PRIVACY POLICY FYSIO2GETHER

General Information

Purpose and legal basis of processing:

Processing of client data for the purpose of physiotherapeutic care and documentation. Documentation is used for peer review and audits by health insurers. This data is stored in the cloud using the James Software program. Data is secured with two-factor authentication. It is legally required to work with a certified Electronic Patient Record (EPR).
Data is accessible only for healthcare purposes. Third parties have no access to the files.
Process-driven actions are promoted through documentation, making quality measurable.

Consequences of not providing personal data:

Processing data is a necessary condition to deliver effective physiotherapy care. If data is not provided, this will affect the treatment process and related financial handling.

Retention period:

Data is retained as long as necessary after client registration. Clients can request deletion at any time.
The reasons for retaining data for this duration are:
1. Continuity of care — clients may not have been treated for a while and then return with specific physical complaints.
2. Access to old records may provide useful information about the client’s previous physical condition.

Right of access, correction, or deletion of personal data:

Every client has the right to access, correct, or delete their personal data. Requests can be made verbally or in writing (by mail or email) and will be processed as soon as possible (within 5 working days).
If data was collected with consent, that consent can also be withdrawn.

Right to lodge a complaint with the Data Protection Authority:

If dissatisfied with the above, clients have the right to file a complaint with the Dutch Data Protection Authority. Of course, we will first seek a suitable solution.

Created on: May 23, 2018 in Rijswijk by C. Kempen, legal representative.