The user (patient) is obliged to read these General Terms and Conditions carefully. By continuing the booking or registration when the "terms and conditions and privacy statement" are presented, the user indicates to be fully informed and to accept the content thereof.

These terms and conditions can be changed. When these conditions are changed, the new version will be placed on the website. With every new appointment, the patient is asked to accept the most recent terms and conditions. Appointments can be canceled or rescheduled free of charge up to 48 hours in advance. If this happens later or the consultation is not fulfilled, the consultation must be fully reimbursed.

The patient declares on his honor that the information he provides, whether it is information relating to his personal identity or information from others, is genuine and genuine. The patient is informed that the use of a false identity and the distribution of false information can lead to civil and / or criminal prosecution.

The use of the services of the online agenda is strictly reserved for adults. Minors cannot send a request for consultation to a practitioner and will only be able to submit a request for consultation through their legal guardian. In the event that a minor uses a service without the permission of his legal guardian, Feles bvba disclaims any liability.

This website is owned by rugkliniekmoonens, part of Feles bvba.

Contact details
Rugkliniek Moonens

Dekenstraat 21, 1500 Halle (Belgium)

Telephone: 0475 84 91 75
Email: info@rugkliniekmoonens.be

By accessing and using the website you explicitly agree to the following terms and conditions.

Intellectual property rights

The content of this site, including brands, logos, drawings, data, product or company names, texts, images and the like are protected by intellectual rights and belong to rugkliniek moonens or entitled third parties.

Limitation of liability

The information on the website is of a general nature. The information is not adapted to personal or specific circumstances, and can therefore not be considered as personal, professional or legal advice to the user.

Rugkliniek moonens makes great efforts to ensure that the information provided is complete, correct, accurate and updated. Despite these efforts, inaccuracies may occur in the information provided. If the information provided contains inaccuracies or if certain information is unavailable on or via the site, rugkliniek moonens will make the greatest possible effort to rectify this as quickly as possible.

Rugkliniek moonens can not be held liable for direct or indirect damage resulting from the use of the information on this site.

If you find inaccuracies in the information made available through the site, you can contact the site manager.

The content of the site (including links) can be adjusted, changed or supplemented at any time without notice or notification. Rugkliniek moonens gives no guarantees for the proper functioning of the website and cannot be held liable in any way for malfunctioning or temporary (un) availability of the website or for any form of damage, direct or indirect, that would result from the access to or use of the website.

Rugkliniek moonens can in no case be held liable to anyone, directly or indirectly, in a special or other way for damage due to the use of this site or of another, in particular as a result of links or hyperlinks, including, without limitation, of all losses, work interruptions, damage to programs or other data on the computer system, of equipment, software or other of the user.

The website may contain hyperlinks to websites or pages of third parties, or refer to them indirectly. The placement of links to these websites or pages in no way implies an implicit approval of their content.

Rugkliniek moonens explicitly declares that it has no control over the content or other characteristics of these websites and can in no way be held liable for the content or characteristics thereof or for any other form of damage caused by its use.

Applicable law and competent courts.

Belgian law applies to this site. In the event of a dispute, only the courts of the Brussels district have jurisdiction.

Privacy policy: Collection and use of personal data

Back clinic moonens attaches great importance to your privacy. We always use your personal data in an honest, reliable and transparent manner for specific, explicit and legitimate purposes. You have the right to be clearly informed about how we use your personal information. We will always be transparent to you about the data we collect and how we use it. If you are concerned about how we use your personal information, we will help you understand our treatments. We will take all reasonable steps to protect your information against misuse and to keep it safe. We are bound by all European and national privacy rules and, where necessary, work together with your national privacy supervisory authority.

Personal data can be used to identify or contact one person directly or indirectly.

Feles bvba ensures that only data that is available on time and that is relevant to what is necessary to pursue the stated purposes is collected, processed and stored. No legal provision requires you to send us the personal information that we request, but if you do not provide this information, it may prevent us from providing the required service, answering your questions or adapting our services to your needs.

Although most information on this site is available without having to provide personal information, it is possible that the user may be asked for personal information. This information will only be used in the context of the monthly e-newsletter and sporadic e-mail or correspondence about updates regarding the activities of back clinic moonens. The user can, free of charge and upon request, always oppose the use of his data for direct marketing. To that end, he will turn to moonens back clinic, Dekenstraat 21, 1500 Halle. Your personal data will never be passed on to third parties.

In accordance with the Personal Data Processing Act of 08/12/1992, the user has a legal right to inspect and possibly correct his personal data. Provided proof of identity (copy of identity card) you can obtain a written communication of your personal data free of charge via a written, dated and signed request at the moonens back clinic, Dekenstraat 21, 1500 Halle. If necessary, you can also request to correct the data that would be incorrect, incomplete or not relevant.

Back clinic moonens may collect anonymous or aggregated data of a non-personal nature, such as browser type or IP address, the operating program you use or the domain name of the website from which you came to our website, or via which you leave it. This makes it possible for us to constantly optimize our website for users.

The use of cookies.

During a visit to the site, cookies can be placed on the hard drive of your computer for the sole purpose of better tuning the site to the needs of the returning visitor. These mini files or cookies are not used to track the surfing behavior of the visitor on other websites. Your internet browser allows you to prevent the use of cookies, to receive a warning when a cookie is installed or to remove the cookies from your hard disk afterwards. Consult the help function of your internet browser for this.

 

Data protection policy

Feles bvba

Table of contents


1 The importance of data protection

2 Scope

3 The organization of data protection

4 Scope of the data protection policy

5 Processors of patient files and their powers

6 Internal and external consultation of patient files, rights and obligations of processors

7 The nature of the data processed and the way in which it is obtained

8 Risk management

9 Retention periods

10 Rights and possibilities of defense of the patient in the context of the protection of privacy

11 Policy objectives for data protection

12 Entry into force and changes

1 The importance of data protection

Feles bvba attaches great importance to the correct protection of the data it processes, in particular personal data. By means of this policy, Feles bvba wants to establish at a strategic level how data is protected, which responsibilities have been assigned to this and what priorities Feles bvba has determined with regard to data protection.

In particular, Feles bvba wants to protect the data of customers and the personal data they provide against:

loss: data is no longer available

leaks: data ends up in the wrong hands

errors: data is incorrect, for example outdated or incomplete

not accessible: data is not accessible at the time of care

Unauthorized viewing: viewed by persons who are not authorized to do so

being unable to trace who viewed, changed or deleted the data

processing that is not in line with regulations, guidelines and standards

In this policy, De Feles bvba wants to appeal to everyone involved in electronic and paper processing to work together, from a common vision and from our joint desire to provide quality services, to process our personal data correctly. .

This data protection policy goes deeper into the protection of the privacy of, and more specifically, informational, privacy. This data protection policy serves as a standard for the processing of the personal data of customers and their insured by Feles bvba. It is a guideline for all processing processes and offers a reference standard for audit and control. The data protection policy offers every stakeholder, employee or involved external person an insight into the data protection policy and the way in which we handle sensitive personal data.

The handbook is also written for anyone who has a position within Feles bvba where personal data is processed. They use (parts of) this data protection policy to design procedures and guidelines for employees and external parties, such as IT suppliers. The relevant parts of this data protection policy are processed in agreements with staff and suppliers.

2 Scope

It is the management who, at the start of the employment contract, decides in accordance with the available procedure to which applications and with which rights the employee may access.

Patient information:

Patient care: Making a diagnosis, providing (medical, paramedical, nursing and psycho-social) care or treatment to the person concerned or a relative or the management of the services, in the interest of the person concerned;

Patient registration: Registering client data for internal government-imposed purposes, as well as for research, treatment and policy purposes, as well as monitoring client performance for invoicing purposes;

Medicines and natural pharmaceutical remedies: Processing related to drug follow-up and posology;

Patient administration and quality of care: Collection and processing of all data relating to medical and paramedical diagnostic and therapeutic practices administered to clients with the aim of improving the quality of care;

Complaint handling: The registration of personal data of clients and / or their confidential advisors in order to be able to mediate the complaints made. Registering complaints.

Specific medical data regarding illness, accident, surgery and medication as well as system history.

Staff information:

All employees who come into contact with personal data in the performance of their duties, and in particular HR employees who come into contact with personnel data, will sign a confidentiality clause as an addendum to their contract.

All applicants, volunteers and trainees who come into contact with personnel data will sign a confidentiality clause as an addendum.

3 The organization of data protection

Competence

As the controller, d

he competence of this policy at Feles bvba, represented by Tine Moonens. She is responsible for formulating and determining, and supervising, compliance with the policy principles within Feles bvba.

Responsible implementer

Feles bvba acts as the formal decision-maker for data protection. He / she is authorized to make decisions that relate to the following aspects:

The risk analysis and associated methodology;

Developing the data protection policy and the accompanying guidelines;

The implementation of security measures (i.e. the content of the security plan)

The structural response to data protection problems and advice (within 3 months);

The employee

Anyone (internal or external) who processes data (for example, view, register, change, etc.), does this according to the policy principles in this policy manual. The user processes data in accordance with the duty of discretion and in accordance with the following principles:

Is responsible for the data of residents he / she processes

Carries out the safety guidelines during his / her processing order.

Only processes the data that belongs to the task

Is responsible for the data

Reports breaches

Complies with article 458 of the Criminal Code: The user respects professional secrecy.

IT employee or key user

In addition to the user's responsibilities, the IT employee or key user is responsible for:

The implementation of the technical measures

Implement the safety settings in line with this policy manual.

Report the safety problems that arise before, during or after the implementation of IT resources to the DPO

To act as an expert. From this role he / she participates in the identification as well as in the remediation of the data protection risks

Comply with the code of conduct.

IT supplier

The IT supplier has the same responsibilities as those of an IT employee. Additional:

He points out the safety risks of delivered applications

The supplier points out the safety tasks to be included.

Does the supplier pursue a transparent data protection policy by communicating about its own current security level and when dealing with security incidents.

4 Scope of the data protection policy

This policy applies for the entire life of information within Feles bvba, from obtaining information to the eventual removal of information within the organization.

This policy applies to all Feles bvba

The office of Feles bvba and of the respective centers for outpatient rehabilitation and the back clinic, located at Dekenstraat 21, 1500 Halle.

All staff members, both internal staff and external parties and persons on an independent basis who are employed at Feles bvba for a fixed or indefinite period.

All assets and information processing systems managed by Feles bvba, as well as systems managed by external parties for the benefit of information processing for Feles bvba such as databases, information regardless of its carrier, networks, data centers, etc.

All processing activities, both as a controller and processor.

For certain domains or processes within Feles bvba, additional guidelines or procedures can be worked out that describe in detail what measures are being taken to achieve the desired level of data protection. This policy is the framework for all other guidelines or procedures.

In view of the important role of IT suppliers in setting up the IT environment to process data, the policy handbook also lays down the policy principles for this.

5 Processors of patient files and their powers

All employees and employees of the osteopathy practice and back clinic who need access to health-related personal data for the performance of their duties are required to strictly observe the confidential nature of the data concerned.

The following persons are responsible for processing the personal data of patients, within the limits of their assignment and for the purposes specific to this assignment:

The personal data concerning health are compiled and processed under the supervision of the osteopath, mentioned under art. 5, in the cases as described in art. 7 §2 W.B.P.L. and Article 9 GDPR • The doctors are responsible for the collection and processing of patients' personal data in the medical services or in the departments in which they work. They are also responsible for their authorized representatives.

The staff members and independent professionals associated with the various nursing and paramedical services draw up the processing modules of the patient files for which they are respectively responsible.

The staff members of the medical secretary 

The system and medical administration are responsible for processing the personal data in the patient files. Attention is paid to forwarding certificates, reports, etc. These can only be sent to the patient himself, or to those care providers that the patient has passed on in writing.

The staff of the reception, billing and accounting department are responsible for processing the personal data in the patient files, for billing purposes, medical registration, debtor follow-up and policy information.

The staff of the IT department are responsible for the technical processing of personal data into anonymised data for purposes imposed by the government. In addition, they come into contact with personal data in the context of problem-solving activities, internal efficiency increases or similar applications.

The staff members associated with a patient-accompanying service are responsible for processing the personal data in the patient files for the purpose of follow-up or within the social, psychological, palliative or pastoral service respectively.

The staff members of the ombuds service are responsible for processing the personal data in the patient files, in the context of the ombuds function.

6 Internal and external consultation of patient files, rights and obligations of processors

6.1 Internal

The internal consultation and processing of the patient files is carried out by the persons as described in point 5. However, this right is limited in the context of their assignment and the processors do not have access to the personal data that are not necessary for the performance of their assignment.

When processing personal data, processors have a duty to process the personal data fairly and lawfully. They have a duty not to process the personal data other than for the purposes stated in point 5 of this regulation.

Internal auditors can view patient records or applications for quality control purposes. This is linked to a confidentiality statement.

In addition, processors are obliged to maintain confidentiality when processing personal health data and are under the supervision of the chief physician, the nursing director and the data protection officer.

6.2 External

Within the framework of art. 7, paragraph 4, W.B.P.L. following categories of authorities are entitled to it

obtaining data from the patient files:

Insurance institutions insofar as imposed by or pursuant to the law or with the consent of the patient;

The patients involved or their appointed - provided that the signed application form is available for inspection and a copy of the patient file;

Government agencies that are authorized to do so by government decision;

External healthcare providers of the patient;

Mutualities;

Other authorities, insofar as imposed by or pursuant to the law or with the consent of the patient;

Software and hardware suppliers for support. A specific statement is signed for this (remote access policy) to guarantee the privacy of this data.

7 The nature of the data processed and the way in which it is obtained

The nature of the data is recorded as follows:

Identification data, including the national register number

Financial and administrative data with regard to admission and invoicing, including membership of the health insurance fund

Health, paramedical and nursing data, broken down into the following applications:
- health data
- nursing data
- paramedical data
- medicines

Social Information

Other data necessary for carrying out the purposes determined or imposed by law (legal data).

8 Risk management

All necessary provisions are made to promote the accuracy and completeness of the recorded data. The necessary technical and organizational measures are also taken to protect the patient files against loss or corruption of the data and against unauthorized access, change or provision thereof.

If applicable, a brief risk analysis will be performed.

9 Retention periods

With due observance of any legal requirements, counting from the last discharge or the last treatment of the patient, for the personal data that allow identification, a retention period of:
- 10 years for the billing data from the patient files that serve as accounting justification;
- 30 years for the medical details;
- 5 years for all other data from the patient files;
- 1 year for the completed files of the ombudsman service (after preparation of the annual report).

If the retention period has expired, the relevant personal data will be deleted from the files and destroyed within a period of one year. For the medical module staff 

ricto sensu this can only be done with the agreement of the treating hospital doctor (s) or, in the absence thereof, by the chief physician.

However, there is no destruction if:
- the storage is required on the basis of a legal regulation;
- the custody is considered to be reasonably important from a medical point of view or from the life expectancy of the patient, or from the defense of his legitimate interests or those of his successors in title;
- there is an agreement between the patient and the treating hospital doctor or, in the absence of this, the chief physician about the custody.

If the data in question has been processed in such a way that conversion to individuals is not reasonably possible, they can be kept in anonymous form.

10 Rights and possibilities of defense of the patient in the context of the protection of privacy

The patient, who proves his identity, has the right to be informed by the controller of:
- the existence or otherwise of processing of data relating to him,
- the purposes of these processing operations,
- the categories of data to which these processing operations relate,
- the categories of recipients to whom the data are provided,
- the data itself that is being processed and all available information about the origin of that data unless access to this data is excluded from the right of access by law.

Anyone may object, free of charge and without justification, to the processing of data for direct marketing purposes.

With regard to the collection of personal data relating to the patient, this is related to the information referred to in art. 4 W.B.P.L. mentioned topics informed via:
- the website of Feles bvba.

In addition, every patient has the right to be informed, either directly or with the help of a health care professional, of the personal data that are processed concerning his health. This request for inspection or copy must be addressed to the general management.

If the patient is of the opinion that the provisions of these regulations are not being complied with or has other reasons to complain about the protection of his privacy, he can always turn to the person (s) mentioned in §5 and to the general management.

Without prejudice to all the internal remedies and defenses listed above, the patient may, in accordance with art. 13, 14 and 63 e.v. W.B.P.L. respectively turn to the President of the Court of First Instance and to the Data Protection Authority, Hoogstraat 139 - 1000 BRUSSELS

11 Policy objectives for data protection

Feles bvba, both in its role as controller and in its role as processor:

Is transparent about the personal data that it processes and the processing purpose, both to the data subject, the clients, the course participants, and the supervisors. The communication is honest, easily accessible and understandable. The transparency principle also applies when the personal data are exchanged.

Only processes the data that are relevant to the performance of its duties. Every task involving the processing of personal data is lawful. This means, among other things, that the processing is in accordance with the legal and statutory objectives of the back clinic. This is evaluated each time for a new processing purpose, where necessary on the basis of a data protection impact assessment (DPIA).

Only processes personal data that is strictly necessary for the implementation of the activities. In this way, identifiers associated with the personal data are reduced to a minimum.

Supervises the integrity of the personal data during the entire processing cycle.

Does not store data longer than necessary. The necessity has been tested against legal obligations and the rights and freedoms of the person concerned.

Prevents breaches that result from the processing of personal data. Information security, data protection in design and privacy-friendly default settings are tools for this. When an infringement takes place, this is reported in line with the relevant regulations.

Is able to execute all applicable rights of a data subject, such as the right to view, copy and possibly also delete. Feles bvba monitors the possible limitations that apply to these rights.

Actively ensures that the rights and freedoms of the data subject are safeguarded when processing the personal data for a specific purpose.

Processes data in line with the rights and freedoms that apply in the European Economic Area and checks its application when the data is exchanged outside it. Feles bvba therefore complies with all legal and normative frameworks (i.e. both Flemish, Federal and European rules) in the processing of personal data and has therefore clearly mapped out its responsibility over the personal data and that of others.

Is able to demonstrate compliance with all policy objectives, in accordance with legal provisions. This accountability is monitored by internal supervision and control and is enforceable in accordance with the legally applicable principles.

12 Entry into force and changes

This version of the privacy policy will enter into force on May 25, 2018

 

The Dutch version of these conditions always prevails over the translated versions.

team Rugkliniek Moonens: Tine, Jan en Gwendolyn