HOME > PRIVACY NOTICE

Medsol Privacy Notice

Protecting your personal information is as important to us as it is to you. You trust us with your patient information, and we respect that trust. For us, it is more than just complying with legislation; it is about supporting your business to protect and use information effectively and efficiently. This privacy notice explains why and how we collect, use and store personal information. If you have any questions, please contact us at popia@medsol.co.za

This notice was last updated on 21 June 2021.

1. What this notice is about

We want you to understand who you are sharing your personal information with, what kind of information we are collecting and how we use the information.

This notice is for:

  • users of iHealth
  • users of our administration services
  • pre-funding clients and their patients
  • website visitors

The Protection of Personal Information Act aims to protect your personal information and prescribes what we must and must not do with it. Other legislation also applies to personal information. For instance, the Medical Schemes Act prescribes what information must be submitted to make a successful payment to a beneficiary. This means that we have to process your personal information in a certain way from time to time or keep it for a certain period.

We may have to change this privacy notice from time to time to accommodate changes in our services or when legal requirements change.

2. What information we collect

2.1. When you use our administration services

We collect this information from medical service providers:

  • Name
  • Registration number or ID number
  • BHF practice number
  • VAT number
  • Contact details
  • Bank account details
  • Practice details

We collect this information to provide our administration services and to pay you.

2.2. When we provide pre-funding services

We collect this information from medical service providers:

  • Name
  • Registration number or ID number
  • BHF practice number
  • VAT number
  • Contact details
  • Bank account details

We collect this information to purchase accounts and the right to claim from the guarantor on behalf of medical service providers.

When a medical service provider sells an account to us, we collect all the information related to the account, including the patient details and information about the treatment provided. We collect this information to process the claim with the applicable guarantor.

2.3. When you contact us

When you contact our staff working in your accounts, we collect information that helps us categorise your query and respond to it. We record all calls to or from our staff for quality control and records management purposes.

2.4. When we do marketing

We may collect medical service providers’ names and contact information from public-facing websites to contact them for marketing purposes. We will always tell you where we got your information from and ask your permission to contact you for marketing purposes.

3. Why we need personal information

We use personal information to:

  • provide our services
  • give users access to iHealth and MxNode
  • pay out successful claims collected from the guarantors
  • provide support to clients and users
  • send statements and other legal documents
  • comply with legal obligations
  • ensure the quality of our service
  • market our services

Our staff records their calls for quality control and record-keeping purposes.

4. Who we share your personal information with

We may share your personal information with our service providers who help us deliver our services to you. We have agreements in place to ensure that they keep your information safe and only use your information with our permission.

When we purchase accounts from a medical service provider as part of our pre-funding service, we share the medical service provider’s and patient’s information with the various guarantors to submit and manage the payment of the account.

We use Microsoft 365 to store information, including client information. Microsoft stores all our content in the European Union. We believe that Microsoft provides an adequate level of protection for the personal information we store with them. You can read more about their privacy undertakings here.

Sometimes we need to disclose your information to a third party:

  • if we believe that disclosure is reasonably necessary to comply with the law, legal process, or a government request;
  • to enforce our contracts and policies;
  • to protect ourselves, clients, and the public from illegal activity; or
  • to respond to an emergency which we believe in good faith requires that we disclose personal data.

If there is a change in our company structure or ownership, we may share your information as part of the assets transferred or the due diligence for the transaction.

5. Your rights and preferences

You have the right to:

  • ask what personal information we have about you;
  • ask what personal information we sent to our suppliers, service providers, or anyone else;
  • ask us to update, correct, or delete any out-of-date or incorrect personal information we have about you;
  • unsubscribe from any direct marketing communications we may send you,
  • object to the processing of your personal information in certain circumstances; and
  • complain about our practices with the Information Regulator.

It can take us up to 21 days to respond to your request because there are procedures that we need to follow.

In some instances, we may require proof of your identity, and sometimes we may have additional requirements before updating your information.

6. We have implemented security measures to protect information

We have implemented reasonable security safeguards to protect the personal information that you provide. For example, we have implemented multi-factor authentication for all users of our systems.

We regularly monitor our systems for possible vulnerabilities and attacks. As no measure is perfect, we cannot guarantee that information may not be accessed, disclosed, altered or destroyed by a breach of any of our physical, technical or managerial safeguards. We have measures in place to minimise the threat to your privacy in the event of a security breach. We will let you know of any breaches that affect your personal information.

If you suspect that we (or you) have had a security breach, please notify us immediately by sending an email to popia@medsol.co.za . Please include as much information as you can.