Personal data protection is of great importance to all individual and Medisys is committed in protecting and securing personal data. In this Policy, when we use "we", "us" or "our", we refer to the company (Medisys) which is collecting your personal data, or which is operating the website which you are accessing or using.
This Policy applies to all personal data that you may provide to us. By providing us with your personal data, you shall be deemed to have agreed to each and all the terms, conditions, and notices in this Policy.
As used in this Policy, “customer” means an individual who (a) has contacted us through any means to find out more about any goods or services we provide, or (b) may, or has, entered into a contract with us for the supply of any goods or services by us; and “personal data” means data, whether true or not, about a customer who can be identified: (a) from that data; or (b) from that data and other information to which we have or are likely to have access.
Other terms used in this Notice shall have the meanings given to them in the PDPA (where the context so permits).
COLLECTION, USE AND DISCLOSURE OF PERSONAL DATA
What personal data is collected
Depending on the nature of your interaction with us, the data may be collected through our website, over the phone, by email, or in person when you meet our staff or representatives. The data collected may include, but is not limited to: your contact information, including your (first and last) name, (billing and/or delivery) address, birthdate and email address and, optionally, your telephone number. We need your e-mail address and (optionally) telephone number so that we may contact you if we have questions or information for you regarding your order or the service that we are providing or will provide to you.
What personal data is stored in our system
Hospitals and clinics (“Customers”) entered into a Service Agreement with us and then authorize their healthcare staffs (“Authorized Users”) to use our software application. Customers and Authorized Users are responsible for determining uses and disclosures of patient medical information maintained in the Medisys software applications, in accordance with their legal and professional responsibilities as health care professionals and PDPA guidelines.
As Medisys is a software solution provider to clinics and hospital. We may also store patient’s data on behalf of our customers.
Medisys ensured that this information stored in our system is secured, used and disclosed only in accordance with our legal obligations as a service provider.
WITHDRAWING YOUR CONSENT
Request for withdrawal of personal data from hospitals/clinics shall be put to and handled by our customers directly with their clients.
Request for withdrawal of personal data collected for other purposes (e.g. job applicants) will be reviewed internally by Medisys. Please contact Medisys hotline directly for any such request.
ACCESS TO AND CORRECTION OF PERSONAL DATA
Request for access and correction of personal data stored in our software application shall be put to and handled by our customer directly with their clients.
Personal data collected are for employment application and engagement. Staff personal data can be corrected through company HR system by HR administrator upon validation.
PROTECTION OF PERSONAL DATA
Medisys practiced the following to protect your personal data:
- We do not share information with any third parties without the consent of our customers.
- We bind our employees through privacy and confidentiality agreement.
- To safeguard clinic’s data, all electronic storage and transmission of data is secured with appropriate security technologies.
ACCURACY OF PERSONAL DATA
Medisys will validate the personal data provided by you with the relevant documents during our engagement with you.
RETENTION OF PERSONAL DATA
Hospital/clinic’s data will be retained according to our customer’s organisation data retention policy.
For other personal data collected by Medisys directly (e.g. for job employment), it will be retained as long as it is necessary to fulfill the purpose for which it is collected or for business or legal purposes, or in accordance with applicable laws.
TRANSFERS OF PERSONAL DATA OUTSIDE OF SINGAPORE
Medisys generally do not transfer personal data outside Singapore. If there is a need to transfer personal data to a country or territory outside Singapore, it will be according to requirements prescribed under the PDPA.
DATA PROTECTION OFFICER
EFFECT OF NOTICE AND CHANGES TO NOTICE
This Notice applies in conjunction with any other notices, contractual clauses and consent clauses that apply in relation to the collection, use and disclosure of your personal data by us.
We may revise this Notice from time to time without any prior notice. You may determine if any such revision has taken place by referring to the date on which this Notice was last updated. Your continued use of our services constitutes your acknowledgement and acceptance of such changes.