Assunta Hospital – Personal Data Protection Notice
Assunta Hospital respects and is committed to protect your personal data/information, shared with us in strict accordance with the requirements of the Personal Data Protection Act, Malaysia, 2010 (PDPA).
Please read this Notice carefully as it contains important information about how we process and use your personal data.
A) Source of the Personal Data
Your personal data is collected from various sources, including information you have provided us, information from third parties and information in the public domain. You are the ‘ Data subject’ and may have supplied and may continue to supply, from time to time, your personal data (including sensitive personal data) and information (“data”) by use of our healthcare services or health-related services, enquiring about us or our services, participating in our promotional activities, through business relations with us and/or for administrative purposes in compliance with any laws.
It is obligatory that you supply us with your personal data. If you fail to supply us with such personal data, we may not be able to process your data to enable us to serve you.
B) Description of the Personal Data
Your personal information may include your title, NRIC number, contact details, occupation, age, gender, marital status, weight, height, race, religion, family or next of kin information, financial and banking account details, medical history and information and other personal information including sensitive data information.
C) Obligatory personal information
Your personal information is collected and further processed by Assunta Hospital as required or permitted by law and to give effect to your requested service, including the following:-
- to process your requested medical services;
- to facilitate your participation in any forthcoming events;
- to administer and communicate with you in relation to our services and/or events;
- to facilitate your medical management within Assunta Hospital, including sharing your personal data with other independent consultants within Assunta Hospital for purposes of peer review;
- to administer and communicate with you in relation to your medical management;
- to process your credit facility application;
- to assess your credit worthiness;
- to administer and give effect to your commercial transaction (tender award, contract for service, consignment agreement, etc);
- to process any monies due to you;
- for insurance purposes to facilitate your guarantee letters;
- to operate our premises in a manner which is physically safe, secure and befitting of health and safety requirements in accordance with statutory guidelines;
- for internal investigations, audit or security purposes;
- to conduct internal statistical analysis and analysis of patient’s case studies;
- to comply with Assunta Hospital’s legal and regulatory obligations in the conduct of its business;
- to contact you regarding products, services, upcoming events, promotions, advertising, marketing and commercial materials which we may feel to be of interest to you;
- to ensure that the content from our website is presented in the most effective manner for you and your computer and /or electronic devices;
- furnishing us details of your visitors for screening purposes;
- for Assunta Hospital’s internal records management; and
- Utilising such information for purposes of debt recovery in the event of any monies due and owing from you and/or companies;
In addition, we may from time to time request for certain other personal information that may be relevant for the purpose of providing our services to you.
All information requested for in the relevant forms is obligatory to be provided by you unless stated otherwise. Should you fail to provide such information, we would not be able to process your request and/or provide you with relevant services, as stated above.
D) Disclosure of the Personal Data
Your personal data may be disclosed to the following parties, where relevant:-
1. Healthcare professional (as defined in PDPA)
3. Government agencies, local authorities, non government agencies
4. Paying and insurance agents
5. Debt collection authorities and agencies
6. Financial institutions
7. Legal firms
10. Other private and public hospitals
11. Other Healthcare providers
12. Training providers
13. Family and next of kin
14. To such parties as may be required by law, court, regulator or legal process to disclose
15. To such parties as may be permitted under the laws of Malaysia
16. Any other person which Assunta Hospital may deem necessary
In relation to item 6 above, in the event of any default in payment where the amount
in default is not fully repaid on or before the due date, we may give or disclose your data to relevant debt recovery parties.
Your data held by us will be kept confidential and we do not give or disclose your data to unaffiliated third parties without your consent.
E) Access and Update of Personal Data
We shall do our best to ensure that the personal data we hold about you is accurate, complete, clear and up-to-date. If there are any changes to your personal data or if you believe that the personal data we have about you is inaccurate, incomplete, misleading or not up-to-date, please contact us so that we can make the necessary changes to your personal data.
You have the right to access your personal data. If you would like to request access to your personal data, please contact us. We recommend that your request for access to your personal data held by Assunta Hospital be made in writing. Your identity will have to be verified before your request is fulfilled.
In accordance with the PDPA:
- Depending on the information requested, we may charge a fee as stipulated in the First Schedule (Regulation 2) of Personal Data Protection [Fees] Regulations 2013 for processing your request for access; and
- We may refuse to comply with your request to access or make a correction in accordance with PDPA subject to other operating laws or valid reasons.
We retain data for as long as necessary for its legitimate business purposes, and as otherwise permitted by applicable law.
You may contact our Data Protection Officer for any enquiries or if you wish to lodge a complain relating to misuse or suspected misuse of your data, access your data, request to make changes or if you would like us to stop processing your data.
[note color=”#e6dfc7″]The Data Protection Officer,
Tel No: 03-78723162/ 78723191
E-mail Address : firstname.lastname@example.org[/note]
This Notice maybe reviewed and updated from time to time to reflect changes in the law on privacy matters.
Please check this notice occasionally to ensure that you are aware of the most recent version.
Assunta Hospital will endeavour to update this site and keep it current.
By providing us your data and the continued usage of our services, is deemed as your consent for us to collect, process and store your personal data in accordance with the above.
Where you have indicated your consent to receiving marketing or promotional updates from Assunta Hospital, you may opt-out from receiving such marketing or promotional material at any time. If you do not wish us or other parties to communicate marketing offers to you, you may email to us at the above e-mail address or contact Assunta Hospital directly.
We would also like to protect your privacy as far as visitors are concerned. It would help us greatly if you specify your preferences as to who is allowed, family or friends, to visit you during your stay here. We also require you to list down a next of kin contact, for us to verify any visitors before proceeding to allow them to visit you, in the event you are incapacitated.
Providing us with a list of person(s) allowed to visit you, is optional. However, please note that in the event you do not specify who is allowed to visit, and your preference is that visitors are allowed, then there will be no restriction.
Please indicate your preference on the admission form during the admission process.
G) Private Healthcare Facilities and Services Act 1998
As a private healthcare facility, Assunta Hospital is governed by other specific laws and guidelines, e.g. Private Healthcare Facilities and Services Act 1998 (“PHFSA”), Ministry of Health guidelines, etc. As such, your right to access personal data may be restricted if it is regulated under any other law where certain data may not be accessible.
The Management, Assunta Hospital