Private Sen Jorj Austria Hospital, hereinafter referred to as “HOSPITAL”, acting in the capacity of Data Controller within the scope of the Law on Protection of Personal Data No. 6698 (the “Law”) and the relevant legislation will be able to process your personal data within the framework described below, and in accordance with the Fundamental Law of Health Services No. 3359, No. 663 Decree-Law on the Organization and Duties of Ministry of Health and Its Affiliates, Private Hospitals Regulation, Ministry of Health regulations and other legislation.
- Obtaining, Processing and Processing Purposes of Personal Data
Your personal data are obtained in verbal, written, visual or electronic media, call center, website, verbal, written and similar channels in accordance with the activities of the HOSPITAL for the purposes of protecting public health, preventive medicine, medical diagnosis, execution of treatment and care services provided to the public by the HOSPITAL, and planning and management of health services and financing. Your sensitive personal data, especially your health data, and your insensitive personal data may be processed by the HOSPITAL in a limited and measured way in connection with the purposes specified in this article, including but not limited to the following:
- Your identity information: Your name, surname, Your T.R. ID number, passport number or temporary T.R. ID number, place and date of birth, marital status, gender, insurance or patient protocol number and other identification data by which we can identify you.
- Your Contact Information: Your address, telephone number, e-mail address and other communication data, your voice call records kept by customer representatives or patient services in accordance with call center standards, and your personal data obtained when you contact us via e-mail, letter or other means.
- Your Accounting Information: Your financial data such as your bank account number, IBAN number, credit card information, billing information.
- Your private health insurance data and Social Security Institution data for the purpose of financing and planning health services.
- In case you visit our hospitals or medical centers, your footage of the camera records kept for security and inspection purposes.
- If you use the parking lot, provide your license plate.
- Your Health Information: All kinds of your personal data regarding health and sexual life obtained during or as a result of execution of medical diagnosis, treatment and care services, including but not limited to your laboratory results, test results, examination data, appointment information, check-up information, prescription information.
- Your health data and other personal data that you send or enter to www.sjh.com.tr or to www.sjh.com.tr/kisisel-verilerin-korunması.
- If you apply for a job to any of the Private Sen Jorj Austria Hospital, your other personal data including the CV provided in this regard, and all kinds of personal data related to your service contract and work inclination if you are a HOSPITAL employee or related employee.
Any personal data obtained by the HOSPITAL (including but not limited to sensitive personal data) may be processed for the following purposes:
- Confirming your identity,
- Protection of public health, preventive medicine, medical diagnosis, execution of treatment and care services, planning and management of health services and financing.
- Sharing the requested information with the Ministry of Health and other public institutions and organizations in accordance with the relevant legislation.
- Planning and managing the internal functioning of our Hospitals and Medical Centers and daily operations.
- Measuring, increasing and researching patient satisfaction by the Hospital Management, Patient Rights, Patient Experience departments.
- Supply of medication.
- Being able to inform you about the appointment in the case that you make an appointment.
- Carrying out risk management and quality improvement activities.
- Analyzing with the aim of improving health services.
- Financing your health services, covering your examination, diagnosis and treatment expenses by the Patient Services, Financial Affairs, Marketing departments, sharing the information requested with private insurance companies within the scope of the plausibility inquiry.
- Conducting research.
- Fulfilling legal and regulatory requirements.
- Sharing requested information with private insurance companies within the scope of financing health services.
- Carrying out risk management and quality improvement activities by the Quality, Patient Experience, Information Systems departments.
- Invoicing for our services by the Patient Services, Financial Affairs, Marketing departments and confirming your relationship with the contracted institutions.
- Providing information on campaign and participation in campaigns by the Marketing, Media and Communication, Call Center departments, designing and conveying special content, tangible and intangible benefits on web and mobile channels.
Your Personal Data obtained and processed in accordance with the relevant legislation can be transferred to the physical archives and/or information systems of Private Sen Jorj Austria Hospital, and can be kept in both digital and physical environment.
- Transfer of Personal Data
Within the scope of the Law and other legislation and for the above-mentioned purposes; your personal data may be shared by the HOSPITAL with Private insurance companies, the Ministry of Health and its sub-units, the Social Security Institution, the General Directorate of Security and other law enforcement agencies, the General Directorate of Population, the Turkish Pharmacists’ Association, the Courts and all kinds of Judicial authority, central and other third parties, representatives authorized by you, lawyers, tax and financial consultants and auditors from which we receive consultancy, our business partners and other third parties we cooperate to develop or carry out health services for the above-mentioned purposes, including regulatory and supervisory institutions, official authorities.
- Method and Legal Reason for Obtaining Personal Data
Your personal data is collected and processed in all kinds of verbal, written, visual or electronic media for the purposes stated above and for the HOSPITAL to carry out all kinds of work within the scope of its activity within the legal framework, and in this context, for the HOSPITAL to fully and properly fulfill its contractual and legal obligations. Legal reason for the collection of your personal data;
- Law on Protection of Personal Data No. 6698,
- Fundamental Law of Health Services No. 3359,
- 663 Decree-Law on the Organization and Duties of the Ministry of Health and its Affiliates,
- Private Hospitals Regulation,
- Regulation on the Processing of Personal Health Data and Protection of its Privacy,
- Ministry of Health regulations and other legislation provisions.
In addition, as stated in paragraph 3 of Article 6 of the Law, personal data related to health and sexual life can be processed by persons or authorized institutions and organizations that are under confidentiality obligation without seeking the explicit consent of the person concerned only for the purposes of protecting public health, preventive medicine, medical diagnosis, execution of treatment and care services, planning and management of health services and financing.
- Your Rights Regarding the Protection of Personal Data
In accordance with the law and relevant legislation;
- Learning whether personal data is processed or not,
- If personal data has been processed, requesting information about it,
- Accessing and requesting personal health data,
- To learn the purpose of processing personal data and whether they are used in accordance with the purpose,
- Knowing the third parties to whom personal data is transferred in the country or abroad,
- Requesting correction of personal data in case of incomplete or incorrect processing,
- Requesting the deletion or destruction of personal data,
- Requesting notification of the third parties to whom the personal data has been transferred, regarding the correction of personal data and/or the deletion or destruction of personal data in case of incomplete or incorrect processing of personal data,
- You have the right to object to the emergence of a result thorough analyzing the processed data exclusively through automated systems against the person himself.
If you exercise one or more of your aforementioned rights, the relevant information will be communicated to you in a clear and understandable way in writing or electronically, through the contact information provided by you.
- Data Security
HOSPITAL protects your personal data in full compliance with all technical and administrative security controls that must be taken in accordance with information security standards and procedures. The said security measures are provided at a level appropriate to the possible risk, taking into account the technological possibilities.
- Complaint and Communication
Your personal data is meticulously protected within technical and administrative possibilities, and necessary security measures are provided at a level appropriate to possible risks, taking into account technological possibilities. You can send your requests within the scope of the law, by filling out the “Application Form In Accordance With the Law on the Protection of Personal Data” at the website www.sjh.com.tr/kvkk;
- (i) You can send a petition with your wet signature to the attention of the “Management Institutional Secretariat” department by writing “Information Request Under the Law on Protection of Personal Data” on its envelope to the address of Sen Jorj Austrian Hospital Bereketzade mah. Bereketzade Madrasa St. No: 7 Beyoğlu/İSTANBUL, Turkey,
- (ii) It can be sent through a notary public,
- (iii) You can send it with secure electronic or mobile signature to email@example.com, via your registered e-mail address or your e-mail address registered in our system, and/or
- (iv) you can prepare a file addressing the HOSPITAL in the “word or pdf.” format and deliver it to the email address of firstname.lastname@example.org by signing it with a secure e-signature and by noting “Information Request on the Protection of Personal Data” in the subject line.