REGEN REHAB HOSPITAL’S
PERSONAL DATA PROTECTION POLICY
This Personal Data Protection Policy (“PDPA Policy”) explains the manner in which your personal information collected from or provided by you is processed, disclosed and safeguarded by ReGen Rehabilitation International Sdn Bhd (“ReGen” or the “Company”). ReGen is committed to ensuring your personal information is protected as per requirements of the Personal Data Protection Act 2010 (“PDPA”).
- To maintain the accuracy of your Personal Data, as well as preventing unauthorised access to and ensuring the correct use of your Personal Data, we have carried out appropriate physical, electronic and managerial measures to safeguard and secure the Personal Data we collect. These measures are subject to ongoing review and monitoring. Whilst we make every effort to protect your Personal Data, no security measures can guarantee that your Personal Data and information will not be subject to interference, misuse or hacking and we shall not be responsible for any loss, misuse or alteration arising as a result of such incidents.
- In the event you have provided Personal Data of third parties (e.g. your emergency contact person, authorised representatives, family members details) to us, we rely on you to and deem that you have sufficiently obtained the prior consent of such third parties to allow us to process their Personal Data in relation to the Purpose and you have advised them to read our Personal Data Protection Notice and Policy.
- The data subject (“you”, “your”) may have supplied and may continue from time to time, to supply us with your personal data (including sensitive personal data) and information (“data”) by use of our healthcare services or health-related services, enquiring about us or our services/facilities, participating in our promotional activities, through business relations with us and/or for the compliance with any laws or guidelines issued by authorities.
- We do not collect any data unless you choose to provide that information to us through application form, registration form, feedback form, online registration or other social networking services such as Facebook, Instagram, LinkedIn and other similar platforms.
- Such data may include information concerning your personal details (such as name, age, gender, identity card number, passport number, date of birth, race, ethnic origin, nationality, religion, next of kin information, guarantor information, signature), contact details (such as address, email, phone numbers), medical information, payment details (such as credit card details and information of insurance, employer or your payor) and other information for legitimate purposes.
- In addition, we may from time to time request for certain other personal information that may be relevant for the purpose of providing our services/facilities to you. If you fail to provide such data to us, this may cause us not being able to process your data.
- If you do provide us your data, please be informed that the data and other information provided by you then and including any additional information you may subsequently provide later, may be used and processed by ReGen for the following purposes:
- the processing of your applications for our services/facilities, employment opportunities or business opportunities;
- the operation and administration of our services/facilities provided to you;
- the processing of payment;
- to communicate with you including for purposes of making medical appointment;
- respond to your inquiries;
- assisting us in collection of amounts outstanding from unpaid bills/due (if any);
- to support our business, financial and risk monitoring, planning and decision making;
- updating your records;
- designing and offering services/facilities for your use;
- marketing our services/facilities and for our reward, loyalty or privileges programmes and related services/facilities;
- research, statistical analysis and surveys in relation to our services/facilities;
- meeting the requirements to make disclosure under the requirements of any laws binding on and for the purposes of any guidelines issued by authorities with which we or our holding companies, affiliates, representatives are expected to comply;
- for investigating, reporting, preventing or otherwise in relation to criminal activities generally;
- for any purpose required by law or regulation;
- for the purpose of enforcing our legal rights and/or obtaining legal advice;
- for all ancillary purposes relating to the provision of our services/facilities and/or
- purposes relating thereto or any other legitimate purposes.
- Your data held by us will be kept confidential and we do not give or disclose your data to unaffiliated third parties without your consent. However, please take note that we may provide or disclose such information to the following parties (whether within or outside Malaysia) for the purposes set out in paragraph 7 (who may also subsequently process, transfer and disclose such data):
- our employees;
- medical professional, agent, contractor, vendor, or third-party service provider who provides administrative, telecommunications, information technology, payment, securities, marketing, research or other services/facilities to us in connection with our operation of business;
- financial institutions, insurers (including those overseas), employer, third party payor and credit card companies:
- third parties (including those overseas) who provide data processing services;
- any other person under a duty of confidentiality to ReGen who has undertaken to keep such information confidential;
- any actual or proposed assignee, transferee, participant or sub-participant of ReGen’s rights or business; and/ or
- any person to whom we are under an obligation to make disclosure under the requirements of any law or under and for the purposes of any guidelines issued by authorities with which ReGen or our holding companies, affiliates, representatives are expected to comply.
- In addition, we may give or disclose your personal data if required to do so by law or in good faith, if such action is necessary to (a) comply with any law enforcement agency or authorities’ requirements, court order or legal processes; or (b) protect and defend the rights or property of ReGen.
- In relation to sub-paragraph 7(c) above, in the event of any default in payment where the amount in default is not fully repaid on or before the due date, we may give or disclose your data to debt collection agency, lawyer and/ or registered credit reporting agencies.
- We endeavor to take reasonable precautions to ensure that the data that we collect and or process are accurately reflected in our systems in accordance with the details provided by you. Therefore, the accuracy of the data depends to a large extent upon the information you provide. Kindly contact and inform us immediately if your data provided earlier to us have become incorrect, inaccurate or out-of-date. Our contact details are stated in paragraph 13 below.
- We retain data for as long as necessary for its legitimate business purposes, and as otherwise permitted by applicable law.
- Under PDPA and subject to other prevailing laws, you may:
- check whether we hold data about you and of access to such data;
- request us to correct any data relating to you which is inaccurate; and
- request clarification on our policies and practices in relation to data and to be informed of the kind of data held by us.
- We have the right to charge a fee for the processing of any data access request.
You have the right to:- Request access and access to your Personal Data in our records for verification purposes;
- Request the correction of your Personal Data in our records in the event the information is inaccurate, misleading, out-of-date or incomplete upon validation and verification of the new information;
- Request that your Personal Data shall only be kept for the fulfilment of the purpose of the collection of such information;
- Communicate to us your objection to the use of your Personal Data for marketing purposes; and
- Withdraw, in full or in part, your given consent, subject to any applicable legal restrictions, contractual conditions and a reasonable time.
- You may request for access to or correction of your Personal Data or limit the processing thereof by submitting your written request to:
Personal Data Protection Officer
ReGen Rehabilitation International Sdn Bhd Sdn Bhd
Tel: +603 7626 1388
Email: pdp@regen.rehab
- If you do not want to be contacted by us for any event invitation and/or marketing materials, please e-mail to: pdp@regen.rehab
- We may, from time to time, without prior notice to you, be required to change our Personal Data Protection Policy to comply with or be consistent with changes in the applicable law and regulations as well as our business operations or policies. As such, we encourage you to check our Personal Data Protection Policy at our website for the latest version.
- Continued usage of our services / facilities is deemed your consent for us to collect, process and store the data in accordance with the above.