Protection Of Personal Data
Erdem Health Group Personal Data Protection Law Disclosure Policy
Erdem Health Group maintains all kinds of personal data shared by our patients in a way to take care of patient privacy and to take all necessary technical and administrative measures to ensure the appropriate level of security regarding personal data.
As Erdem Health Group (Güneşli Erdem Hospital, Çakmak Erdem, Çamlıca Erdem Hospital, Erdem Medical Center and Dialysis Centers) The Information Policy on the Protection of Personal Data explains our personal data protection and processing policy and how we collect, transfer, use and protect personal data during the services performed by the Group in accordance with the Law No. 6698 on the Protection of Personal Data (LPPD).
1. Personal Data Collected by the Group
Pursuant to the Law No. 6698 on the Protection of Personal Data (KVKK) published in the Official Gazette dated 07.04.2016 and numbered 29677, all kinds of information (personal data) belonging to the patient obtained / to be obtained by OUR GROUP, which has the title of data controller, or shared / to be shared with OUR GROUP, will be processed by OUR GROUP within the framework described below and in the ways stipulated in the LPPD, and all kinds of transactions carried out on the information belonging to the patient, including obtaining, recording, storing, retaining, modifying, disclosing, transferring, making available the information belonging to the patient by automatic or non-automatic means, shall mean "processing of personal data".
We collect various information from our patients within the framework of the health services we provide. Such information is collected in accordance with the data processing principles and conditions in the LPPD under all circumstances.
2. The information we collect for the purposes described in the SECTION may include: Name, surname,
T.R. identity information, Passport number, Place and date of birth, Gender, Address, Telephone number, e-mail address, Patient protocol number assigned to you by the Group, Financial data such as payment and billing information, Private health insurance or Social Security Institution data, Biometric data within the scope of services financed by the Social Security Institution, Laboratory results, test results, examination data, check-up information, health data, including but not limited to prescription information, Voice recording if contacted, closed circuit camera system image recording during visits to our hospitals, vehicle license plate data in case of benefiting from the parking / valet service, Health data and identity information shared when you use online services on our website https://www.erdemhastahanesi.com.tr, identity information and health data collected during the visit to the website https://www.erdemhastahanesi.com.tr, other data shared when we are contacted via e-mail, call center or other channels.
2. Purposes of Processing Patient's Personal Data
The personal data we collect within the scope of the services provided by our Group are processed for various purposes: Fulfilling our legal obligations under the Basic Law No. 3359 on Health Services, Decree Law No. 663 on the Organization and Duties of the Ministry of Health and its Affiliated Organizations, Regulation on Private Hospitals, Regulation on the Processing of Personal Health Data and Ensuring Privacy and other relevant regulations; Execution of public health protection, preventive medicine, medical diagnosis, treatment and care services, planning and management of health services and financing;
Providing information about the appointment if an appointment is made; Planning and managing the internal functioning of the Group, conducting analysis to improve the services provided by the Group; Invoicing; Verification of Patient Identity; Verification of the Patient's relationship with Contracted institutions;
Responding to the requests of the Ministry of Health and other public institutions and organizations in accordance with the applicable legislation; Responding to questions or complaints regarding our Group Services; Analyzing the use of health services in order to improve the services we provide as a Group; Complying with the Group's internal policies and principles; Measuring patient satisfaction and increasing patient satisfaction following the patient's receipt of health services; Contacting the patient for information purposes regarding the services we provide as a Group; Supply of medicines or medical devices.
However, the patient's personal data will not be used for any commercial purpose except for the activities listed above and as required by the relevant legislation.
3. Persons and Organizations to whom Patient's Personal Data may be Transferred
For the purposes set out in SECTION 2 above by ensuring that all necessary technical and administrative measures are taken to ensure the appropriate level of security in accordance with the LPPD and the relevant health legislation; We may transfer the patient's personal data to institutions or organizations permitted by the provisions of the Basic Law No. 3359 on Health Services, the Decree Law No. 663 on the Organization and Duties of the Ministry of Health and its Affiliated Organizations, the Regulation on Private Hospitals, the Regulation on the Processing of Personal Health Data and Ensuring Privacy and other relevant legislation; to private insurance companies; our direct/indirect domestic/foreign shareholders, subsidiaries and/or affiliates; group companies; auditors; consultants; business partners; domestic/foreign organizations and other third parties from which we contractually receive services to carry out our activities.
4. Method and Legal Reason of Collecting Personal Data
Personal data belonging to the patient are collected in any verbal, written or electronic environment within the scope of the above-mentioned purposes and in order for the Group to fulfill its contractual and legal obligations.
5. Rights Regarding Patient's Personal Data
To the extent that personal data is processed by the Group as data controller, in accordance with Article 11 of the KVKK, the patient personal data is collected by filling out the "KVKK Access / Information Request Form" below and delivering it by hand to the address of the hospital where the service is received or by sending it through a notary; the patient has the right; To learn whether any personal data is processed; Request information regarding the processing activities of their personal data; To learn the purposes of processing personal data; In case the personal data are transferred to third parties at home or abroad, to learn these persons; To request correction of personal data if it is incomplete or incorrectly processed; To request the deletion or destruction of personal data if the reasons requiring the processing of personal data disappear or if the Group does not have a legal basis or legitimate interest in processing such data; To object to the adverse results that may arise as a result of the processing of personal data through automated systems and to request compensation for this damage in case of damage due to the unlawful processing of personal data.
The Group will finalize the request free of charge as soon as possible and within thirty days at the latest, depending on the nature of the request. However, if the transaction requires an additional cost, the fee in the tariff determined by the Personal Data Protection Board will be charged by the Group.
6. Possible Changes and Updates to the Policy
The Group may make changes or updates to this Policy in accordance with legal regulations and the Company Policy. The relevant persons are informed about the new Policy text reflecting all these changes and updates through the website https://www.erdemhastahanesi.com.tr.