Processing of information

In connection with our examination, diagnosis and treatment of you as a patient, the Lægerne ved Kongens Have collect and process a number of personal information about you as a data controller. We are obliged to do this in accordance with Chapter 6 of the Authorization Act and the Executive Order on Records. This privacy policy describes how Lægerne ved Kongens Have process, use and pass on your personal information.

Types of information

Lægerne ved Kongens Have collect and process the following types of personal information about you (to the extent that it is relevant to you in particular): Common categories of personal information:

  • Name, address, possibly e-mail address, telephone number, social security number, gender, family and social relations, working relations and education.

  • Special categories of personal data ("sensitive personal data"):

  • Health information (eg medical records, test results, tests, x-rays, scan results, etc.), sexual relationships, race or ethnic origin, and religious beliefs.

Purpose

We process your personal information for the following purposes: Our examination, diagnostic and treatment of you

  • Preparation of medical certificates

  • Preparation of certificates for use by authorities, insurance companies, etc.

  • Communication with or referral to other healthcare professionals, doctors, hospitals or hospital laboratories

  • Medication prescriptions, including the issuance of prescriptions

  • Reporting to clinical quality databases

  • Reporting of laboratory samples to hospital laboratories

  • Settlement purposes

  • Comply with our obligations under applicable law, including the EU Data Protection Regulation, the Data Protection Act and other relevant health law, such as:

    • Duty to document

    • Compliance with basic principles for the processing of personal data and legal authority for the processing

    • Implementation and maintenance of technical and organizational security measures, including but not limited to preventing unauthorized access to systems and information, preventing the receipt or distribution of malicious code, stopping denial-of-service attacks and damage to computer systems and electronic communications systems

    • Investigation of suspected or knowledge of security breaches and reporting to individuals and authorities

    • Handling inquiries and complaints from data subjects and others

    • Handling inspections and inquiries from regulators

    • Dispute resolution with registered and third parties.

    • Statistical studies and scientific research

Volunteering

When we collect personal information directly from you, you provide the personal information voluntarily. You are not obliged to provide this personal information to us. The consequence of not giving us the personal information will be that we can not fulfill the purposes above, including that in some cases we can not examine, diagnose or process you.

Sources

In some cases, we collect personal information about you from other healthcare professionals, e.g. hospitals or by lookups in electronic medical record systems. We process the receiving information in accordance with this privacy policy.

Disclosure of personal information

To the extent necessary for the specific examination, diagnosis or processing of you, your personal information will be passed on and shared with the following recipients:

  • Information is passed on to other healthcare professionals if this is necessary for a current course of treatment.

  • Information is passed on to RKKP (clinical quality databases), the Danish Agency for Patient Safety, the Danish Health and Medicines Authority (medicines, vaccinations, unintended events and deaths), police and courts, social authorities, Arbejdsmarkedets Erhvervssikring to the extent that there is an obligation to do so.

  • As a patient, you have access to your own information (right of access).

  • When referring patients, information is passed on to the healthcare professionals to whom the referral has been sent.

  • When reporting laboratory samples, the samples are passed on to the hospital laboratories.

  • When reporting information in connection with billing for patient treatment, information is passed on to the regional billing offices.

  • When issuing prescriptions, information is passed on to the country's pharmacies and the Danish Medicines Agency via FMK.

  • When reporting to clinical quality databases.

  • In other cases, information is passed on to relatives or insurance companies.


Legal basis for processing and disclosure of personal data

The legal basis for collecting, processing and disclosing your personal information is:

  • For the purpose of ordinary patient processing, ordinary personal data are collected, processed and transmitted pursuant to Article 6 (1) (c) and (d) of the Data Protection Regulation, while sensitive personal data are collected, processed and transmitted pursuant to Article 9 (2) of the Data Protection Regulation (c). ) and H).

  • In addition, we are obliged to process a number of personal data about you in the ordinary patient processing pursuant to Chapter 6 of the Authorization Act, the Executive Order on healthcare professionals' records (the Executive Order on Record keeping), especially Sections 5-10, and Chapter 9 of the Health Act.

  • Information for use in billing for patient care is submitted once per month to the region's settlement office in accordance with the rules in the Agreement on the General Practice Health Act §60.

  • Prescriptions for medicines and prescriptions are sent via the IT service FMK in accordance with the rules in section 157 of the Health Act and the Executive Order on prescriptions and dose dispensing of medicines, especially Chapter 3.

  • Clinical patient data is passed on to clinical quality databases in accordance with the rules in sections 195-196 of the Health Act and the Executive Order on reporting information to clinical quality databases, etc. Data can also be passed on on the basis of a specific consent from you as a patient.

  • Your personal data will only be passed on to insurance companies with your prior consent, in accordance with Articles 6 (1) (a) and 9 (2) (a) of the Data Protection Regulation.

  • Your personal information is only passed on to your relatives with your prior consent in accordance with the rules in section 43 of the Health Act.

  • In the case of deceased patients, certain personal information may be passed on to the deceased's next of kin in the rules in section 45 of the Health Act.

Withdrawal of consent. If the processing of your personal data is based on consent, you have the right to revoke the consent. If you revoke the consent, it does not affect the processing prior to the revocation of the consent, including a disclosure based on consent.


Use of data processors

  • Your personal information is processed and stored by our data processors, who store it on behalf of and following instructions from us. Our data processors are currently:

  • MyClinic

  • System houses

  • Other IT providers

  • DAK-E (digital course plans)

  • DMDD, Webreq and Webpatient (ordering laboratory samples and storing the citizen's answers to questionnaires)


Storage period

We store personal information about you for as long as we need to carry out the stated purposes. However, in accordance with section 15 of the Executive Order on Record Keeping, we have a duty to keep these for a minimum of 10 years after the most recent addition to the record. There may be cases where we are forced to store your personal information for a longer period of time, e.g. in connection with a complaint or compensation case, in which case information will be kept until the case is finally closed.

Your rights

You have - with the limitations of the law - certain rights, including the right to access personal data, the right to have incorrect information changed, the right to have information deleted, the right to have limited information, the right to data portability, the right to object to the processing of the personal data, including in relation to automated, individual decision-making (“profiling”). also has the right to complain to a competent supervisory authority, including the Danish Data Protection Agency.


Contact

If you have any questions regarding the processing of your personal data or the exercise of your rights, please feel free to contact us at 33132325.

Address information at the clinic:
Lægerne ved Kongens Have
Gammel Mønt 12 3rd & 4th floor, left
1117 Copenhagen
Denmark


Date: 01.06.2018