Data protection policy
______________________
Introduction
We are committed to protecting the privacy of patient information (hereinafter referred to as “patients”) and to treating your personal information responsibly in accordance with the Federal Data Protection Act (“DPA”) of 19 June 1992.
This Data Protection policy explains how we collect, use and disclose your personal data, how you can access that data, and how you can request the correction of any data. It also explains how you can file a complaint in the event of a breach of data protection legislation.
We will update this Data Protection Policy to reflect any changes to the DPA.
Collection
We collect the necessary and relevant information to provide to the member of the college of experts (hereinafter “Specialist”). This information may include your name, address, date of birth, gender, health status information and family history, and may be stored in our computerized medical records system.
Where possible, we will only collect information from your family doctor: however, we may also need to collect information from other sources such as specialists, radiologists, pathologists, hospitals, clinics and other healthcare providers.
We collect information in a variety of ways, for example by phone, in writing, or in person. Clinics, hospitals, medical practices can also transmit data online. This information may be collected by medical and non-medical personnel.
We may be required, by law, to retain medical records for certain periods of time depending on your age at the time we provide the services.
Use and disclosure
We will treat your personal data as strictly private and confidential. Personal data will be used or disclosed only for the purposes directly established within the mandate stipulated between the patient and ISOM. There are circumstances in which we may be authorized or required by law to disclose your personal information to third parties. For example, to Swissmedic, the Police, the health insurances, lawyers, government regulatory bodies and courts. From time to time we may also provide statistical data to third parties, for research purposes, but always in anonymous form.
Data quality and security
We will take reasonable steps to ensure that your personal information is accurate, current and relevant. The transfer to the Specialist will be made by secure IT means.
Protection of our premises
We will take all necessary precautions to protect patients’ personal data, such as the use of passwords and varying levels of access into databases to restrict access to and protect electronic information from unauthorized interference, access, modification and disclosure. Locked cabinets and rooms for the storage of physical records will be provided.
Access
You have the right to request access to your medical records and all of your personal data processed by us. We ask you to submit your request in writing and we will respond within 2 working days.
We may deny access to your medical records in certain circumstances permitted by law, for example, if disclosure may cause a serious threat to your health or safety. We will always tell you why access is denied and what remedies are available to you.
Complaints
If you have a complaint regarding the processing of your personal data (including complaints about the use of the registration system), please contact us in writing. Upon receipt of a complaint we will consider the details and try to resolve it in accordance with our complaint handling procedures.
Finally, you always have the option of submitting a complaint to the Federal Data Protection Commissioner, as well as to take legal action under applicable law.
Please address any questions, complaints, requests for access to medical records to:
ISOM, Institute of Second Opinion (in Medicine) Ltd, Lugano
