Privacy Policy

Introduction

At Mater Private Healthcare Group we understand that the privacy and security of your information is important to you. To this end, we endeavour to safeguard the privacy of all information you entrust us with in order to protect and respect your privacy.

This Privacy Policy sets out the basis upon which we collect, use, store and disclose personal data collected from you and/or held about you, as well as your rights in relation to that data.  Please read the following carefully to understand our practices regarding your personal data and how we will treat it.

For the purpose of Data Protection Laws, The Mater Private Healthcare Group, with a registered address at Eccles Street, Dublin 7 and registered under company number 99197 will act as a Data Controller when acting as an employer, a supplier of health services and where dealing with suppliers and in this role it is responsible for processing your data in a safe, secure and compliant manner.

  • When we refer to personal data in this policy, we mean information that can or has the potential to identify you as an individual.

    We may hold and use personal data about you as a customer, patient or in any other capacity. Depending on the services you receive from us, this may include special category personal data such as information relating to your health.

    Personal data we collect from you may include the following:

    • information that you give us when you enquire or become a patient of ours such as your name, address, contact details (including email address and phone number);
    • information you give us when you make a payment to us, such as financial or credit card information;
    • the name and contact details (including phone number) of your next of kin or relatives;
    • notes and reports about your health and any treatment and care you have received and/or need, including information relating to clinic and hospital visits and medicines administered;
    • information about complaints and incidents;
    • information obtained from customer surveys that you have taken part in;
    • information that you give us when you submit a question/comment in relation to our services or website;
    • information you give us using the contact us or book an appointment form on our website;
    • information you give us when you apply for a job with us (CV, cover letter, contact details);
    • information you give us when you publish public comments on our social media pages e.g. Facebook, Twitter, Google, LinkedIn, Boards.ie, Rate My Hospital, Reddit.ie, Glassdoor.com
    • images stored on the CCTV systems in use at our facilities for safety and security purposes 

    Please note: where you have named and provided us with personal data about your next of kin, it is your responsibility to ensure that the individual is aware of and accepts the terms of this Privacy Notice.

  • When you use our services, we may obtain the following categories of personal data from others:

    • your GP, other medical professionals including HSE, other hospitals and health professionals when you transfer or are referred to our service;
    • independent medical consultants who carry out procedures at the Hospitals of Mater Private Healthcare Group. To provide you with the best possible care, consultants may need to share your personal data and medical records with Mater Private Healthcare Group;
    • an external marketing company who analyse public social media pages where you publish comments about Mater Private Healthcare Group. These comments are analysed to assess the public's opinions in relation to our services so that we may provide you with improved services.
    • your employer or sports club if you are referred by them for medical assessment and/or treatment.
  • Your personal data will be kept confidential and secure and will, unless you agree otherwise, only be used for the purpose(s) for which it was collected. Your information helps us to provide and improve our services.

    We will use this information as follows

    • To create and maintain your medical record on our administration systems which records all aspects of your assessment, diagnosis and treatment while in our care;
    • To ensure that our clinical staff have the information they require for your assessment and/or treatment;
    • To generate invoices for treatment received and subsequent payment of those invoices;    
    • To keep you informed on our latest services and offerings, where you have subscribed to receive such information;
    • To create a candidate profile for you if you are a prospective employee;
    • To constantly improve our website services and security;
    • To carry out internal clinical audits.
     
  • We may share your personal data with our selected business associates, suppliers and contractors to provide you with our services. For example, these business partners may include:

    • health insurers to secure payment for your treatment where it is covered by your private health insurance policy;
    • health professionals, independent consultants and other hospitals that require your personal data as part of the provision of medical  treatment;
    • IT service providers that either host or have access to our data as part of their product offering;
    • regulatory bodies such as HIQA,  the Health and Safety Authority, where we are obliged to make data available as required;
    • outsourced service providers such as the use of external laboratories and marketing companies;
    • other companies and organisations with whom we exchange data for the purposes of fraud protection and credit risk reduction.

    We may also disclose your personal information to third parties:

    • As part of normal business processing with other companies within the Mater Healthcare Group;
    • In the event that we sell or buy any business or assets, in which case we may disclose your personal data to the prospective seller or buyer of such business or assets;
    • If we are under a duty to disclose or share your information in order to comply with any legal obligation or in order to enforce or apply our terms of use and other agreements; or to protect our rights, property or safety of our patients or others.

    We attach a supporting Schedule with a list of the categories of third parties with whom we share your data.

  • The time periods for which we retain your information depends on the type of information and the purposes for which we use it. We will keep your information for no longer than is required or permitted.

    For further information on the periods for which your personal data is kept, please see our data retention policy, a copy of which can be made available on request to our Data Protection Officer.

  • The legal bases for the processing of your personal data are :

    • The processing is necessary for the performance of the contract which you have entered into with us or to take steps at your request prior to entering into a contract;
    • that you have provided consent for the processing for one or more specified purposes such as marketing, for example when you fill out an admissions form and provide your consent to receiving marketing material or subscribe to  receive future material;
    • the processing is necessary for compliance with certain legal obligations to which we are subject;
    • processing necessary for the purposes of the legitimate interests which we pursue where such interests are not overridden by your interests or fundamental rights or freedoms which require the protection of your information.

    The legal bases for the processing of your special category personal data (i.e. your medical information) are that the processing is necessary:

    • to provide you with health services;
    • to protect your vital interests;
    • for the establishment, exercise or defence of legal claims;
    • for compliance with certain legal obligations to which we are subject;
    • for reasons of public interest in the area of public health;
    • for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes.
  • In a limited number of circumstances, your personal data may need to be transferred outside of the European Union and European Economic Area to a country for which there is no adequacy decision relating to the safeguards for personal data from the European Commission.  

    If the destination is not the subject of an adequacy decision then either a derogation under Article 49(1) GDPR will apply which does not have to be listed here or we will ensure that appropriate safeguards will be in place to protect your data such as Standard Contractual Clauses, your consent or Privacy Shield for US transfers.

  • You have the following rights:

    • The right to access the personal data we hold about you;
    • The right to require us to rectify any inaccurate personal data about you without undue delay;
    • The right to have us erase personal data we hold about you. It should be noted that this is not an absolute right and is limited to certain specific situations such as, for example, where processing is unlawful, where it is no longer necessary for us to hold the personal data in order to provide you with our services or, in some circumstances, if you have withdrawn your consent to the processing and there is no other legal ground for our processing of the data;
    • The right to object to us processing personal data about you such as processing for profiling or direct marketing;
    • The right to ask us to provide your personal data to you in a portable format. This right only applies to data which you have provided to us, and where the processing is carried out by automated means;
    • The right to request a restriction of the processing of your personal data.

    Where our processing of your personal data is based on your consent to that processing, you have the right to withdraw that consent at any time but any processing that we have carried out before you withdrew your consent remains lawful.

    You may exercise any of the above rights by contacting the Mater Private Data Protection Officer at the details shown below. 

    You may lodge a complaint with your local supervisory authority with respect to our processing of your personal data. The local Supervisory Authority in Ireland is the Data Protection Commission.

    You can contact the Office of the Data Protection Commissioner at:

    Telephone: +353 (0)761 104 800 or Lo Call Number 1890 252 231

    E-mail: info@dataprotection.ie

    Postal Address: Data Protection Commissioner, Canal House, Station Road, Portarlington, R32 AP23 Co. Laois

    For further information please visit the Data Protection Commissioner website www.dataprotection.ie.

  • What Are Cookies

    As is common practice with almost all professional websites this site uses cookies to improve your online experience and our website.

    Cookies are text files containing small amounts of information which are downloaded to your device when you visit a website. Cookies are then sent back to the originating website on each subsequent visit, or to another website that recognises that cookie. Cookies are useful because they allow a website to recognise a user’s device.

    Certain information which you submit may also be collected to enable us to better understand our customers, to inform general marketing and to help provide a better experience of our services.  We may use cookies for this purpose.

    We may also use other companies to set cookies on our websites and gather cookie information for us – please refer to the information detailed below:

    This page describes what information they gather, how we use it and why we sometimes need to store these cookies. We will also share how you can prevent these cookies from being stored, however, this may downgrade or 'break' certain elements of the sites functionality for you.

    Disabling Cookies

    Most browsers automatically accept cookies. You have the ability to accept or decline cookies or request that you be warned when a website is trying to install a cookie. This can be done by modifying the settings in your browser. Please note that disabling cookies may affect the functionality of some parts of this website for you.

    For more information about managing cookies and how to stop cookies being installed visit http://www.allaboutcookies.org/manage-cookies/

    The Cookies We Set

    When you submit data through a form such as those found on contact pages or service pages, cookies may be set to remember your user details for future correspondence.

    In order to provide you with a great experience on this site we provide the functionality to set your preferences for how this site runs when you use it. In order to remember your preferences we need to set certain cookies; these cookies enhance your experience of the website and ensure proper website functioning.

    Third Party Cookies

    In some special cases we also use cookies provided by trusted third parties. The following section details which third party cookies you might encounter through this site.

    This site uses Google Analytics which is one of the most trusted analytics solutions on the web for helping us to understand how you use the site and ways that we can improve your experience. These cookies may track things such as how long you spend on the site and the pages that you visit so we can continue to produce engaging content.

    For more information about Google Analytics, and the cookies it sets, please visit: 

    https://developers.google.com/analytics/resources/concepts/gaConceptsCookies

    To opt out of being tracked by Google Analytics, please visit: http://tools.google.com/dlpage/gaoptout

    As we provide healthcare services it's important for us to understand statistics about how many of the visitors to our site actually contact us and as such, this is the kind of data that these cookies will track. This is important for you, as it means that we can accurately make business predictions that allow us to monitor our advertising.

    Advertising or Targeting Cookies

    We might, on some occasions, wish to advertise on social media or other websites. When we do this we may wish to use personal data in order to improve the targeting of the advertising. This enables us to improve efficiency and keep our costs down.

    The behavioural advertising cookies used by this site are designed to ensure that we provide you with the most relevant adverts where possible by anonymously tracking your interests and presenting similar things that may be of interest. You can opt out of one or all third party Online Behavioural Advertising (OBA) cookies on the web browser you are currently using with an "opt-out cookie" by visiting:

    http://www.youronlinechoices.com/ie/your-ad-choices                  

  • We keep our Privacy Policy under regular review and as a result it may be amended from time to time without notice. As a result we encourage you to review this Privacy Notice regularly. Please review this notice each time you use our website or our services. This notice was last updated on 18 May 2018.

  • Our Data Protection Officer can be contacted by:

    Dublin:

    Email:  dpo@materprivate.ie

    Phone:  (01) 885 8888

    Address:  The Data Protection Officer, Mater Private Hospital, Eccles Street, Dublin 7

    _______________________________________________________________________

    Cork:

    Email:  mpcdpo@materprivate.ie

    Phone:  (021) 6013200

    Address:  The Data Protection Officer, Mater Private Hospital, Citygate, Mahon, Cork,

Category of Third PartyDescription of Service Provided

IT Service Providers

System based processing of personal and/or medical details as part of patient treatment and/or organisational/ operational requirements e.g. cloud hosting services; application development and support services; IT Infrastructure services; email services; call recording services.

Legal/Professional AdvisorsThe provision of business consulting, audit and legal services including access to and analysis of personal data as part of business initiatives, statutory audits, legal claims and ad-hoc consultancy advice
Transport, Storage & Shredding

The provision of courier services for the transportation of physical documents to and from suppliers, insurers and referring corporate/medical partners.

Storage and destruction of physical files for operational and regulatory  purposes
Outsourced Service ProvidersThe external processing of personal data to external providers where Mater Private Hospital does not have either the expertise, capacity or demand to provide the processing required.  E.g.  test/analysis by external laboratories
Regulatory BodiesProvision of personal data as required to satisfy recurring obligations, audit and mandatory reporting purposes with bodies such as HIQA, TUSLA, Health, and Safety Authority etc.