Privacy Policy and Data Protection Regulation
From May 25 th , 2018 the EU introduced a new Privacy Policy and Data Protection Regulation scheme under the General Data Protection Regulation (GDPR). In the Netherlands, this Privacy Protection Policy is known as ALgemene Verordening Gegevensbescherming (AVG).
This AVG privacy policy has been placed on this website. Whenever you make use of our services you agree you have read and agreed to this policy.
AVG in short
The Therapy Practice In this practice the practitioner will use your personal data. This is needed to proceed with the services and payments of these services. Third parties will never get this data. This practice agrees to have provided the best data protective services so no third party can access these. Retention period of your files are 15 years after the last treatment.
The Client
You have the right as to know what data is processed. You are also intitled to have the right to inspect, amend and (partially) delete data (insofar as this does not harm the privacy of
another). You determine whether and if so, which information can be passed on to third parties.
AVG in this Practice further elaborated
– Your personal data in the administration
– Your personal data in a file
– Your personal details when paying for a consultation Your details on the bill
– Privacy on the correspondence
– Privacy at the front door
– Privacy in the waiting room
– Privacy in the doctor’s office
– Security of digital data
1. Your personal data in our administration. Your therapist is required to determine that the identity provided matches the actual identity. To do this, you need to show us your ID card, passport or driving license. To be eligible for (partial) reimbursement by your health insurance, your personal details and insurance details will be state on your invoice. This is why this information is requested from you. Your personal data is stored in your file A copy of each invoice is stored on a secure computer (see point 9, digital data security), which is not connected to a network.
2. Your personal data in a file Your therapist is obliged by professional organizations, health insurance and legislation to keep a registration and file of your personal data and your personal data. This file contains the treatment agreement and session notes and is stored in a secure computer. Your file has a legal retention period of 15 years (from the last treatment). You have the right to inspect, amend and (partially delete this data ( insofar this does not harm the privacy of another person and this fits within good care provision. Your therapist is covered by professional secrecy and his duty is to remain silent about facts and data that become known when practicing the profession, It is also referred to as an obligation to remain silent. Only after your written permission is given, certain data can be shared with third parties. Ultimately it is your decision to decide whether this information form your file can be passed on to third parties. You can get help and advice from your therapist on this. There are situations in which professional secrecy can be broken. Since 2013, all care providers have been obliged to use the reporting code for domestic violence and child abuse.
3. Your personal details when paying for a consultation. You pay for each session at a time. Payment by cash: your name will not be known, If desired, you will receive a bill for your administration. Payment by pin: your name will not appear on bank statements from the practice of therapist, because it only shows the total daily turnover. However, you need to realize that when you pay you five permission to send payment details via the pin machine. Payment via a (one-off) bank transfer does of course state your name on your statements and on-line bank details. Otherwise it would not be possible to determine who transferred money. As a result, the accountant (with whom a (processing agreement has been concluded) may come across your (surname) in the financial administration. This also applies to the tax authorities in this case.
4. Your detail on the invoice. You will receive a bill for each session. If you want to be eligible for a (partial) reimbursement of the treatment, your health insurance will want to see some of your detail on the bill when you provide it. That is why it contains not only your name and address but also your date of birth, insurance company and your customer number. When you submit your bill to your health insurer, the request for help ( the transaction) becomes known. The contend of the treatment will not be known, in the context of professional secrecy this will not be communicated to the reimbursing agency. When your employer pays the bill, your name and the date of your visit to the practice will become known, but here to the content of the conversation is subject to professional secrecy, and therefore can never be retrieved by the paying party. A personal coaching note only contains the data that you or your company want to be included on it, but no substantive information about the treatment. You can indicate whether you wish to receive the invoice in printed form or if you wish to receive it in PDF by email. In the latter case, you can indicate whether this can be done by regular mail, or whether you want this to be sent to your secure mailbox via the secure mailbox from the practice, with or without encryption.
5. Privacy in the correspondence e-mails about general matters such as date, confirmation or change of an appointment can be mailed to mhealing@cuci.nl. If you want to e-mail personal data, you can create a free basis account (with the possibility of encryption) at https://protonmail.com/nlsignup in order to e-mail the data to the secure mailbox, with the address mhealing@cuci.nl. You can contact your therapist by telephone for more information. If you nevertheless send personal data to the standard e-mail address of the practice, your mail with personal content will be stored in your secure file and removed from the mail program (also online). Written correspondence via PostNl is received in the letterbox of the practice. This is emptied by the practitioner.
6. Privacy at the front door. When you ring the bell, you can be seen on camera for a moment , so that it can be determined whether the right persons can access the property via the electric opener. These images are not stored and have no commercial purposes.
7. Privacy in the waiting room. We cannot estimate whether you will meet someone you know in the hallway or waiting room. If you find this annoying from the point of view of your privacy, you can report this to your therapist. If desired, we schedule and appointment at a time when there are not other visitors in the practice.
8. Privacy in the doctor’s office. Your therapist is covered by professional secrecy. Professional secrecy is a duty to remain silent about facts and data of third parties that a person has learned when practicing his profession. It is also referred to as an obligation to remain silent. Sometimes professional secrecy is broken. Since 2013all care providers have been obliged to use the reporting code for domestic violence and child abuse. No sound or video recording are made in the doctor’s office. Not by the therapist, and not by the client either.
9. Security of digital data. Website security: There is no SSL certificate for the website (so no https) because it is only used for your won publication, and you do not have to provide data via the website. A secure mailbox has e=been set up to receive privacy-sensitive mail messages with the following address:mhealing@cuci.nl. If a client has accidentally sent the personal information to the standard e-mail address, it will be save the same day in a secure file with password and removed from the mail program (also online). The WiFi connection is not shared with clients or other visitors. All equipment (computer, scanner, printer) are also protected with proper password. No digital image or sound recordings are made or saved in this practice Not b the therapist, and not by the client either. Exceptions are possible but must be recorded in writing with signature. This document is scanned and stored in the client file. The digitally stored files are password protected, which is only known to your therapist.