IV Screen




Privacy statement

1. General

The confidential and appropriate processing of personal data is important to us. This document provides information on the way we process personal data in the IV Screen service. IV Screen is Monidor’s service for customers, such as health care centres and hospitals, which helps them provide their patients with accurate IV therapy.

Monidor Oy (”Monidor”) is committed to protecting your privacy and processing your data in a secure manner. In the processing of personal data, we comply with the GDPR and other applicable legislation, as well as good data security practices.

Our obligations include the realisation of the rights of the registered person. You can find more information about your rights in the section Rights of the registered person.

2. Processing of personal data

2.1 The purpose of processing personal data

We process personal data in order to identify users in the service and to create user log files. The user’s name, IP address and time stamp are entered in the user log file. In addition to identification and the user log file, we may also process personal data in order to resolve issues and to improve and develop the service.

The service processes IV therapy data in order to accurately provide IV therapy, as well as patient bed data to distinguish patient infusion treatments more clearly from one other on behalf of the controller.

2.2 The basis of processing personal data

The processing of personal data for the aforementioned purposes is based on an agreement between Monidor and their Customer and the realisation of its purpose.

2.3 The personal data to be processed and collected

We collect the service user’s name, e-mail address and IP address, as well as service use data, such as time stamps, in order to create a user log file.

The personal data we process might also include sensitive patient data in special personal data groups. We process such sensitive personal data only on the behalf of the controller in order to provide the service.

3. Data security

We use necessary technical and organisational data security measures to protect personal data against unlawful access, disclosure, deletion or other unlawful processing. Such measures include the use of fire walls, encryptions, and secure device facilities; appropriate monitoring of access; controlled granting of access rights and the supervision of their use; instructing and training personnel participating in the processing of personal data; and the careful selection of subcontractors.

Sensitive data processed on behalf of the controller has been pseudonymised in a way that the data cannot be directly connected to an identifiable person or personal data entry. The rights of the service users have been restricted in a way that the user cannot accidentally run operations as the system administrator and find out or process personal data that does not belong to the user.

3.1 The disclosure or transfer of personal data

On principle, we do not disclose or transfer data collected in the service to third parties. User data, such as the user log file, may be disclosed to a supervising or other authority if the authority requests this from Monidor and we have a legal obligation to disclose this information. The disclosure is always based on a legal obligation or the consent of the user.

On principle, personal data is only processed in the ETA region. In individual cases, we may have to transfer data outside of the ETA. In these cases, the user will be informed of the transfer, and the transfer process will comply with the regulations laid down in the legislation, and it is ensured in the best possible manner that appropriate data security measures are taken during the transfer.

3.2 Storage periods of personal data

Personal data will be stored for as long as it is necessary in order to carry out the agreement between Monidor and the Customer.

Data collected for the user log file will be stored for a period defined in legislation.

Personal data will only be kept to an extent that is necessary for its intended purpose. Other personal data will be deleted when there is no legal basis for its storage or it is no longer needed for the purpose for which it was collected.

3.3 Rights of the registered person

The registered person has the right to receive a confirmation that their data is processed, and they have the right to review the content of their data. In addition, the registered person has the right to request a rectification of incorrect personal data. If the request is related to data that Monidor processes on behalf of the controller, we will direct the request to the controller.

The registered person has the right to request the removal of their personal data under certain conditions. Personal data can be removed upon the request of the registered person if

Instead of deleting the personal data, the registered person may also request restricting its use in the event that the processing has been unlawful. Despite the registered person’s request for restrictions, their personal data can be processed to protect the rights of our Customer.

In the event that the processing is based on consent, the registered person has a right to withdraw their consent at any time.

In the event that the registered person considers that their rights have been violated or that we have not complied with the law in the processing of the personal data, the registered person has the right to complain to the supervisory authority (tietosuoja@om.fi).

3.4 Use of rights and contact details

If you wish to exercise your aforementioned rights or, otherwise, contact us about the processing of your personal data, you can contact us at info@monidor.fi or Monidor Oy, tietosuoja (data security), Elektroniikkatie 3, 90530 Oulu, Finland.

4. Potential conflicts between documents

In the event that there are conflicts between the Finnish version and the translated versions of this document, the Finnish version will be prioritised.



Back