icon

Accessibility

language icon

en

English

Nederlands

Arrange your care?

Log in with DigiDdigid icon

eHealth Privacy Statement

What does this privacy statement cover?

This privacy statement explains how the eHealth service works and how we handle your personal data.

 eHealth is a digital service that healthcare providers use to support your care. It allows you to view your health information and communicate with your healthcare provider online.

 You can access eHealth through:

  • the MijnGezondheid.net web portal;

  • the MedGemak mobile app.

The eHealth service consists of these products and the systems behind them that make them work.

Who is responsible for your personal data?

Your healthcare provider (your GP and/or pharmacy) is controller for your personal data.

Your healthcare provider decides which personal data is required, what parts of the eHealth service you can use and how you are informed about this.

What is PharmaPartners’ role in this service?

PharmaPartners offers the eHealth service to healthcare providers.

Within the eHealth service, PharmaPartners processes your personal data on behalf of your healthcare provider and according to their instructions, and only for as long as your provider make use of the eHealth service.

PharmaPartners may play a different role in other services or business activities, but those fall outside the scope of this statement.

Where does the personal data come from?

The personal data you see or use in the eHealth service is provided through your healthcare provider’s information systems.

Actions you take in the eHealth service, such as sending a message or booking an appointment, may be recorded by your provider in their own system.

What personal data does the service process?

eHealth may process personal data such as:

  • health information made available to you by your healthcare provider;

  • messages between you and your provider;

  • appointment details;

  • medication details;

  • data you enter yourself, such as health readings.

We also process technical data needed to run and improve eHealth, such as error reports, performance data and general usage of the app.


Why does PharmaPartners process personal data?

PharmaPartners processes your personal data as a processor on behalf of your healthcare provider (the controller), and solely for the purpose of delivering and supporting the eHealth service.

We process your personal data to:

  • make the eHealth service available and ensure it functions properly, including the MijnGezondheid.net web portal and the MedGemak mobile app;

  • provide technical management, maintenance and support for the service;

  • secure the systems and ensure their availability and reliability;

  • improve the service, using anonymized or aggregated data wherever possible so that it cannot be traced back to individual users.

PharmaPartners does not use your personal data for its own care or marketing purposes. We do not share it with anyone else unless this is necessary to deliver the eHealth service or required by law.

What gives PharmaPartners the right to process your personal data?

PharmaPartners processes your personal data within the eHealth service, because we provide this service on behalf of your healthcare provider. This is based on the contract with your healthcare provider and the data processing arrangements agreed with your provider.

We process your personal data only on behalf of your healthcare provider and according to their instructions. Your provider is responsible for informing you and for setting the purposes and legal bases for processing your personal data.

How long does PharmaPartners process your personal data?

Your healthcare provider decides how long your medical data is kept.

PharmaPartners processes your personal data within the eHealth service only for as long as needed to deliver the service and ends the processing when your healthcare provider no longer uses the service, in accordance with the agreements in place.

Is personal data shared with other parties?

Your personal data may be shared with other parties when you use the eHealth service, but only where this is necessary to provide your care or required by law.

These may include:

Sub-processors and suppliers
Parties that support the delivery of the eHealth service, for example for hosting, back-ups, monitoring, supporting systems and messaging services. Data processing agreements are put in place with these parties, and their privacy and security measures are assessed in advance.

Other healthcare providers or care organizations
Only when your healthcare provider considers it necessary for your care and instructs us to do so.

Regulators and law enforcement authorities
Only where PharmaPartners is legally required to do so.

Is personal data processed outside the EU/EEA?

No. Your personal data is processed only within the European Economic Area.

How is personal data protected?

PharmaPartners takes appropriate technical and organizational measures to protect your personal data against loss, misuse and unauthorized access.

These measures are tailored to the sensitive nature of health data and are designed to ensure the confidentiality, integrity and availability of your data.
We take current security risks and legal requirements into account and regularly review and improve these measures.

What are my rights as a patient?

Under data protection law (the GDPR), you have several rights regarding your personal data, including the right to access, correct and delete it.

To exercise any of these rights, you can contact your GP or pharmacy. Your healthcare provider is the controller responsible for processing your personal data and will assess your request.

Where technical support is needed to handle your request, PharmaPartners carries out the necessary steps on behalf of your healthcare provider and in accordance with their instructions.

You can contact your healthcare provider if you have any questions about your personal data in the eHealth service.