PERSONAL DATA PROCESSING & PRIVACY

WHY DO WE COLLECT YOUR DATAS ?

The personal data processing of the information that you are going to provide is intended to :

• Collect, on a voluntary basis, the medical history of the attendees present on the Site/Event. The questions address the allergies, the past and present diseases, the drug treatments and the outbreak signs perceived in the last 15 days.
• Evaluate the individual and collective health risk of each person present on the Site/Event.
  • Before the Event, it enables to assess the risk of outbreak diffusion.
  • During or After the Event, it allows to follow with more attention the most fragile people.
• Address, depending on the contexts, the traumatic, neurological, respiratory and cardiovascular history of the attendees.
• Ensure traceability of the treatment of each Patient, which is a medico-legal obligation.
• Centralize data, in order to create and compute anonymized statistical analyses. These analyses may be used for research and development purposes. It targets especially to better understand the cause of accident or disease. The final objective is to improve the safety and quality of healthcare on the Site/Event.

In addition to these process, the Data Processing Controller (see below) who is processing your data would process them for additional purposes. In such a case, he must have informed you previously on his own.

The way we collect and process follows the Articles 6, 13 & 14 of the European GDPR and the Canadian PIPEDA Fain Information PIPEDA Fair Information Principe n°2 on Identifying Purposes and Principe n°4 on Limiting Collection.

WHO ACCOUNTS FOR YOUR DATAS ?

The logicoss application and its main features (medical form, medical encounter, etc.) is provided to you by a first response or medical service provider. This provider endorses the position of Data Processing Controller of your personal data in compliance with Article 1 of the GDPR and PIPEDA Fair Information Principe n°1 on Accountability.

To provide a secure and resilient application, LOGEVER HEALTHCARE replies on companies whose are expert on application development and Health Data Hosting service. Both all of these companies and LOGEVER HEALTHCARE process Health Data in strict compliance with the instructions provided by the Data Processing Controller. In the meaning of the GDPR, it means that all of these companies and LOGEVER HEALTHCARE are “subcontractors” of the Data Processing Controller.

The name of the Data Processing Controller who accounts for your data can be found either :

• in the email which invited you to fill a logicoss Medical Form
• by contacting your employer or the provider of the Event in which you will / have taken part

As a last resort, any person having difficulties to identify the Data Processing Controller can adress an email to the Data Protection Officer of LOGEVER HEALTHCARE at dpo@logever-healthcare.com to get this information.

WHO IS HOSTING YOUR DATAS ?

The Health Data Hosting service is managed by Claranet and its subcontractors Equinix and Telehouse.

WHERE DO WE HOST YOUR DATAS?

The Health Data Hosting service is implemented through three server centers located in France:

• Main center : 114 rue Ambroise Croizat, 93200 Saint Denis, FRANCE (Equinix PA2 center )
• Back-up center: 130-136 Boulevard de Verdun, 92400 Courbevoie, FRANCE (Equinix PA 7 center)
• Complementary asset center : 1 rue Pablo Picasso 78114 Magny-Les-Hameaux, FRANCE (Telehouse TH3 center)

HOW CAN YOU ACCESS & MODIFY YOUR DATAS?

In application of I/ articles 15 and following of the European GDPR (General Regulations for the Protection of Personal Data) and II/ Canadian PIPEDA Fair Information Principle n°9 on Individual Access, each person has the right to oppose the deposit of its data with this certified host, subject to the expression of a legitimate reason. Likewise, each person has the right to access and rectify information concerning him/her.

Consequently, any person wishing to exercise these rights of access, rectification or opposition to the deposit of its data with this host, is requested to write to the Data Protection Officer. LOGEVER HEALTHCARE, 109 boulevard de l’Europe, 69310 Pierre Benite, FRANCE , mentioning in the letter the event/site in which you took part. The letter will be forwarded to the Data Protection Officer of the Data Processing Controller who either sent you a medical form or filled on personal information in the logicoss medical encounter. A reply will be given within the legal time limits (European Citizen : 8 days to 60 days ; Canadian Citizen : 30 days to 60 days).

As a last resort, any person having difficulties in exercising its rights may also contact the Hosting company, by adressing him an email to medecin.hebergeur@fr.clara.net, copy to dpo@logever-healthcare.com. Please mention in the subject line: « rights relating to personal data access and modification – logicoss application provided by logever healthcare ».

HOW DO WE SECURE YOUR DATAS?

THe Health Data are hosted by Claranet and its subcontractors in compliance with the following certifications :

• E-health host provider Certification ASIP – HDS, adressing the activities 1 to 6 of 6 : 1. implementation and management of physical sites hosting hardware infrastructures used to process health information; 2. implementation and management of hardware infrastructures used to process health information; 3. implementation and management of the hosting platform used to process health information; 4. implementation and management of virtual infrastructure used to process health information; 5. administration and operation of information system processing health information; 6. health information backups.
• International Certification ISO 9001 on Quality Management
• International Certification ISO/IEC 27001 on Information Security Management
• Tier-3 Equivalence, guaranteeing a maintenance capacity without shutting down any IT components