Information regarding those responsible for processing your personal data

1.1 Introduction

If you are a patient or visitor of Amsterdam UMC or if you participate in research your personal data will be saved in our systems. The same applies when you visit any of our websites or attend a course with us. Personal data is here defined as all data which provides information regarding a person, by way of which it is clear or easy to determine who the person concerned is. Examples of this include your name, street address or city/town, but also your medical data. In this privacy statement, the term ‘personal data’ is also referred to simply as ‘data’. It is only natural for you to want assurance that your data will be safe with us. At Amsterdam UMC, we consider your privacy extremely important. In this privacy statement, we will explain which of your data we process at Amsterdam UMC and how we handle it. The processing of data includes the collection, recording, organisation, structuring, storage, alteration, retrieval, consultation, usage, erasure or destruction thereof, and its sharing with your healthcare providers.

1.2 Who is responsible for the processing of your data?

The Amsterdam UMC Foundation (Stichting Amsterdam UMC) is responsible for the correct and careful handling of your data. Amsterdam UMC has two locations, those at De Boelelaan 1117 and Meibergdreef 9 in Amsterdam.

1.3 Data Protection Officer

Amsterdam UMC has appointed a Data Protection Officer (DPO). This officer is charged with ensuring that Amsterdam UMC properly complies with privacy legislation. The Data Protection Officer’s further duties consist of answering questions, dealing with complaints and advising on the security and processing of your data. You can contact our DPO via email at privacy@amsterdamumc.nl.

Patient privacy

2.1 How do we obtain your data?

In order to provide you with the best possible care, we need the correct personal data. This data consists of:

  • Information which we obtain from you (or your legal representative) concerning, among other things, your health;
  • results based on body materials (e.g. blood samples);
  • results based on imaging (e.g. scans or photographs);
  • the clinical picture determined (i.e. diagnostics) and the reports drawn up by the healthcare providers involved;
  • patient monitoring data;
  • healthcare provider referrals.

2.2 Which of your data do we process?

2.2.1 ‘Ordinary’ personal data

We process no data other than that which we require for the purposes referred to in section 2.3 of this privacy statement.

Examples of ‘ordinary’ personal data include:

  • contact details (such as your name, street address and town/city (i.e. your ‘name and address’) and your telephone number and email address);
  • date of birth;
  • gender;
  • where applicable: details of any legal representative(s) and/or other contact persons, so that we can contact them regarding the treatment;
  • the healthcare insurer’s details;
  • ZorgDomein number;
  • GP;
  • pharmacy;
  • any other healthcare providers involved;
  • a copy of ID,
  • passport photograph;

In addition, we also process patients’ citizen service numbers (BSNs), which we are particularly careful with due to the sensitivity of the data concerned.

2.2.2 Special personal data

It is often necessary to process additional special data. This is comprised of:

  • Health data, such as information about your health status, examination/test results, diagnosis and treatment plans;
  • Data revealing race or ethnicity, such as nationality;
  • Data concerning religious or ideological convictions, where relevant to treatment;
  • Data regarding sexual behaviour, where relevant to treatment;
  • Genetic data

Where you have been referred to Amsterdam UMC for further examination or treatment, we use the information in your GP or other doctor’s referral letter.

2.3 What do we use your data for, and on which statutory basis?

We may only collect, use or further process your data where privacy law (i.e. the General Data Protection Regulation, hereinafter: ‘GDPR’) provides for this. The GDPR indicates that such processing is allowed only where there is a statutory basis for doing so, and if your data is to be processed for specific and explicitly stated purposes. The following statutory bases are referred to in the GDPR: your consent, the implementation of an agreement or compliance with a statutory obligation, a general interest or a legitimate interest. The purposes for which we process your data, and the statutory basis on which we do so, are detailed below.

Healthcare provision

We require data concerning your health, medicine use and medical history in order to make a diagnosis and to provide high quality healthcare in the context of the treatment contract we have entered into with you. Under the Medical Treatment Contracts Act (WGBO), we are obliged to create a record concerning your treatment and to record your details therein. The statutory basis for our entitlement to process this data is compliance with a statutory obligation.

Exchange of data with referrers, GPs and other healthcare providers

In order to make good healthcare possible, we provide information directly to referrers, GPs and other healthcare providers not involved directly in your treatment. Our healthcare providers and employees have a statutory duty of confidentiality. This means that we do not pass on any data without your permission. In other words, the statutory basis for our breaching this duty of confidentiality is your consent.

Fraud identification and prevention

We process data concerning your identity (copies of your ID, your BSN) in order to prevent our mixing you up with other patients. In this way, we can be sure that we only retain data concerning you in your record. The statutory basis for using a copy of your ID and BSN is compliance with a statutory obligation. As healthcare providers, we are required by law to check whether you are the person to whom the BSN pertains.

Claiming healthcare costs

We use your name and address, BSN and policy details, as well as data concerning the healthcare provided to you to enable us to claim back the costs of the healthcare provided to you from your healthcare insurer. The statutory basis for the use of your name and address, policy details and data relating to the healthcare provided to you is implementation of the (treatment) agreement ( or compliance with a statutory obligation. The statutory basis for using the BSN number is compliance with a statutory obligation.

The safeguarding and improvement of the quality of the care, Patient Experience Monitoring (PEM) and quality registrations

High quality healthcare is of great importance to Amsterdam UMC. In order to ensure this, your data may be processed for a quality review. This is an instrument for the evaluation of the performance of an individual doctor or group of doctors and providing these doctors with feedback in relation thereto. Quality reviews are carried out by people who themselves also have a duty of confidentiality. The statutory basis for being able to do this is your consent. Where access to your medical records in the context of a quality review is concerned, the presumption is made that you have provided your consent. If you do not wish to do so, you are entitled to submit an objection.

It also sometimes happens that we share the results of our treatment in pseudonymised form with organisations which manage national quality registrations. This puts us in a position to compare results with those of other healthcare providers and to safeguard and improve the quality of care.

For the same purpose, the experiences of patients with outpatient clinics, hospitals and the accident and emergency departments of Dutch university medical centres (UMCs) including Amsterdam UMC have since 2013 been monitored and compared with those at other UMCs using so-called Patient Experience Monitoring. By learning from good examples from both within and outside its own hospital, Amsterdam UMC is able to improve the quality of its patient care.

The statutory basis for using your data for quality registrations is the legitimate interest of Amsterdam UMC (and that of Amsterdam UMC’s patients). In this context, Amsterdam UMC always takes care to balance its own interests with those relating to your privacy. Once the Healthcare (Quality Registrations) Act has taken effect, participation in quality registrations will become obligatory, and the statutory basis for use of your data will be the implementation of a legal obligation. The statutory basis for the use of your data for Patient Experience Monitoring is consent. Participation in such monitoring is voluntary and your responses are processed anonymously.

Handling of questions and complaints

In order to be able to deal with questions, complaints or incidents, we process all data which we deem necessary for that purpose, such as the contact information and data to which the question, complaint or incident relates. If necessary, we may pass data on to our liability insurer. The statutory basis for the processing of data in order to respond to your questions is the legitimate interest or implementation of the (treatment) agreement, the statutory basis for the processing of data which is required for us to be able to deal with any complaints or incidents is your consent.

Staff training

If you call us with a question or complaint, the conversation may be recorded for training and quality purposes. Recorded conversations may only be listened to by individuals specially designated to do so for training and quality purposes. The statutory basis is the legitimate interest in improving the quality of our conversations with patients.

For contact with legal representative(s) or contact persons designated by you

In order to be able to provide information about your treatment to any contact persons designated by you or to the legal representative in situations in which you yourself are not in a position to respond, the contact details of these individuals are recorded in the Electronic Patient Record system. The statutory basis for this is compliance with a statutory obligation.

Compliance with other statutory obligations

There are a number of laws obliging us to provide third parties with the data which we collect and retain in the course of our healthcare provision. In case of contagious disease, for example, we are legally obliged to report this to the Municipal Health Service. We may also be obliged to provide data to the municipal government in relation to, for example, the implementation of the Social Support Act (Wmo) or the Youth Act. The same applies to the provision of data to the Dutch Healthcare Authority, the Health and Youth Care Inspectorate, or to other regulatory bodies established under public law.

2.4 Where do we process your data and how do we secure it?

We maintain your medical data in the Electronic Patient Record (EPR) system. The EPR is well protected against access by unauthorised persons. You can view this data (or a portion thereof) yourself via the Mijn Dossier (‘My Record’) digital environment.

Security

  • It is our duty to protect your data. We take technical and organisational measures in order to do so. For example, only those healthcare providers who are involved in your treatment may access your record, and then only if your treatment demands it.
  • Other employees may only access your record if such is required in the course of their duties. An example here would be care administration employees with responsibility for healthcare accounts. In such case, they would only receive access to the data which is necessary for their work.

Confidentiality

  • All healthcare providers working in Amsterdam UMC have a duty of confidentiality. They may not provide your data to others without your permission. There are a number of (statutory) exceptions to this.
  • All other staff (such as support service staff) also have a duty of confidentiality.

2.5 For how long do we retain your data?

Under the Medical Treatment Contracts Act (WGBO), we are in principle obliged to store your medical data for at least 20 years from the last medically-related change to your record. However, there may be reasons for keeping your medical record for longer, for example because doing so is in someone else’s interest. For example, that of your children, should you have a certain hereditary disease. Or if you have commenced legal proceedings against us, and we need your data for the purposes of our defence. It may also be the case that we retain your data for longer due to a legal obligation to do so.

Because Amsterdam UMC is a university hospital, we are required under the Public Records Act to keep certain data from your medical record, known as the ‘core documents’, for the lengthy period of 115 years from your date of birth. The core documents include

  • your discharge letter;
  • the operation report;
  • the anaesthesia report;
  • the results of pathological examination;
  • the first aid report;
  • data relating to emergency situations.

Our rules state that we must retain your financial data for 7 years.

Should you exercise a privacy right such as the right of access, your request and the handling thereof will be retained for a period of 3 years from the time we have accepted your request. You can find more information regarding your privacy rights further on in this privacy statement.

2.6 Who do we share your data with?

Those with which Amsterdam UMC shares your data in the context of the foregoing include:

  • Other healthcare providers, care institutions or third parties which are or are going to be involved in your treatment. This data concerns your treatment;
  • The GP. The GP receives a letter containing a summary of your treatment at Amsterdam UMC;
  • Quality registrations. Only data from which you can no longer be recognised is shared;
  • The healthcare insurer; only a DBC (financial code) is shared in order that the care costs can be settled;
  • Bodies charged with assessing care needs;
  • Other receivers on the basis of your consent or where a statutory obligation exists, such as the reporting of an emergency.

Amsterdam UMC relies on the services of a US-based company in relation to electronic patient records. To the extent there is any transfer of personal data, agreements have been made with that company based on the European Commission's Standard Contractual Clauses of June 4, 2021.

2.7 Additional information for children

Have you come to Amsterdam UMC because you are not well? In this section, we will summarise what we do with your data. If you are not well, we will do everything we can to help you get better. To make sure we do this right, we will make a note of information such as your name, address and age. That way, we will know who you are and we can avoid getting you mixed up with anyone else. We also take notes about how you are feeling and what we have learned about your illness from the examinations and tests that have been done. We are required by law to create a personal record for you. We put all of the data concerning your treatment in this record. We only share it with the people who are taking care of you, such as your doctor and nurse, and we look after it carefully. It is important that your GP also knows about your treatment and how it is progressing. We will only provide information to your GP or other healthcare providers outside Amsterdam UMC with your permission. If, however, you are still very young, the rules are slightly different. These rules are as follows.

Are you under 12 years of age? Then your parents* are allowed to read what we have written down in your record about you and your condition. If factual information such as your name, address and/or date of birth is incorrect, they can ask us to change this. They can also ask us to delete your record. We will ask your parents’* for permission before providing information to your GP or other healthcare providers.

Are you aged between 12 and 16? If so, you may ask the doctor for permission to look at your own record and/or have factual information such as your name, address and/or date of birth amended, or to have your record deleted. Your parents* can also do this. You can inform the doctor if you do not want your parents* to see your record or have your data changed.

Are you over 16 years of age? Then you are allowed to look at your own record. Your parents* are not allowed to do this. You may also ask that factual information such as your name, address and/or date of birth be amended if incorrect, and you can request that your record be deleted. Your parents* are not allowed to request this.

Should you request to have your record deleted, the doctor will first check whether it is possible to do so. This is not the case when, for example, invoicing has yet to take place, or if a complaint has been submitted or legal proceedings initiated, in which case the record must be retained. In some cases, it is important for your health that your record be retained. In such cases, the doctor has to explain why it is important that your record be kept.

We keep your record for at least 20 years, starting from your 18th birthday. We are required to keep certain data for 115 years, starting from your time and date of birth. As a university hospital, we are required to do this by law. Do you or your parents* wish to access your record, have something amended therein or have the record deleted? If so, please go to the central counter of the outpatient clinic. Bring a form of ID.

* ‘Parents’ should in each case be taken to mean one or more of your parents or caregivers.

3. The privacy of our visitors and of users of the emergency telephone hotline

3.1 Which of your data do we process?

We deploy cameras in and around our buildings and grounds. You may be recorded by these. This also applies to any conversations we record on the emergency telephone hotline.

3.2 What do we use your data for, and on which statutory basis?

Using cameras, we protect our patients, visitors and employees as well as possible against theft, vandalism and other criminal offences. We also deploy cameras to safeguard patient safety. Signs are used to indicate the deployment of camera monitoring.

Conversations which are held via the emergency telephone hotline may be recorded for the purpose of improving service provision and to provide assistance in emergency situations.

The statutory basis for the aforementioned data is successively a legitimate interest and vital interest.

3.3 For how long do we retain your data?

Camera images and recordings of conversations held via the emergency telephone hotline are kept for a maximum of four (4) weeks.

4. The privacy of medical research participants

Amsterdam UMC has a statutory duty to perform scientific research. Through such scientific research we wish to discover better treatments for illnesses, learn more about particular diseases and be able to detect illnesses (or to do so more easily). There are a variety of ways in which you can participate in scientific research: your doctor may ask you to, or you may make enquiries with your doctor yourself. We take care to ensure that all of the scientific research carried out at the hospital is carried out ethically and in accordance with the law. Would you perhaps like to take part in medical research? Before deciding, it is important for you to know more about the research in question. Therefore, in most cases, you will receive a letter from us containing the relevant information. This will contain information regarding, for example:

  • The aim of the research;
  • The manner in which the research is to be carried out;
  • The advantages and drawbacks of participation in the research;
  • How your data is to be handled

Participation is always voluntary. You may cease to participate at any time, without providing a reason, even once the research is underway. Your decision to participate or not in the research has no consequences for your treatment at Amsterdam UMC.

Research at Amsterdam UMC is always subject to extensive advance review. Research falling under the Medical Research (Human Subjects) Act is submitted to the Medical Ethics Committee committee for approval.

Research involving body materials is reviewed by the Biobank Research Ethics Committee.

4.1 Which of your data do we process?

You can find information about which of your data is processed in the information leaflet regarding the study in which we invite you to participate. Where possible, research data is processed anonymously, or pseudonymously. This means that your data cannot be linked to you directly.

4.2 What do we use your data for, and on which statutory basis?

Where it is not possible to process research data anonymously, we ask for your approval prior to using your data for scientific research, and take additional measures to protect your privacy. We do this, for example, by coding (pseudonymising) your data, as a consequence of which it cannot be traced back directly to you. The statutory basis for using your data is thus consent.

You are of course always entitled to say ‘no’. This will in no way affect your treatment. Moreover, you may cease participation and withdraw consent for the use of your data for scientific research at any time, including during the research. Once you have withdrawn your consent, no more of your data will be collected for the research. It is sometimes impossible, or may be very difficult, to ask for your consent. Under strict conditions, Amsterdam UMC may use your medical data or body material for scientific research without asking for your permission. In such cases, however, you must be given the opportunity to object to such use. 

4.3 How long do we retain your data for?

Data about you collected with your consent is entered in a research file. This research file does not comprise part of the medical record. The researcher(s) alone has/have access to the data, and has/have a duty to confidentiality in this regard. Once the research has been completed, Amsterdam UMC retains the data about you which has been used in the research for a further period as specified in the information letter. This is usually between 10 and 20 years. Should the research necessitate the retention of data for a longer period, the retention period may be extended accordingly. By retaining research data, we can demonstrate how we have arrived at specific research results. Amsterdam UMC may not destroy your data until the retention period has expired. 

4.4 Who do we share your data with?

Amsterdam UMC works together with other research institutions and companies both domestically and internationally in carrying out scientific research. Should the research demand that your data be shared with others, we will only do so once you have been informed thereof and/or have provided your consent for our doing so.

If, as part of the research, Amsterdam UMC relies on the services of an external party which processes certain data in accordance with Amsterdam UMC’s instructions, we make arrangements with that party to ensure that personal data is handled confidentially and carefully. Such arrangements are laid down contractually in a processing agreement.

Should we pass on your data to any external party located outside the European Economic Area (EEA), we will make contractual agreements with that party in order to guarantee adequate protection and the confidential and careful treatment of personal data, and we will ensure that we meet any legal requirements.

5. The privacy of our students and course participants

5.1 Which of your data do we process?

If you are participating in a training course at Amsterdam UMC, we will collect personal data about you, such as your name, address and date of birth, and potentially the name and address details of the organisation for which you work. We also keep track of your study results.

5.2 What do we use your data for, and on which statutory basis?

We need your contact information and study results data in order to be able to provide you with information in respect of your course, to monitor your progress, and to be able to send you any invoices. The statutory basis for the use of this data is the implementation of the study contract. We also use your date of birth in combination with your name and address details in order to identify you and to ensure we do not confuse you with any other students or course participants. The statutory basis for the processing of this data is legitimate interest.

We retain financial data for a period of 7 years in compliance with a legal obligation, i.e. the obligation to retain tax records; Lastly, we process your data in order to measure and/or improve the quality of our education and service provision, and to be able to handle any complaints or disputes involving Amsterdam UMC. The statutory basis for this is the representation of Amsterdam UMC’s legitimate interest.

5.3 For how long do we retain your data?

Your data is properly secured and may only be accessed by authorised persons. As soon as the data is no longer required for the purposes referred to in section 5.2, it is deleted.

6. The privacy of visitors to our website

Amsterdam UMC only collects personal data via this website if such data is required in order to enable (or improve) your use of this website and the services provided through it. In order to do this, we use cookies. You can find information about cookies and how we use them here.

Your personal data will in principle only be used for the purposes for which it has been shared with us.

We use your personal data for other purposes in the following cases:

  1. If we have received your express permission to use your personal data;
  2. If we are required by law to use your personal data;
  3. If we need your personal data for the assertion of the legitimate interests of Amsterdam UMC. The legitimate interests of Amsterdam UMC include: improving the quality of our services, informing you of Amsterdam UMC's other services, and defending Amsterdam UMC or one of its employees in the event of a complaint or legal action.

An example:

  • If you send us an email asking for information about Amsterdam UMC, we will use your email address and other information you have shared with us to reply to your email.

7. Your privacy rights

You have a number of rights in relation to the protection of your privacy. These rights are explained briefly below. A more detailed explanation of your rights can be found on the website of the Dutch Data Protection Authority. Should you wish to access your medical data, please contact Healthcare Support Patient Service (PAZO) via dossierdesk@amsterdamumc.nl.

You can also exercise your privacy rights by sending an email to the Data Protection Officer via privacy@amsterdamumc.nl. This is a free service. In principle, we should be able to respond to your request within one month.

7.1 Right of access

You can ask Amsterdam UMC for access to your personal data and to provide you with a copy thereof. Are you a patient of Amsterdam UMC? Then you can ask your doctor for such access. Your doctor may not refuse. However, the doctor may block certain portions of your record if they contain information about someone else, such as a family member. The doctor is also not obliged to provide you with access to his or her personal work notes. You can also request a copy of your record. Click on this link to see what you need to do to request a copy of your medical record.

The right to access does not apply to personal data processed for scientific or other research if the necessary provisions have been made to ensure that the personal data may only be used for statistical or scientific purposes.

7.2 Right to correction

Should the personal data about you that Amsterdam UMC processes be incorrect, you may ask us to amend it. For instance, when you have had a change of address, or if the date of birth is incorrect. This concerns changes to factual information. You may not however change a diagnosis, for example. Nonetheless, you can always have your own perspective added to the record, or the findings of a second opinion. Should you wish to change your data, please inform one of those providing you with treatment of this. Should you wish to add anything to the record, please let your doctor know. Your doctor will ensure that your perspective or the second opinion is added to your record.

The right to correction does not apply to personal data processed in the context of scientific or other research, if the necessary provisions have been made to ensure that the personal data may only be used for statistical or scientific purposes.

7.3 Right to restriction of processing

Should you dispute the correctness of the processing of your personal data, or have raised an objection thereto, you may request Amsterdam UMC not to do anything with the data during the period of challenge or objection other than storing it.

This right does not apply to personal data processed for scientific or other research, if the necessary provisions have been made to ensure that the personal data may only be used for statistical or scientific purposes.

7.4 Right to object

When the processing of your data is based on legitimate interest (as is referred to in this privacy statement in respect of certain processing activities), you have the right at all times to object to such processing. We will then weigh up your interests against those of Amsterdam UMC. If your objection is considered to carry greater weight, we will accept it.

7.5 Right to erasure

Are you a patient of Amsterdam UMC? In that case, you may request that we delete the data in your record. You may request this for the entire record or for part thereof. In principle, we are obliged to agree to your request, though exceptions may be made to this. If your doctor thinks that it is very clearly in your own interest that your record or parts thereof be retained, in consultation with you, your doctor may reconsider whether the data should be deleted. This is because your doctor has a duty of due care in these matters. Amsterdam UMC may also refuse to delete your data if, under law or on the basis of a regulation, it is obliged to retain the record for a certain amount of time. Amsterdam UMC is then obliged to observe any statutory retention periods. You can find more information regarding the destruction of your data here.

In all other situations, you are entitled under certain conditions to have your data deleted. We will check whether such conditions apply to you. In certain cases, we are required by law to retain data.

7.6 Right to data portability

Should personal data be provided to Amsterdam UMC in digital form on the basis of your consent or an agreement, and this is processed through automation, you may request Amsterdam UMC to make such personal data available to you in a structured, commonly used and machine-readable format. This right applies only to data that you yourself have provided to Amsterdam UMC actively and consciously, such as pacemaker or blood pressure meter data. Data to which this right does not apply includes findings, diagnoses, conjectures or treatment plans which the doctor has drawn up on the basis of the data you have provided.

The right to data portability does not apply to camera images made for the purposes of security, given that the processing of such personal data is necessary to the legitimate interests of Amsterdam UMC, Amsterdam UMC’s employees, the patients of and visitors to Amsterdam UMC, and the protection and security of these individuals and their property, as described in the foregoing.

8. Contact

The employees of Amsterdam UMC do their utmost to provide you as a patient with the best possible treatment, care and support. However, there is still a possibility that you will have a negative experience, or that the treatment or organisation does not meet your expectations when it comes to the protection of your privacy.

If you have any questions, complaints or comments, there are various ways to communicate these: