Privacy Policy
1. Items of personal information to be collected and collection method
The foundation collects only the minimum amount of personal information necessary for the use of medical treatment (medical examination) services. Essential information for medical treatment is collected through the preparation of a questionnaire record without separate consent in accordance with the Medical Law, and a separate collection and use consent form must be written for additional services other than treatment, and there is no disadvantage for treatment even if the consent is not filled out.
[Items to be collected during treatment/examination]
| Required items for examination | Name, gender, date of birth, phone number Resident registration number (persons subject to medical or medical service health check-ups and special health check-ups) Name and department or employee number of the affiliated company (if the company is charged for examination) |
|---|---|
| Required items for treatment | Name, resident registration number |
[E-mail Address Information]
If you want to receive the results of your health checkup by e-mail
2. Purpose of collection and use of personal information
The foundation uses the collected personal information for the following purposes.
All information provided by users will not be used for purposes other than those required for the following purposes, and if the purpose of use is changed, prior consent will be sought in the consent form specifying the purpose of use according to the collection.
- Used for identification procedures for reservations and reservation inquiry
- Used to provide test results and personalized SMS and e-mail information
- Securing smooth communication channels for handling customer complaints, etc.
- Providing medical services for diagnosis and treatment, and service such as billing, payment, and refund
- Basic data for requesting external consignment inspection
3. Retention and use period of personal information and destruction procedures and methods of destruction
The foundation retains personal information for the retention period stipulated by the Medical Law, and destroys personal information after that.
| Retention period | Examination result record 5 years / medical record 10 years |
|---|---|
| Destruction procedure | Immediately destroy by the method of destruction after the legal retention period ※ Personal information that has passed the expiration date after the medical records are finally recorded |
| Destruction method | Personal information stored in the form of electronic files is deleted using a technical method that cannot reproduce the record, and personal information printed on paper is shredded or incinerated with a shredder to destroy |
| Upon termination of customer management service consignment | The consignee permanently destroys related files and DB data within 2 weeks |
4. Rights of users and legal representatives and how to exercise them
When collecting personal information of children under the age of 14 (hereinafter referred to as "children"), consent from a legal representative is always sought. In order to obtain the consent of the legal representative, the foundation collects minimum information from children, such as the legal representative's name and contact information, and obtains the consent of the legal representative according to the method stipulated in the personal information processing policy. Regarding personal information, the hospital may exercise its rights by contacting the hospital using the Internet, telephone, or writing, and the hospital takes necessary measures without delay.
※ During the period in which storage is mandatory by law, personal information cannot be deleted or corrected or deleted within the storage period, even if requested by the person in question.
5. Provision of personal information to a third party
In principle, the Foundation processes users' personal information within the range specified for the purpose of processing, and does not provide users' personal information to the outside. However, the following cases are exceptions.
- When separate consent is obtained from the information subject
- If there are special regulations in the law
- When the information subject or legal representative is in a state in which it is impossible to express intention or when prior consent cannot be obtained due to unknown address, etc., and it is clearly deemed necessary for the immediate benefit of life, body or property of the information subject or a third party.
- When personal information is provided in a form in which a specific individual cannot be identified as necessary for statistical purposes and academic research purposes
- If personal information is used for purposes other than the purpose or if it is not provided to a third party, it is impossible to perform the duties under the jurisdiction as prescribed by other laws, and has undergone deliberation and resolution by the Protection Committee.
- Where it is necessary to provide foreign information or international organizations for the implementation of treaties or other international agreements
- When necessary for the investigation of crimes and for filing and maintaining prosecution
- When it is necessary for the court to perform trial work
- When necessary for the execution of punishment, custody, and protective disposition
6. Consignment of personal information processing
The foundation entrusts personal information as follows for the inspection of specific items, and in accordance with Article 26 of the Personal Information Protection Act, in accordance with related laws and regulations, personal information processing is prohibited, technical and administrative protection measures, and re-entrustment in accordance with Article 26 of the Personal Information Protection Act. Restrictions, management and supervision of trustees, and liability for damages are specified in documents such as contracts, and supervised whether the trustee handles personal information safely. The hospital's personal information consignment processing agency and contents of consignment work are as follows.
| Consignee | Consigned work details | Consigned personal information | Retention and use period of personal information |
|---|---|---|---|
| Seoul Medical Science Research Institute | Blood/tissue/cell/microorganism/sputum test | Registration number, name, gender, date of birth | Legal information retention period |
| SHC | DNA test | Registration number, name, and date of birth | Legal information retention period |
| Medigen | DNA test | Registration number, name, and date of birth | Legal information retention period |
| Bio Age | Biological age | Registration number, name, age, sex, hemoglobin, erythrocyte sedimentation rate, total protein quantification, albumin, blood urea nitrogen, creatinine, blood sugar, serum GOT, serum GPT, gamma GTP, total cholesterol, triglyceride, high-density cholesterol, low-density cholesterol , Glycated hemoglobin, thyroid stimulating hormone, free T4, height, weight, obesity, blood pressure, lung capacity, waist circumference | Legal information retention period |
| Care Link | DNA test | Name, gender, age, address, date of birth, phone number, questionnaire result | Legal information retention period |
| post office | Send result sheet/information, etc. | Name, address, phone number | Do not hold |
| Lunit | Artificial intelligence examination | Examination video | Legal information retention period |
7. Personal information manager
Appoint and operate a personal information manager who protects personal information handled by the foundation and performs tasks such as supervising whether appropriate security management is in place when processing personal information, notification of business improvement, and confirmation of performance I'm doing it.
Personal Information Protection Officer: Yoon Seung-gi
You can report all personal information protection-related complaints to the person in charge of personal information management. The hospital will provide prompt and sufficient answers to users' reports. If you need to report or consult about other personal information infringement, please contact the following organizations.
-Personal Information Dispute Mediation Committee (http://privacy.kisa.or.kr / 118 )-Information Protection Mark Certification Committee (http://www.eprivacy.or.kr / (02) 580-0533~4)
- Supreme Prosecutors' Office Cyber Crime Investigation Team (http://www.spo.go.kr / (02) 3480-3573)-National
Police Agency Cyber Crime Investigation Team (http://www.netan.go.kr / 1566-0112)
8. Measures to ensure the safety of personal information
Hospitals are preparing several security devices as technical measures to protect users' personal information.
All information provided by users is securely protected/managed by security devices such as firewalls.
In addition, as an administrative measure for the protection of users' personal information, the hospital prepares procedures necessary for access and management of users' personal information, and conducts continuous security education by limiting the number of people who process users' personal information to a minimum.
User passwords are assigned to each user of the system that processes personal information, and these are updated regularly/mandatory.
9. Matters concerning the installation/operation and rejection of automatic personal information collection devices
Cookies are installed and operated, and users can reject them. Cookies are used to support users with faster and more convenient use of the website and to provide customized services.
1. What is a cookie?
Cookies are very small text files sent to the user's browser by the server used to operate the website and are stored on the user's computer.
2. Why are cookies used?
Cookies are used to store user preferences, etc., to support a faster web environment for users, and to improve service for convenient use. This makes it easier for users to use the service.
3. What if you want to refuse to collect cookies?
Users have the option of installing cookies. Therefore, the user may allow all cookies by setting options in the web browser, check each time a cookie is saved, or refuse to save all cookies.
However, if you refuse to install cookies, web use becomes inconvenient, and some services that require login may be difficult to use.
Example of setting method
1) For Internet Explorer: Tools menu at the top of the web browser> Internet Options> Personal Information> Settings
2) For Chrome: Settings menu on the right side of the web browser> Display advanced settings at the bottom of the screen> Content settings button for personal information> Cookies
10. Notification obligation according to policy change
This personal information processing policy has been in effect from September 1, 2016, and at least 7 days before the implementation of the personal information processing policy, which is changed in the event of addition, deletion or modification of the contents due to changes in laws, policies, or security technology The reason and contents of the change will be notified through the website.
Announcement date: August 24,
2016 Effective date: September 01, 2016
Check the previous version of the privacy policy (applied from 30/30/2012 to 12/12/2016)
