Doctena GDPR Privacy Center

Summary

Summary

Introduction

This document is intended for future and existing customer (practitioners) as well as for gateway partners. It describes where, why and how Doctena S.A. and it’s subsidiaries implement Security and Compliance for the services they offer.

The document starts with the compliance part, by describing which different roles and responsibilities the patients, practitioners, gateway partners and Doctena take in the context of GDPR. This part also highlights some important elements on how we enforce compliance using data processing agreements.

Click here to sign your Data processing agreement with Doctena

GDPR-Roles-Flow-EN-v2

Compliance

GDPR

The General Data Protection Regulation (GDPR) sets the bar high in regards to protecting the integrity of the individual in the EU. GDPR is the European regulation for protecting personal data, applying to all organizations (including medical practices) operating within the EU, but also for any non-EU organizations that process data of people in the EU. The definition of personal data under GDPR has been boiled down into “any information allowing to identify a person”. The purpose of GDPR is to harmonize the data protection laws across all member countries of the EU to strengthen the integrity of the individual. The law is in effect since May 25th, 2018.

GDPR applies to both data controllers and data processors. The data controller is the party who determines the purposes and the manner in which the collected personal data is processed. While the data processor is a third-party entity processing personal data on behalf of the controller. Doctena is very clear and transparent in this: The practitioner is controller and owner of their patient/appointment data.


Roles and responsibilities

Doctena is both a data controller and a data processor but for different parts of the data.

1. As a cloud calendar company providing a service to practitioners, Doctena mainly acts as a data processor. We process data on behalf of the practitioner who defines what happens with this data (modification, removal, transfer, GDPR rights …) and the practitioner remains owner of the data. This data includes the Patient profile, the appointment data and the optional doctor/patient notes linked to the appointments. This also applies when the practitioner implements a synchronisation with our services using a gateway provider.

2. For patients with a Doctena account, Doctena plays the role of controller only for the account data (preferences, name, address, phone, email, address, ratings, etc.) which is there only to facilitate the management of the patient’s appointments using our online services. During each booking, we basically copy the data from the Doctena account into the Doctor patient profile and appointment, from where on this copy becomes controlled by the practitioner. As part of the Doctena account we also control a logical link to the Doctor appointments, allowing us to show the patient’s practitioners and appointments.


Different flows of information

In the below diagram you see the three ways personal information can flow from the patient into our systems.

Patient

The patient is the person using the Doctena services directly or indirectly through the practitioner to find and manage their medical appointment. In GDPR terms, the patient is always the data-subject (final owner of personal data) and always has the right to define what happens with its data unless there are legal obligations to the request (eg. court order, criminal investigation, …)


Practitioner

The practitioner is the person or legal entity that sub-contracts Doctena to provide them an online agenda and to collect the related patient data. The practitioner is the final receiver of the patient’s data (DOCTOR-PATIENT) and defines the purpose of processing and data collection. It is their responsibility to ensure the patient data is handled securely and according to the regulation when selecting sub-contractors like Doctena or a Doctena connected gateway partners. This security enforcement is done in good confidence and by the use of data processing agreements provided by Doctena that clearly define what Doctena is allowed to do with the data in name of the practitioner, and what is the level of security Doctena implements to protect this data.

In GDPR terms, the practitioner is always the controller (Main responsible) of the patient data and the related appointment data (DOCTOR-PATIENT)


Gateway partner

Many different medical softwares exist and are in use by practices/cabinets internally. Gateway partners are legal entities (sometimes the same as the medical software provider) that are specialized in linking some data from the medical software with the Doctena services. For integrations with Doctena only the practitioner’s data (DOCTOR-PATIENT) is concerned. This can be from the medical software to Doctena, from Doctena to the medical software, or in both direction depending on the needs of the practitioner. Doctena also provides external plugins like calendar synchronisations (e.g. Cronofy) that sync Doctena agenda’s to exchange, gsuite, outlook, … which are also considered as gateway partners.

In GDPR terms, Gateway partners are always processors (sub-contractor) of the practitioner. The practitioner must have a data processing agreement in place with the gateway partner in which the practitioner clearly defines what can be done with their data and for what purpose and how it is secured. Gateway partners are seen by Doctena as a sub-processor of the practitioner which received the credentials/permissions to act on their behalf. Therefore, no special data processing agreement is required between Doctena and the Gateway partner, unless there is a special additional personal data processing involved that requires additional arrangement.


Doctena

The Doctena group refers to Doctena S.A. and its subsidiaries in the different countries:


Doctena SA – 6 Rue Adolphe, L-1116 Luxembourg (Luxembourg)
Doctena Austria (formally a3L e-solutions) – Mooslackengasse 17, A-1190 Wien (Austria)
Doctena Belgium Sprl – Square de Meeus 37, B-1000 Bruxels (Belgium)
Doctena Switzerland GmbH – Hagenholzstrasse 83b, 8050 Zürich (Switzerland)
Doctena Germany GmbH – Platz vor dem Neuen Tor, 10115 Berlin (Germany)
Doctena Netherlands BV – Barbara Strozzilaan 201, 1083 HN Amsterdam (Netherlands)
Doctena Afspraken Sprl – Square de Meeus 37, B-1000 Bruxels (Belgium


Data processing agreement

Doctena complies with the standards laid down in the regulation and our Terms of Service and Privacy Policy describe how we respect our user’s rights.


We have prepared a Data Processing Agreement (DPA) that is the same for all our customers, which you as practitioners (data controller) can sign with Doctena (data processor) to define how Doctena is allowed to use your data. As part of GDPR practitioners are required to have such an agreement in place with all of their sub-contractors to comply with the regulation, and you should add it to your own GDPR documentation. The DPA describes the GDPR terms, roles and the obligations of the data processing for both the processor and the controller. It includes most of the information we describe in this article.


Click here to sign your Data processing agreement with Doctena


Download sample PDF for Data processing agreement with Doctena


If you are using a gateway integration into our system, you need to make sure you have a data processing agreement in place with this integrator in which you clearly give the mandate to the integrator that you as a data controller allow the integrator to act on your behalf onto your Doctena resources


Processing activities


Doctena defines the following services as part of the sub-contracted processing activities which are always to be taken together:


(i) Management of patient’s data regarding his/her doctors’ appointment and follow-up services;
(ii) Management of the doctor’s agenda/calendar; Including Gateway interfaces used by Gateway partners.
(iii) Management of the IT infrastructure, software, maintenance and administration related to the Principal Agreement services.


The nature of operations carried out on the data for the purpose of (i), (ii) and (iii) are:


Collection, storage and modification of personal information of patient required by the doctor to organize the appointment
Search of patient account using one of its stored personal data
Communications with data subject regarding appointment using email or (mobile) number
Data imports into Doctena services using Doctor provided structured data (e.g. Onboarding)
Automated backup of data

The category of data subject is: Patients.


Because there are multiple types of data that can enter into our systems as part of your usage, we include the most common data categories typically used in our system as part of the data processing agreement. This does not mean you or patients are obliged to share all types of data, but that Doctena is authorized to process on behalf of the practitioner in case it is entered into our doctor/patient notes or during general use of our system. These are the categories and types of data that can be collected by our service:


1.  Personal data of identification: name, title, email, address (private and professional), previous addresses, (mobile) phone number (private, professional), identifiers attributed by
the Controller;
2. Personal details: age, sex, date of birth, place of birth, registry office and nationality;
3. Data of electronic identification: IP addresses, cookies, moments of connection, electronic signature;
4. Data relative to the care: data relative to resources and procedures used for the medical and paramedical care of the patients (e.g. doctor/patient notes, reason of visit);
5. Details of the other members of the family or the household: children, supported people, other members of the household, information on parents and relatives;
6. Pseudonymization: Controls to protect Confidentiality, Integrity and Availability of data (e.g. hashed credentials).
7. (only if option is activated) Data of identification: emitted by public services, e.g. national identification number, social security number, number of ID card, passport.


Patient Consent

All appointments made using our website or widgets you integrate into your own website, inform the patient about the privacy policy and the fact that Doctena processes medical data on behalf of the practitioner. Our services collects and stores this consent, facilitating this process in the name of the practitioner. The practitioner is responsible for managing this consent when the appointment is not booked online and when it is introduced into our systems using a gateway provider


Doctena sub-contractors

When we work with external partners or subcontractors, we require them to apply at least the same security standards as us. We don’t want to have any weak links in our production and operation chains when it comes to security. Doctena publishes a list of its own sub-contractors (cloud, sms, email services…) as part of its data processing agreement. These sub-contractors have been selected on their compliance with the security and privacy rules. We maintain our own data processing agreements with each of these processors (sub-contractors) where we define the purpose of processing and where we enforces at least the same level of security/privacy as is promised to the practitioners in the principal data processing agreement. The processors (sub-contractors) of Doctena are forbidden to process or transfer data in a third country (countries outside EU/EEA, except if they have a valid adequacy decision by the European commission on the protection of personal data). Any change of processor (sub-contractor) of Doctena will be communicated to all controllers (practitioners) who get 14 days to object this change before it is implemented.


Data retention

Due to the legal medical data retention obligations in the different countries where Doctena is active, we decided that all data is stored for 10 years and then anonymized automatically. Data can also at any time be anonymised by the practitioner using the online agenda.


Data subject rights

To facilitate both patients and practitioners to answer frequently asked questions regarding GDPR and to allow them to execute their rights, we have put in place our own Doctena privacy center. Our privacy center will ask you some questions to help you to quickly point you to the information you are looking for.

Open the Doctena privacy center


When we receive requests to execute GDPR rights (right to rectification, right to deletion, …) these requests are processed and validated internally by the Chief information security officer (CISO) or specially trained support officer. If the request is valid, two types of actions can take place depending on the type.

For DOCTOR-PATIENT related requests, the request is always forwarded to the controller (practitioner). Only if they give their explicit consent for the action, Doctena will execute the request.
For DOCTENA-ACCOUNT related requests, the request is executed without involvement of the practitioner

We promise in our data privacy policy that any such requests will be executed within one month giving both parties sufficient time to respond. Any important security incidents/requests are forwarded and personally followed up by our CISO ensuring they get immediate response/action.

Notifications

Doctena will notify the controller (practitioner) per email of any personal data breach not later than 48 hours after having become aware of it. The notification will be sent along with any necessary documentation to enable the controller (practitioner), where necessary, to notify this breach to the competent supervisory authority.

Data processing and storage location

Doctena’s server infrastructure is hosted on Amazon Web Services and only uses data centers located in the Frankfurt region (eu-central-1) to ensure the data never leaves the EU. Amazon Web Services is fully compliant with GDPR for which you can get additional information on the link below.


https://aws.amazon.com/blogs/security/all-aws-services-gdpr-ready/



Why an external data protection officer?

We could have chosen to assign an internal DPO, but because we wanted to be very transparent to the patients, practitioners and authorities, we chose to assign this role to an external impartial company that is specialized in data privacy and the evolution of the regulation. They act as intermediate between data subjects (patients) and Doctena to ensure the patient’s rights are properly executed. Upon non-compliance by Doctena, the DPO has the obligation to notify this to the related authorities. This forces us to stay on top of the requirements and their yearly audits and our regular meetings helps Doctena to remain compliant

Kemal Webersohn, LL.M

WS Datenschutz GmbH
Meinekestraße 13
10719 Berlin (Germany)


Fax : +49 30 88 72 07 88
Website: www.ws-datenschutz.de


Email :

privacy-belgium@doctena.com

privacy-netherlands@doctena.com

privacy-luxembourg@doctena.com

privacy-germany@doctena.com

privacy-austria@doctena.com

privacy-switzerland@doctena.com

Further information


If you have any questions in regards to GDPR and your use of Doctena, feel free to email


support+gdpr@doctena.com


Please note that this post is for informational purposes only, and should not be considered legal advice.


Links

https://gdpr-info.eu/


Security measures implemented by Doctena: https://www.doctena.com/security