management.  This includes consultants and suppliers to the Practice, on the understanding that they abide by our Privacy Policy, and only to the extent necessary to allow them to provide business services or support to this Practice. 

We will retain your information only for the time it is required for the purposes we describe and once your personal information is no longer required, it will be destroyed.  However, due to our on-going exposure to potential claims, some information is kept for a longer period. 

Patients will be required to sign and date a consent to Disclose personal health information to a third party prior to release of information. Note that this is at no cost to you.

When you view and/or interact with our Online Platforms, we may collect and combine information about you, how you engage with our Online Platforms, and the devices you use to view and/or interact with our Online Platforms for the legitimate purposes described below. This includes information you provide to us in connection with your use of the Online Platforms and information collected automatically when you view and/or interact with our Online Platforms.

Some of the information we collect may be personally identifiable information, which includes, but is not limited to, information like your name, email address, postal address, or phone number. We do not collect information that would personally identify you unless you choose to provide it or as otherwise provided in this privacy statement. You can access and browse our Online Platforms at any time without providing any personally identifying information.

We collect information you provide directly to us, such as when you create or modify your account or user preferences, sign up for a newsletter, contact us, respond to a survey, or otherwise communicate with us. This information may include your name, email address, phone number, address, insurance information, personal health information (however this does not rise to the level of “Protected Health Information” protected by the National Health Act), survey responses, user content stored or entered into the forms found in our Online Platforms, and other information you choose to provide through use of our Online Platforms.

The information you provide to us will be used to (i) set up your account (if applicable); (ii) if you elect to receive information from DMC, provide you with such information; (iii) improve the Online Platforms; (iv) respond to your inquiries; (v) and/or fulfill any other purpose for which you provided it.

We will not use the information you provide for any purposes other than as described in this privacy policy or explained to you at the point at which the information was collected.

We may automatically collect additional information about your visit to our Online Platforms, including pages you visit, your geographic location based solely on your Internet Protocol (IP) address, promotions with which you interacted, and other behaviors. This information is collected for the purpose of improving your overall visit to our Online Platforms by providing interest-based content. For example, we may collect information about your geographic location and a specific interest, based on topics you have browsed on our Online Platforms, so that we can highlight a program or resource close to your location. The data may also be used to provide interest-based content for communications for which you have opted in.

We may also gather certain information automatically, including but not limited to, IP addresses, browser type, Internet Service Provider (ISP), operating system, date/time stamp, mobile location and device type, and/or clickstream data. This information may be collected via cookies, web beacons, and/or similar technologies that help us serve you better, for example, by making your interactions with our Online Platforms faster or more personalized. The information we collect automatically through these technologies may be linked to other information we collect about you.

Protecting Your Information

We protect your information with appropriate safeguards and security measures. DMC maintains personal information in a combination of paper and electronic files.  Recent paper records concerning individuals’ personal information are stored in files kept onsite at our office.  Older records may be stored securely offsite.   

Access to personal information will be authorized only for the physicians and employees associated with the hospital, and other agents who require access in the performance of their duties, and to those otherwise authorized by law. 

We provide information to health care providers acting on your behalf, on the understanding that they are also bound by law and ethics to safeguard your privacy.  Other organizations and agents must agree to abide by our Privacy Policy and may be asked to sign contracts to that effect.  We will give them only the information necessary to perform the services for which they are engaged, and will require that they not store, use or disclose the information for purposes other than to carry out those services. 

Our computer systems are password-secured and constructed in such a way that only authorized individuals can access secure systems and databases. We as well urge you to take steps to keep your private information secure, such as choosing strong passwords and never sharing your password with anyone else. If you create or receive a password in connection with our Online Platform access, please notify us promptly if you believe your password security has been breached, and remember to log off of the Online Platform before you leave your computer or mobile device.

If you send us an e-mail message that includes personal information, such as your name included in the “address”, we will use that information to respond to your inquiry.  Please remember that e-mail is not necessarily secure against interception.  If your communication is very sensitive, you should not send it electronically unless the e-mail is encrypted or your browser indicates that the access is secure. 

For users visiting our online platforms from outside Nigeria, Diff Medical Center is located in Nigeria. If you are visiting the Online Platforms, or any part thereof, from outside of Nigeria, please be aware that your information may be transferred to, stored, or processed in Nigeria and maintained on computers or servers located outside of your state, province, country, or other governmental jurisdiction where the privacy laws may not be the same as those in your jurisdiction.  If you are located in the European Economic Area, you may have additional rights, including the right to access, correct, erase, restrict processing of, and object to processing and profiling of your information, and to complain to a supervisory authority within your jurisdiction. By using any portion of our Online Platforms, you understand and consent to the transfer of your information to Nigeria and those third parties with whom we share it as described in this privacy policy.

Access And Correction

With limited exceptions, we will give you access to the information we retain about you within a reasonable time, upon presentation of a written request and satisfactory identification.  If this will require a fee, we may charge you a fee for this service and if so, we will give you notice in advance of processing your request.

If you find errors of fact in your personal health information, please notify us as soon as possible and we will make the appropriate corrections.  We are not required to correct information relating to clinical observations or opinions made in good faith.  You have a right to append a short statement of disagreement to your record if we refuse to make a requested change. 

If we deny your request for access to your personal information, we will advise you in writing of the reason for the refusal and you may then challenge our decision. 

In most cases, an issue is resolved simply by telling us about it and discussing it.  You can reach us at: 


Toluwalope Odogiyon, Data Protection Officer

Diff Medical Center

No 10, Diff Road, Off Oladipo Diya road, Gudu District, Abuja-FCT, Nigeria





If, after contacting us, you feel that your concerns have not been addressed to your satisfaction, you have the right to complain to the Director General/CEO of the National Information Technology Development Agency (NITDA), Nigeria.  The Director General/CEO can be contacted via:



National Information Technology Development Agency (NITDA), Nigeria

No. 28, Port Harcourt Crescent, Off Gimbiya Street,

Area 11, Garki, Abuja, Nigeria.

Email: info@nitda.gov.ng

Phone: +2348168401851, +2340752420189, +234 92 920 263

Acceptance Of These Terms

This privacy policy is incorporated into and subject to the Terms of Use that display or link to this privacy policy. Each time that you view and/or interact with our Online Platforms, you signify that you have read, understood, and agree to be bound by the Terms of Use, which incorporate this privacy policy. If you do not agree to the terms of this privacy policy or the use of your information as set forth in this privacy policy, please do not use our Online Platforms. Your continued use of our Online Platforms subsequent to changes in this privacy policy will signify your acceptance of the changes.


We reserve the right to modify this privacy policy at any time. All updates will be posted on our website, so please review it periodically.