Medical data: information that, directly or indirectly, pertains to the health or physical and/or mental condition of a patient and data about a patient in the records of a physician.
Processing: the collection, storage and deletion of personal and medical data from our systems.
1. Who do we process personal and medical data from?
Of people who work for us and are or have been treated by us.
2. Who processes the personal and medical data?
Employees of our practice process your personal and medical data. In addition, our billing partner processes personal data. See also § 8 of this statement.
3. For what purpose do we process personal data?
We process personal data for the following purposes:
- To establish a relationship with you
If you want to become a patient with us we need personal data, for example your phone number and email address to inform you about any waiting lists.
- To maintain the relationship with you
If you are a patient of ours, we want to serve you well. For this purpose we process personal data. We use your name, address and email address, for example, to maintain contact.
- For promotional and marketing purposes
We may process your personal data for promotional or marketing purposes. For example, to inform you about developments in our practice that may be of interest to you or to better meet your needs. For example, a newsletter.
- To fulfill legal obligations
On the basis of certain (international) laws and regulations, we must collect data about you, for example for administration, patient records and the related retention obligation.
- For archival purposes
We do not collect more personal data than is necessary for the purposes mentioned above. If we do not retain the data for those purposes, we may still retain the data for archival purposes. That is, the data will still be used only for statistical purposes.
4. For what purpose do we process medical data?
We process medical data for the following purposes:
- To ensure treatment is targeted and effective
We collect and record medical information as a result of your request for help, medical background, examination and course of treatment in your patient file, all this also according to the law on medical treatment agreements.
- To improve our quality of action
We collect medical data to improve our quality of care through peer review and evaluation.
- To provide accountability to patients and/or their representatives and IGJ (Health Care and Youth Inspectorate)
We collect medical data that makes our actions transparent and understandable, to show why we have treated and to reflect the result of the treatment.
5. Transfer to third parties
We will never provide the collected personal and medical data to third parties, except with your explicit consent, for example to specialists to whom we refer patients.
6. Retention period
Personal and medical data will not be kept longer than necessary for the purpose for which they were collected and processed. The retention period for administrative personal data is currently 7 years. The retention period for medical data is currently 15 years.
7. Would you like to have access to the processing of your personal and/or medical data?
You can request an overview of the personal and medical data that has been processed about you. Do you think that your personal data is incorrect or incomplete or that it is not necessary that it has been processed? If so, you can submit a request to us to change, supplement or remove these data.
Statutory provisions may prevent certain medical data from being deleted. In this case, only your data relating to your date of birth and gender will be retained.
8. How are your personal and medical information protected with us?
- All our staff have signed a confidentiality agreement (including professional) whereby they declare not to share your personal or medical information with others without your express consent.
- All parties who process personal or medical data on our behalf have provided us with a statement showing that processing is carried out in accordance with the requirements of the General Data Protection Regulation (AVG), a so-called processing statement.
- All collected personal and medical data is digitally stored. By means of antivirus software and firewalls, stored data is protected against possible digital crime.
- Through carefully assigned rights, our employees have access in our systems only to data that is necessary for their functioning. They can only gain access to the data they are authorized to view and process by using a unique user name and password.
- All of our computers are set to switch screens to a “screensaver” after two minutes of inactivity. This prevents data from being unintentionally visible.
- For the digital transmission of personal and medical data, we use a secure e-mail program, namely: zorgmail.
9. After reading this privacy statement, do you have any questions about the processing of your personal and medical data?
Please get in touch, we are happy to answer your questions.