Processing of patient medical data
Contents
1. Who processes your data
Med Connect Systems S.R.L. provides the MedConnect technical platform to medical institutions (hospitals, clinics, practices) — which are the main controllers of your medical data.
In relation to patients, Med Connect Systems S.R.L. acts as a processor (data processor) for the medical institution, under processing contracts compliant with art. 28 GDPR.
If you create a personal account directly with MedConnect, we become controller only for that account's data, under your direct control.
2. What data we collect
We process the following data categories:
- Identification data: first and last name, national ID (stored only as a cryptographic hash), date of birth, sex.
- Contact data: email address, phone (optional, if you choose to provide them).
- Medical data: imaging (CT, MRI, ultrasound, X-ray, mammography, etc.), laboratory tests, medical reports, discharge letters, prescriptions, allergies, history, current treatments — uploaded by partner medical units, by treating physicians, or directly by you.
- Technical data: IP address, access logs, device type — strictly for security and audit purposes.
Under GDPR, medical data is sensitive data and benefits from special protection.
3. Why we collect it
Your medical data is processed exclusively for:
- Providing medical care — your treating physicians' access to your history for accurate diagnosis and treatment.
- Continuity of care — availability of your record across the partner medical units where you are treated (with your consent).
- Your safety — automatic detection of allergies and dangerous drug interactions before prescription.
- Your own access — full availability of your history via your personal MedConnect account.
- Legal compliance — fulfilling obligations of health legislation (retention of medical records).
We do not use your medical data for commercial purposes, advertising profiling or general AI training. Clinical AI models used to structure documents are applied only at the request of the medical institution, for the benefit of your care.
4. Legal basis
Processing of medical data is based on:
- Patient's explicit consent — for entering the platform and sharing with partner medical units (art. 9 (2) (a) GDPR).
- Necessity for preventive medicine, diagnosis and treatment — under the responsibility of professionals bound by professional secrecy (art. 9 (2) (h) GDPR).
- Vital interest — in emergency situations where the person cannot consent (art. 9 (2) (c) GDPR).
- Legal obligation — retention of medical records under health regulations.
5. Who has access to your data
Access to your medical data is strictly controlled and audited:
- You — always, fully, through your personal MedConnect account (if you choose to activate it).
- Treating physicians at the institution where you are treated — within their role and on a need-to-know basis.
- Physicians at other partner institutions — ONLY with your explicit consent, revocable at any time.
- Med Connect Systems technical staff — only for technical maintenance, under contractual confidentiality, and without access to medical content except in incident situations, with authorization.
- Public authorities — only in cases expressly provided by law (medical emergency, court order, forensic expertise).
Your data is NOT sold, shared with insurance companies without your express consent, or used for commercial purposes.
6. How long we keep data
Medical data is retained in accordance with applicable health legislation:
- Medical documents (reports, imaging, tests): minimum 30 years per Romanian and EU health regulations.
- Audit logs (who accessed what and when): minimum 10 years for protection of patient and medical professionals.
- Your personal account data: throughout the existence of the account, plus 36 months after closing for handling subsequent requests.
After legal retention periods expire, data is deleted or irreversibly anonymized.
7. Your rights
You have the full GDPR rights for sensitive data:
- Full access — you can see at any time what data we have about you and who has accessed it.
- Rectification — you can request correction of inaccurate data.
- Erasure — you can request data deletion, except where law requires us to retain it (e.g. minimum legal duration for medical records).
- Restriction — you can request temporary halt of certain processing.
- Portability — you can receive data in a standardized format (HL7 FHIR), readable by any other compatible medical system. Ready for European Health Data Space.
- Objection — you can object to certain processing based on legitimate interest.
- Withdrawal of consent — for any sharing with partner institutions, at any time, from a single interface.
- Complaint to the authority — Romanian National Supervisory Authority for Personal Data Processing (dataprotection.ro).
8. Data security
Your medical data is protected by:
- End-to-end encryption: TLS 1.3 for transfer, AES-256 for storage.
- National ID stored as a hash: the national identifier is never in plain text on our servers.
- EU-only storage: European infrastructure, under GDPR jurisdiction.
- Immutable audit: every access to your data is logged and cannot be deleted retroactively. You can see who accessed what and when.
- ISO 27001 alignment: international information-security standards.
- Mandatory Multi-Factor Authentication for doctors and for your personal account.
- Explicit identity verification at every document upload — no misattributions.
9. Data concerning minors
Minors' medical data is processed only with the legal representative's consent (parent or guardian). The legal representative can manage the minor's record from their own MedConnect account, via a dedicated family profile.
Upon reaching the age of majority, the representative's access automatically terminates. The person becomes the sole holder of their own account.
10. How to contact us
For any request concerning your medical data:
- Technical operator: Med Connect Systems S.R.L.
- GDPR email: office@med-connect.ro
- Address: Bucharest, Romania
- Web: med-connect.ro
For requests specific to a medical institution (consent for a specific clinic, data deletion related to a specific hospital), we recommend you also contact the main controller — the medical institution itself.