Who decides why and how we process the personal data we collect?
Iliaktida determines why and how we process an individual’s personal data, in order to carry out its functions and fulfil its objective.
When do we collect an individual’s personal data?
We may collect personal data about you in various cases, such as for example:
- When you visit us or seek our services;
- When you elect to follow us or otherwise make an enquiry through our website, in person, over email or over the telephone; and
- When you or your organisation provide services to us, or otherwise offer to do so.
What personal data might we collect?
Processing at Iliaktida can involve both personal data as well as special categories of data, such as data concerning health. This data may be compiled in written or electronic form, or both. We collect different types of personal data for different reasons – this may include:
- Contact information: Information such as your name, job title, postal address, home address, business address, telephone number, mobile number, fax number and email address.
- Payment data: Data necessary for us to process payments and implement fraud prevention measures, including credit / debit card numbers, security code numbers and other such relevant billing details.
- Insurance data: Information about your health insurance plan which we will need to process relevant claims.
- Platform information: Information such as your password and other related log-in details for platforms maintained by Iliaktida.
- Data Concerning Health: This may include patients’ records (past and present), medical notes which may be recorded by Iliaktida’s doctors and staff as well as other medical professionals who may provide relevant data to us. This data may relate both to the personal data of the children who are the patients as well their parents, as relevant.
- Complaints and requests: We may collect your personal data to process requests or to address complaints.
How will we use the data we have collected?
The data provided to Iliaktida would be used for ensuring we offer to the concerned individual the right medical treatment or medical advice. The staff at Iliaktida would be responsible for your medical care.
We will use the individual’s personal data for the following purposes (Permitted Purposes):
- To provide the individual with health services and with the necessary medical care, as instructed or requested by the individual or by the individual which has parental responsibility for a child;
- To communicate with our patients and to improve our services;
- For improving the quality and standards of care provided;
- For research into the development of new treatments;
- For monitoring safety;
- To communicate with the individual through the channels he/she has approved to keep him/her up to date on the latest developments, announcements, and other information about our services; and
- To comply with court orders and exercises and/or defend our legal rights.
Legal grounds for processing
Depending on which of the above Permitted Purposes we use your personal data for, we may process your personal data on one or more of the following legal grounds provided for under applicable data protection legislation:
- To comply with our legal obligations by which processing of personal data is required, including but not limited to fulfil our obligations under the Protection of Patients Law 2004 or to fulfil our tax obligations;
- Because processing is necessary for the provision of services by Iliaktida to you;
- In rare cases, the processing of personal data may be necessary to protect the vital interests of the individual or of another natural person;
- If processing is necessary for the purposes of the legitimate interests pursued by Iliaktida or by a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the individual which require protection of personal data; and
- For operations for which we obtain the individual’s consent for a specific processing purpose.
With regard to updates and other general communications, you will always have the option to opt out of receiving such communications at any time.
How will we share an individual’s data?
We may share an individual’s personal data in the following circumstances:
- Disclosure would be necessary for medical treatment purposes by another responsible professional practitioner, as authorised by the relevant individual, their authorised representative, or the holder of parental responsibility of the under aged individual;
- Disclosure of personal data may be necessary between members of staff of Iliaktida, who are also bound by a confidentiality duty for their purposes of processing or for record keeping purposes;
- If non-disclosure of data entails a serious risk of harm to the health or physical integrity, or to the vital interests, of the individual, or may have a serious impact on society as a whole;
- Disclosure for purposes of disclosure by law and or contractual obligation;
- If we have a court order to disclose any data for a specific individual that we have collected; and
- Iliaktida may share information accordingly to ensure duty of care and investigation as required by law enforcement or other authorised medical providers, or in accordance with any other provision of the applicable law.
Data being used or shared for purposes beyond individual care does not include the individual’s data being shared with insurance companies or used for marketing purposes and data would only be used in this way with the individual’s or with the express consent of the holder of parental responsibility of the under aged individual.
We will otherwise only disclose the individual’s personal data when the relevant individual, or an authorised representative, directs us or give us permission to do so or otherwise as required by law, such as for meeting legal and tax obligations.
How do we keep your personal data safe?
We take the appropriate technical and organisational measures to keep your personal data confidential and secure, in accordance with our internal policies and procedures regarding storage of, access to and disclosure of personal data. We may keep your personal data in our electronic systems, or in paper files.
How long do we keep an individual’s personal data?
We delete information that we have received once it is no longer reasonably necessary for us to keep it for the Permitted Purposes, or, where we have relied on the individual’s consent to keep his/her personal data, or the data of the child by which the individual has parental responsibility, when the individual withdraw his/her consent for us to do so, and we are not otherwise legally permitted or required to keep the data.
Given the nature of our services, the vital nature of the information we hold and the significant impact on individuals if medical records are lost, we retain data for significant periods of time.
What rights do you have?
Subject to certain conditions under applicable legislation, you have the right to:
- request to receive a copy of the personal data which Iliaktida holds about you or the child for which you have parental responsibility or to receive it in a reasonable format specified by you;
- have any inaccurate data we hold about you corrected;
- object or restrict our use of your personal data;
- require us to erase your personal data or the child for which you have parental responsibility;
- submit a complaint if you have concerns about the way in which we are handling your data.
To do any of the above, please contact us at 25720200 To enable us to process your request, please note that we may require that you provide us with proof of your identity, such as by providing us with a copy of a valid form of identification – this is to protect the personal data we hold from unauthorised access requests and comply with our security obligations.
Corrections, updates and complaints
Where any personal data you have provided us with has changed, or where you believe the personal data we hold is inaccurate, or where you wish to make a complaint regarding our handling of the personal data, please let us know at 25720200.
In relation to complaints, we will promptly respond to your requests and complaints. In the event that you are unhappy with our response, you may submit a complaint to the relevant privacy regulator. We can provide contact details of the regulator upon request.