Every time you contact us, we collect personal data about you. Personal data is needed to provide good, safe and secure dental care. Personal data is also used to follow up our business activities and to provide us with a picture of the dental health of our patients. The two laws regulating the processing of personal data in our business are the Patient Data Act and the General Data Protection Regulation.
How do you process my personal data?
We are required to keep patient records for each patient. Patient records can contain personal data such as the background to the care provided, information about the diagnosis, remedial measures planned and taken, and details of when notes were made in the patient records and by whom. Your personal data is needed to provide good and safe dental care, and managed to provide business and quality follow-up. We have the right to record your personal data in your patient records and in healthcare registers, even if you have not given us your consent.
As a patient, you can book appointments through our website, by email or by telephone. To provide this service, we must record your name, email and phone number. Processing your personal data is necessary in order to fulfil our contract with you, and to fulfil the legal obligations we have as your healthcare provider. Contact information is saved in our patient records system in accordance with the provisions of the Patient Data Act.
How long do we retain your personal data?
There are clear rules in the Patient Data Act and the General Data Protection Regulation on how we should retain or dispose of your personal data. According to these regulations, personal data in patient records should, for example, be retained for at least ten years after the last piece of information was entered into the record.
Who has access to your personal data?
Dental health care providers are covered by rules of strict confidentiality regarding information about a patient’s medical or personal circumstances. So, we will not disclose your personal data unless we are legally required to do so, for example, by Försäkringskassan (the Social Insurance Agency), Socialstyrelsen (the National Board of Health and Welfare) or Smittskyddsinstitutet (the Institute for Infectious Disease Control), or if we have obtained your express consent to such disclosure. This does not preclude us from using suppliers who will process your personal data on our behalf in accordance with written agreements and our instructions. Suppliers with access to your personal data will not be allowed to use your personal data for purposes other than those specified in this information for patients.
What are my rights?
Accessing your patient records
As a patient you have the right to access the information contained in your patient records. You also have the right to obtain a copy of all or part of your patient records.
Correcting or erasing personal data
If you have a different opinion with regard to the content of your patient records, or consider information to be incorrect, you have the right to have this entered into your patient records. To have information erased from your patient records, you need to contact the Health and Social Care Inspectorate (IVO) at www.ivo.se to have this reviewed.
Blocking information in your patient records
Before the data is made available to other healthcare providers through coordinated patient record keeping, you must be informed about what that involves. Note that in this context, for another healthcare provider to process your data will require your consent. If you do not want other healthcare providers to electronically access your patient records, you can request that access be completely or partially blocked. If that is the case the consequences for your healthcare must be explained to you. For example, you must tell healthcare staff yourself what they need to know in order to provide you with good, safe care. You should also be aware that this block can only be put in place for electronic patient records, not those that are just available on paper.
Object to the processing of data
You have the right to object to certain types of personal data processing that we undertake in accordance with public interest disclosure. In that case you must specify what processing you object to.
Withdrawing your consent
If you have given your consent to the processing of your personal data, you have the right to withdraw it at any time. You can withdraw your consent by contacting us at the address below. However, see above under “How long do we retain your personal data”.
Complaints and compensation
You have the right at any time to lodge a complaint regarding our processing of your personal data, either with us or with Datainspektionen (the Data Inspection Board). If your personal data has been processed in contravention of the Patient Data Act and the General Data Protection Regulation, you are entitled to compensation.
How to exercise your rights?
If you want to exercise your rights please contact us at the address below. To file a complaint with a supervisory authority you should contact Datainspektionen (the Data Inspection Board) at www.datainspektionen.se.
Who is the data controller?
Anna Dental Clinic Sp zo.o NIP: 5833379813is the data controller for the processing of your personal data as described in in this information for patients.
How can you contact us?