PERSONAL DATA NOTICE
Northern Heart Hospital Penang (NHH) is committed to protecting your privacy and ensuring that your personal data is handled in a secure and confidential manner in accordance with the Personal Data Protection Act (PDPA) 2010 of Malaysia, which regulates the processing of personal data in commercial transactions. The meanings of terms “personal data,” “processing,” and “commercial transactions” are as defined within the PDPA.
This Personal Data Notice (“Notice”) describes how we collect, use, maintain, and disclose your personal data, in accordance with the PDPA.
Obligation of Patient
As our patient, you are responsible for providing current, complete, and accurate personal information. Timely updates of any changes to your personal data are crucial for us to provide you with optimal care and services.
Source of Personal Data
We collect your personal data from various sources, including but not limited to:
- Information provided by you during registration or admission.
- Medical histories and treatment records provided by you or your previous healthcare providers.
- Transactions and interactions with us, whether in person, by telephone, or electronically.
- Third parties and information in the public domain.
Description of Personal Data
NHH collects a comprehensive range of your personal data, which includes, but not limited to:
- Personal Information: This encompasses a wide array of your personal details like your name, identification numbers (NRIC/Passport), date of birth, age, and gender, marital status, a photograph for your face, and various contact information including your telephone/facsimile numbers, email addresses, both home and office addresses, employer or company name, occupation, physical attributes such as weight and height, race/ethnicity, nationality, religion, and information about your family and next of kin.
- Health Information: The scope of health data encompasses your medical history, diagnoses, records from medical checkups, diagnostic reports, treatment records, and any other relevant personal health information. This also includes the results of any criminal history investigations that are relevant to your care.
- Financial Information: To facilitate the administrative aspects of your healthcare, NHH collects financial information pertinent to payments. This includes, but is not limited to, your credit card and bank account details, along with insurance information to ensure a seamless financial process for the services provided.
Purpose of the Personal Data
Your personal data is collected and processed by us for a variety of critical purposes, aimed at enhancing the quality and efficiency of the services we provide. These purposes include, but are not limited to:
- Medical and Healthcare Services: Utilizing your data to offer personalized medical treatment and healthcare services tailored to your specific health needs.
- Patient Support: Leveraging your information to cater to your personal requirements and preferences during your care.
- Medical Records Management: Establishing and maintaining comprehensive medical records and reports to ensure continuity and quality of care.
- Financial Transactions: Utilizing your financial data to streamline the payment process for services rendered, and, where necessary, initiating debt recovery procedures for outstanding payments.
- Legal and Regulatory Compliance: Reporting necessary personal data to relevant authorities and/or third parties in compliance with the relevant laws governing the healthcare industry.
- Internal Administration: Sharing your personal data within NHH Management and its associated entities as defined under the Companies Act 1965, to facilitate internal administrative and operational efficiencies.
Marketing and Improvement: Using your information for marketing purposes, as well as for analysis to enhance our services and patient care experiences. - Communication: Managing and responding to your requests, queries, complaints, and addressing any legal matters that may arise.
Education and Training: Employing data for educational and training purposes to improve the expertise and capabilities of our healthcare professionals. - Auxiliary Purposes: Processing data for any other related purpose that supports or complements the aforementioned purposes.
Disclosure of Personal Data
Your personal data may be disclosed to a range of entities, as outlined below, in compliance with the PDPA and applicable laws:
- Healthcare professionals as defined in PDPA
- NHH and its associated companies
- Governmental and regulatory bodies including government agencies, local authorities, and non-governmental agencies
- Financial and insurance services including paying agents, insurance companies, financial institutions, and debt collection agencies
- Legal and compliance services such as legal firms, auditors, and any parties required for regulatory compliance or by legal proceedings
- Other public / private hospitals, healthcare providers, and training entities
- Family and next of kin for the purposes of emergency contact or as part of health care decisions.
- Legally permitted parties allowed under applicable Malaysian law and those required by courts, regulators, or through legal processes
- Any other parties which NHH may deem necessary for fulfilling its services or obligations.
Accessing and Updating Your Personal Data
NHH is committed to maintaining the accuracy and completeness of your personal data in our possession. We strive to ensure that the information we hold is not misleading and remains up-to-date at all times.
Should you need to modify any of your personal data, or if you discover that the information we have on file is incorrect, incomplete, misleading, or outdated, please reach out directly to our Personal Data Protection Officer Ms. Auni Muhammad Razif at 04-217 5588 (ext 7674) for immediate assistance in updating your records.