Medical Privacy

Medical privacy finds application in hospitals, medical organizations, and medical practices. Besides the doctor-patient privilege, several regulations need to be observed. The states have legislated hospital acts, and these legal norms and directives are to be transposed as well.The creation of a privacy compliant hospital administration and the protection of patient data in ward is an important task, which needs to be performed by the person responsible of the agency of the hospital. Due to the use of information technology, e.g. electronic hospital information system, telemedicine through the use of video cameras, and WLAN for patient usage, the IT and TC specific requirements for technical-organizational data protection need to be guaranteed.Furthermore, data privacy requirements arise with data transmission to numerous public or pivate positions, e.g. GP, health insurances, medical service of the health insurances, external service providers in the context of order details processing, criminal prosecution authorities, etc.In the area of medical privacy, we are offering the following services:
  • Data protection at the administrative admission (anamnesis form, consent)
  • Data privacy requirements in ward, office
  • Implementation of data protection in the hospital administration
  • Demands on doctors and medical personnel in the context of the doctor’s duty of confidentiality
  • Obligation to inform relatives versus doctor’s duty of confidentiality
  • Data protection in doctor’s room, psychologist’s room, office
  • Effective and comprehensible consent management
  • Data protection compliant keeping of patient records
  • Implementation of data protection within the hospital information system
  • Data protection at the reception/gate of the hospital
  • Data protection pertaining the patient’s room (labelling, wristband, round, conversation with patients)
  • Authority forms for visitors of children
  • Authorization of transferring patient data to other treating doctors in the hospital
  • Data protection for the transmission of patient data to the hospital administration
  • Privacy compliant transfer of patient data to the GP, relatives, health insurance, medical service, external service providers, etc.
  • Behaviour in the context of child endangerment, commissioner
  • Use of access control and time recording unit in the hospital
  • Use of privacy compliant video surveillance on the terrain of the hospital, and for telemedicine
  • Corporate guidelines/service agreements concerning the use of IT and TC in hospital
  • User policy on the usage of WLAN and telephone by the patients
  • Data protection training and training concept for doctors and medical personnel in the hospital (medical privacy)
  • Privacy compliant internet presence of the hospital (imprint, data protection notice)
  • Obligation to retain the patient documentation, and concept concerning the deletion of patient data and personal data in the hospital administration
  • Privacy compliant working method of attending doctors
  • Medical supply center within the hospital
  • Data protection when the hospital is being sold or closed down
  • Data protection in the context of scheduling, access privileges to appointment diaries
  • Data protection at the workspace
  • Data protection compliant destruction of paper and data media
  • Collection, processing and use of personal data by external service providers in the context of order details processing
  • Preparation of internal procedure directories and public procedure directories
  • External data protection commissioner (critical points analysis and constant maintenance)