MedPro Privacy Statement
MedPro Billing Solutions Limited (MedPro) desires to be a responsible participant in the industry. We make every effort to protect the privacy and confidentiality of our clients as well as their clients and those individuals whose healthcare and claims information may be identified within data received by MedPro for the purpose of Medical Billing.
This Privacy Statement sets out what we do with the personal information stored or processed on our cloud-based solutions and how we keep it secure. It explains what personal information we collect, where, why and how we collect it, as well as what your rights are over the personal information we hold about you. We use the terms “personal data” and “personal information” interchangeably in this Statement to mean details which identify you or could be used to identify the owner of data, such as your name and contact details, etc. This Privacy Statement gives effect to our commitment to protect your personal information.
The principle of “transparency” in data protection law requires that we communicate to you (via this Privacy Statement) about how we process your personal data in an easily accessible and easy to understand format.
Personal Information about an individual contained in the process of receiving and billing services from consultant and reviewing reports and summaries of such services will be protected in accordance with the requirements and definitions of the European Data Protection Regulation and Irish Data Protection Act 2018.
As a provider of digital medical billing solution in the cloud, will use personal information to process various activities such as invoicing accounting, billing and claiming insurance on your behalf. We will store and process personal data on the basis of legitimate interest.
- We are transparent about the personal data we collect and what we do with it.
- We use the personal data you give us for the purposes described in this Privacy Statement
- We put in place measures to protect your personal data and keep it secure.
- We respect your data protection rights and aim to give you control over your personal data.
- We are dedicated to observing all Irish and European regulations relating to the transmission, storage and access to medical data and records.
- MedPro reserves the right to amend or modify this Privacy Statement when changes occur with regulations.
Who is the “Data Controller” of your Personal Information?
Any personal information processed by MedPro in connection with this Privacy Statement is controlled by MedPro Billing Solutions Limited, which is therefore considered the “data controller” of your personal information under European Union and Irish data protection law.
Any consultant that uses MedPro services will also separately be a “data controller”.
Any third-party provider of services such as insurance providers and hospitals will also separately be a “data controller”. The applicable terms and conditions will identify the third-party provider.
This Privacy Statement applies to personal information that we or consultants collect, use and otherwise process in connection with your relationship with the consultants, claims or billing processes. Where we reference that consultant and third parties (e.g. insurance provider) are also acting as data controller of your personal data, you should consult the privacy statements of those third parties for further information.
When do we collect personal information about you?
We collect personal information about you whenever a consultant uses our services (whether these services are provided by us or by third parties), including when we process claims and billing activities.
What type of personal information do we collect and retain?
Personal information means details which identify you or could be used to identify you, such as your name and contact details, and claim history.
What is our legal basis for using your personal information ?
MedPro will only process your personal information where we have a legal basis to do so. Under EU and Irish data protection laws in almost all cases the legal basis will be:
- because we need to use your information so that we can process your claims, or perform our contractual agreements with the consultant or third party you engage with; or
- because it is in MedPro’s legitimate interests as a medical billing platform provider to use your personal information in order to operate and improve our business ; or
- because MedPro, or the Consultants need to use your personal information in order to comply with a legal obligation; or
- to protect the vital interests of you or another person; or
- because you have consented to MedPro, or the consultants of using your information for a particular purpose.
How long do we keep personal information?
We will keep your information for as long as we need it for the purpose it is being processed for. We will actively review the information we hold and delete it securely, or in some cases anonymise it, when there is no longer a legal, business or need for it to be retained.
Your legal rights in relation to the personal information we hold about you
Under data protection laws in the European Union and in Ireland, you have certain rights in relation to your personal information. Responses to exercise your rights will be provided within 1 month and generally there is no fee for making these requests. If your request is particularly complicated, we may extend the deadline for responding to two months, but we will let you know if this is the case.
We will handle all requests in accordance with applicable law. However, depending on the right you wish to exercise, and the nature of the personal information involved, there may be legal reasons why we cannot grant your request. Further explanation of those rights and the exceptions to them are set out below.
Your rights include the following:
- Your right of accessto your personal information we hold.
- Your right to ask us to correct the personal information you have shared with us (the “right of rectification“) if that information is inaccurate.
- Your right to withdraw consent to processing of data where consent is relied upon by us as the basis of processing.
- Your right to ask for personal information which identifies you to be removed (anonymised) (also known as the “right to be forgotten“) without undue delay in certain circumstances,
How to get in touch with us and your right to complain to our supervisory authority?
If you have any questions about this Privacy Statement or the practices and policies of MedPro Billing Solutions, or, if you are unhappy about the way we do this please contact us using the information below. We hope that we will be able to resolve any concerns you may have.
Data Protection Division
MedPro Billing Solutions Limited
Unit 9 Keypoint Business Park,
Rosemount Park Drive, Rosemount Business Park
(01) 488 0186
However, you have a right to complain to the Data Protection Commissioner at:
Data Protection Commissioner,
This policy statement is effective as of 1 October 2019.