As of May 25, 2018, the General Data Protection Regulation (GDPR) applies. This contains a number of mandatory measures that I must comply with because I record your data in a client file.
I record the following personal data in my digital client file
Name, place of residence, year of birth, email address, telephone number and policy number. If in the interest of the treatment, I record the name, telephone number and e-mail address of the GP.
I do not register the following special personal data in my digital client file
I do not record any special personal data (religion, belief, health or sexuality) in the digital client file. I keep written notes about things discussed in the sessions anonymously. In addition, I do not record any criminal data.
I do not record a citizen service number (BSN).
In addition to the AVG, the WGBO (Medical Treatment Contracts Act) and the professional code of my professional association and of the Register of Complementary Care Professionals (RBCZ) apply to my work. These affect the purposes for which I record personal data. For that reason, I handle personal data in this way
Obligation to keep medical files: Pursuant to the Medical Treatment Contracts Act (WGBO), I am obliged as a healthcare provider to keep a medical file.
Storage period: The main rule for the storage of medical records is stated in the WGBO. That is 20 years, calculated from the date of recording each individual piece of data. The period may be longer if this is necessary for the purpose of treatment.
Professional secrecy: I am bound by a duty of confidentiality.
I inform my clients about my obligation to file in the following way
In the email confirmation I refer to the general terms and conditions and privacy statement. My website also contains information about my working method, the obligation to file and the obligations resulting from the WGBO, the Wkkgz and the professional code.
If children are younger than 16 years, both parents are required to give written permission for the treatment and thus for the recording of data in a file.
Who has access to client files?
I have a processing agreement with MijnDiAd B.V. in Nijmegen. They provide my client with administration software and are not legally allowed to use my data for anything other than for the service they offer. I also have a processing agreement with my colleague Anna Calogero in Amsterdam, who takes over my practice in the event of long-term illness or death. She may inform my clients of the state of affairs and, if the client permits, the file
How is information security ensured?
I work with a digital client file that is encrypted and protected with a password. The client software I use is designed for healthcare companies and the extensive privacy legislation that comes with it.
Because I regularly install the latest version of my software, I ensure that my software is optimally secured. If, in the most unexpected case, data leaks, I know how to report this to the data protection authority.
Request your file or have it destroyed
You can request your file at any time. In addition, you can ask me to permanently delete / destroy your file.