DATA HANDLING PROCEDURE
in connection with the handling of health care data and other related personal data by Pozitron Diagnosztika Egészségügyi Szolgáltató Kft. in the course of rendering health care services
The following briefing is intended to provide you with all important information regarding the handling and protection of your health and related personal data in the course of healthcare, as the processing of personal data must be fair, lawful and transparent.
The full Privacy and Data Management Policy is available for download on our website (https://pet.hu/privacy-policy/) and on paper at all Pozitron Diagnosztika Kft. receptions.
The principle of transparency requires that information and communication relating to the processing of personal data be easily accessible and comprehensible and that it be drafted in a clear and simple language. This principle applies in particular to informing data subjects about the identity of the controller and the purpose of the processing, as well as further information to ensure fair and transparent processing of the data subject’s personal data, and to informing data subjects that they have the right to be confirmed and informed. about the data processed about them.
Personal data and personal data relating thereto shall be processed primarily for health purposes, closely related contact, billing and newsletter purposes in a manner that ensures their timely availability, adequate level of security and confidentiality, inter alia, in order to prevent unauthorized access to and use of personal data and the means used to process personal data.
We would like to inform you that the data controller reserves the right to change the data protection regulations, taking into account the provisions of the applicable legislation.
- Data Handler
Denomination: Pozitron-Diagnosztika Egészségügyi Szolgáltató Kft.
Abridged name: Pozitron- Diagnosztika Kft.
Business domicile: H-1117 Budapest, Hunyadi János út 9-11.
Facsimile: +36 1 505 8887
Telephone: +36 1 505 8888 | on work days 8.00 am thru 6.00 pm (CET)
- Legal Regulations as Legal Grounds of the Data Handling Procedures
The following legal regulations especially govern the data handling procedures required for health care services:
- Regulation (EU) 2016/679 of the EUROPEAN PARLIAMENT and of the COUNCIL of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation) (hereinafter referred to as GDPR); please visit: https://www.adatvedelmirendelet.hu/wp-content/uploads/2016/07/CELEX3A32016R06793AHU3ATXT.pdf);
- Act CLIV of 1997 on general health care services (hereinafter referred to as Eütv.); please visit: https://net.jogtar.hu/jogszabaly?docid=99700154.TV;
- Act XLVII of 1997 on the handling procedures and protection of health care data and related personal data (hereinafter referred to as Eüaktv.), please visit: https://net.jogtar.hu/jogszabaly?docid=99700047.TVA;
- Act CXII of 2011 on information self-determination
and freedom of information (hereinafter referred to as Infotv.); please visit: http://net.jogtar.hu/jr/gen/hjegy_doc.cgi?docid=A1100112.TV).
- Legitimacy of the Data Handling Procedures
The handling procedure of personal data is legitimate if the following requirements have been met:
- the concerned parties have consented to the handling of their personal data for one or more particular purposes;
- the data handling procedure is required for the completion of contracts in which the concerned party is one of the contracting parties OR such contract is necessary for measures to be carried out upon the concerned party’s request prior to the conclusion of such contract;
- the data handling procedure is required for the completion of legal obligations that legally bind the data handler;
- the data handling procedure is required for the protection of the vital interests of the concerned party or any other natural person;
- the data handling procedure is of public interest OR it is required for the completion of any assignment to be completed in the framework of the exercise of any entitlement for any public authority conferred upon data handler;
- the data handling procedure is required for the reinforcement of the licit interests of data handler or any third party, except if such interests are superseded by the concerned party’s any interest or fundamental right and freedom that requires the protection of personal rights with special regard to juveniles.
- Consent to sending a health promotion newsletter includes:
- if the person concerned checks a box to do so when viewing the website (e.g. newsletter subscription)
- you can unsubscribe from the newsletter for free at any time, most easily by using the unsubscribe menu item at the end of the newsletter
- if you do not wish to receive a newsletter, you may withdraw your consent at any time by sending a resignation letter to info(at)pet.hu.
- In some cases, our Hospital will send you a newsletter based on a legitimate interest. If the data subject objects, the newsletter will no longer be sent to him/her.
- Data Handling Procedures connected with Health Care Services
5.1. The Scope of Data to be handled and the Purpose of the Data Handling Procedure: for the purpose of personal identification in order to render safe and custom health care services, it is indispensable to register personal data and known health care data connected with the events of health care services as have been set forth in the effective law (Eüak.tv.).
5.2. The Legal Grounds of the Data Handling Procedure: The legal basis for data processing is, on the one hand, your voluntaryism as a user of the service, as well as a contract (e.g. for an occupational medicine examination) or a mandatory provision of the law (Eüaktv.) for the mandatory processing of patient data. In addition, the requirements of the Accounting Act for billing, for example, in financing matters.
5.3. Term of the Data Handling Procedure: Pozitron Diagnosztika Kft. as health care service provider is bound by law (Eüak.tv.) to handle and archive health care and related personal data in full conformity with the statutory provisions set forth therein. Your consent, by the reason of the foregoing, is irrevocable, so that health care service provider is unable to comply with your possible request for the deletion of your health care and related personal data archived by health care service provider. The health care documentation must be archived and preserved for at least thirty (30) years commencing the day of registration, whilst Hospital Discharge Summaries must be archived and preserved at least for fifty (50) years. Picture records taken by medical imaging must be archived and preserved for at least ten (10) years commencing the day of recording, whilst medical evidences completed by reason of such picture records must be archived and preserved for at least thirty (30) years commencing the day of recording. Prescriptions must be archived and preserved for at least five (5) years.
- The Reinforcement of Rights in connection with the Data Handling Procedure of Health Care and related Personal Data
If you have any questions about data management, please feel free to contact us at the contact details above. You can also contact our privacy officer if you require it.
Name and contact details of the data protection officer: Annamária Sillinger
Postal address: H-1117 Budapest, Hunyadi János út 9-11.).
You are entitled to request for information of which of your personal data your desire to be handled by our company. This, however, can be ensured only after personal identification, with regard to the nature of the Data Handling Procedure, for the purpose of the protection of your personal data. Please use the same contacts to forward your complaints regarding the legitimacy of the Data Handling Procedure. In addition, according to Infotv., you are also entitled to file your complaint regarding the illicit handling of your personal data and/or the violation of your rights connected with your rights of information self-determination and freedom of information at the Fővárosi Törvényszék ([Metropolitan Court] address: H-1055 Budapest, Markó u. 27.; mail address: H-1363 Bp. Pf. 16.) OR the court with jurisdiction over your (permanent) address OR the Nemzeti Adatvédelmi és Információszabadság Hatóság ([National Authority for Data protection and Freedom of Information] address: H-1135 Budapest, Szilágyi Erzsébet fasor 22c; www.naih.hu).
- Data Protection Protocol
Please be informed that our Data Protection Protocol includes further information on the Data Handling Procedure and health care rights of patients (e.g.: data handling connected with the use of the website, review to documents, parties holding access to data, requests for copies of documents, data carriers, etc.).
Dated; Budapest, April 1, 2020