Upon visiting this website no personal information is being collected and processed, with the exception of certain anonymous data gathered by cookies and the information you voluntarily provide us by contacting us via the contact form or by making an appointment.
The personal information which you voluntarily provide us is used only to contact you, and not for marketing purposes. All personal information is treated with care and discretion, and may be archived for internal purposes and to comply with applicable regulations and law.
You have the right to consult your personal information and to request us to correct, add to, or delete all or parts of it. You also have the right to have an overview of all of your information which we process, or to object to the use of all or part of that information. When the data processing is based on your prior consent, you have the right to withdraw that consent.
You can do all of this by sending us an e-mail via our contact form. We may require additional information or proof of identity from you for purposes of confirming your identity.
If you believe that the processing of your personal information is in breach of applicable privacy laws, you may file a complaint with the Gegevensbeschermingsautoriteit (the “Data Protection Authority”, formerly the “Privacy Commission”), Drukpersstraat 35, 1000 Brussel, firstname.lastname@example.org.
In our medical practice
The General Data Protection Regulation or “GDPR” (in Dutch, the “AVG” / “Algemene verordening Gegevensbescherming”) is the European privacy law in effect since 2016, with a transition period until 25 May 2018. This regulation is intended to protect the personal information supplied from possible abuse or misuse, in particular by its improper or unlawful dissemination to third parties, whether or not against payment.
In our medical practice we collect certain personal information of patients, and this in the context of legal obligations to compile a medical dossier on each patient. These legal obligations are imposed by the RIZIV (the Belgian National Health Service) and by other official regulatory bodies.
Personal information is collected from the patients themselves, unless they are incapacitated and unable to provide it themselves. Then their care-givers will be contacted for this purpose though the necessary secure channels.
We process the following information:
- identity data, including National ID numbers (the “rijksregisternummer”) when e-reading identity cards; contact details: mail / telephone
- administrative details for billing purposes (including health insurer / data regarding consultations and clinic admission)
- medical and paramedical information concerning illness (present and past / symptoms, diagnosis and treatments)
- healthcare providers: network of medical-care providers
- social care : care-givers
This information is restricted to what is relevant for our specialisation (“data minimisation”) and is gathered for medical care purposes. All data is protected sufficiently and is only released to those authorised under law. Private parties have certain rights concerning their data:
Information collected for Medical, Healthcare Purposes :
- patient care: preventive or therapeutic
- patient administration: recording a patient’s medical details for internal use or for reasons required by or set by law, as well as for purposes of research and policy framing
- medication management: collecting information in order to prescribe properly the appropriate medications
- complaints procedure: gathering information in connection with a complaints procedure
- quality of care: evaluating data in order to improve the quality of patient care
- scientific data collection: the purposes are education, research, and other objectives set by public authorities. Information gathered for these ends is made anonymous.
Legally Authorised Recipients:
- healthcare insurers
- RIZIV (the Belgian National Health Service, “Rijksinstituut voor ziekte- en invaliditeitsverzekering)
- the patient concerned or their authorised representatives
- duly authorised government bodies
- the patient’s other healthcare providers
- All of our healthcare providers are bound by professional privilege.
- We have a secured server and secured computers to prevent unauthorised access. We maintain this through secure passwords which are changed regularly and by use of up-to-date professional software and hardware, which is more secure than the older software and hardware. Our workstations do not remain open but are access-locked once the station is quit. Information is stored on our own server and not in the “cloud”.
- On our own initiative, we have appointed a “data manager” (not a “data protection officer” ) within the practice group to deal with information issues. Ilse Van der Straeten advises and trains our personnel on these matters and has the obligation to report any data-hacking or loss of information to the relevant authorities.
- Your medical details are retained for a period of at least 30 years. Billing information is retained for at least 7 years. We cannot guarantee that your personal information will still be stored after these periods.
Rights of Private Parties
- Because we as doctors have legal obligations to compile a medical file on each patient, you provide us with implicit consent to the collecting of personal information when you consult us. This data is used to create and maintain your personal dossier. Your information is also shared through the prescribed secured channels with other healthcare providers whom you have disclosed to us.
- You have the right to “data portability”: you have the right to request the information collected, to amend it, and, if you so require, you may also request it to be transferred to another healthcare provider.
- The right “to be forgotten”: you can request that your file or parts of it be deleted unless otherwise prohibited by law.
- The right to refuse to allow your anonymous-rendered(!) data be used in certain studies (scientific and marketing).