Privacy Policy

Integrated Health information Systems Pte. Ltd. (“IHiS”) respect your privacy and recognise the importance of data protection. This policy serves to share how we process your personal data in accordance with the Personal Data Protection Act (2012). To “process” means to collect, use, store, transfer, disclose, alter, correct, delete or destroy personal data.

By interacting with us and submitting your data to us, you agree and consent to IHiS as well as our respective agents, authorised service providers and relevant third parties to processing your Personal Data in the manner set forth in this Privacy Policy. If you have any queries on this policy, please contact the persons identified at the end of this policy.

This Privacy Policy supplements but does not supersede nor replace any other consents which you may have previously provided to us nor does it affect any rights that we may have at law in connection with the collection, use and/or disclosure of your Personal Data. We may from time to time update this Privacy Policy to ensure that this Privacy Policy is consistent with our future developments, industry trends and/or any changes in legal or regulatory requirements. As and when the contents of the Privacy Policy are updated or amended, the changes will be uploaded into our website at https://www.healthhub.sg/. Each time you use our websites and mobile and web-based application, and any updates, upgrades, new versions, documentation and content and services provided by or through the websites and mobile and web-based application (collectively referred to as “HealthHub”), or contact, interact or transact with us, you acknowledge and agree that the latest version of this Privacy Policy shall apply. It is your duty to keep yourself updated as to the latest version of the Privacy Policy.

This Privacy Policy was last updated on 25 April 2021.

1.      Your / Another Person's Personal Data

1.1.

In this Privacy Policy, “Personal Data” refers to any data, whether true or not, about an individual who can be identified (a) from that data; or (b) from that data and other information to which the organisation has or is likely to have access. Examples of such Personal Data which you may provide to us include:

(a)

your name, NRIC, passport or other identification number, telephone number(s), mailing address, email address, geo-location, device unique identifier and any other information relating to you which you have provided us;

(b)

your medical history and background, and income levels; and

(c)

your nationality, residency status, address, date of birth and race.

1.2.

A reference to “Personal Data” also includes such data that may be provided by you on behalf of another person pursuant to Clause 2 below.

1.3.

References to “includes,” “including,” “including but not limited to,” “including without limitation” and words or phrases of similar import shall be deemed to have the same meaning and the words “includes(s)” and “including” shall not be deemed to be terms of limitation but rather be deemed to be followed by the words “without limitation.”

1.4.

In relation to personal data, “Processing” refers to the act of collecting, recording, holding or storing personal data and carrying out any operations or set of operations on the personal data.

2.      Use and Collection of Personal Data

2.1.

IHiS may use your personal data (a) for the purposes identified below or separately communicated to you (b) to fulfil legitimate business interests and/or contractual and legal obligations and (c) to comply with applicable laws, regulations and/or requirements from government agencies, regulatory bodies, statutory boards or other relevant bodies in Singapore.

2.2.

Generally, IHiS may collect your Personal Data in the following ways:

(a)

when you submit forms, applications, requests or feedback to us;

(b)

when you enter into any agreement or provide other documentation or information in respect of your interactions with us, or when you use our services;

(c)

when you interact with our customer service officers, for example, via telephone calls, letters, face-to-face meetings, social media platforms and emails;

(d)

when you use our electronic services, mobile and web-based applications or interact with us via any of our websites or mobile or web-based applications or use the services on any of our websites or mobile or web-based applications which may utilise various technologies to collect data (which may include Personal Data) automatically either by us or by third parties on behalf of us;

(e)

when you respond to our requests for additional Personal Data;

(f)

when we receive your personal data from referral parties, government ministries or agencies, regulators, statutory boards, Public Healthcare Institutions, public agencies, your employer and other third parties;

(g)

when you attend or participate in our events or activities (e.g. public forums and events) and your voice and image data is captured on cameras, audio and video recordings;

(h)

when you respond to our initiatives;

(i)

from third parties, including social networks (such as Facebook, LinkedIn and YouTube), when you consent to such third parties disclosing information about you to us that those third parties have collected, whether by logging into through the social plug-ins on our websites or mobile or web-based applications or otherwise; and

(j)

when you submit your Personal Data to us for any other reason.

2.3.

Examples of some of the technologies which may be used (either by us or by third parties on behalf of us) by or in our electronic services, websites and mobile and web-based applications to collect, use and/or disclose Personal Data include the following:

(a)

Click-stream data. A visit to one of our websites or use of our mobile or web-based applications results in data that is transmitted from your browser to our server being automatically collected and stored by us or by third parties on behalf of us. This data can include the following:

(i)

the visitor's IP address;

(ii)

the date and time of the visit;

(iii)

the referral URL (the site from which the visitor has come);

(iv)

the pages visited and action taken on our website or mobile or web-based applications; and

(v)

information about the device, mobile carrier and browser used (browser type and version, operating system, etc).

(b)

Cookies. A number of places on our website and our mobile and web-based applications make use of cookies. Should you wish to disable the cookies associated with these technologies, you may do so by changing the setting on your browser. However, you may not be able to enter certain part(s) of our website or enjoy full access to all of our applications;

(c)

Web beacons and tracking links. Web beacons (also known as pixel tags and clear GIFs) involve graphics that are not apparent to the user. Tracking links and/or similar technologies consist of a few lines of programming code and can be embedded in our emails, website or mobile or web-based applications. In conjunction with cookies, these are primarily used for statistical analysis purposes. This technology can also be used for tracking traffic patterns on websites, as well as finding out if an e-mail has been received and opened and to see if there has been any response;

(d)

Web analytics. Web analytics is the term given to a method for collecting and assessing the behaviour of visitors to websites and mobile or web-based applications. This includes the analysis of traffic patterns in order, for example, to determine the frequency of visits to certain parts of a website or mobile or web-based applications, or to find out what information and services our visitors are most interested in. For these purposes, we primarily make use of click-stream data and the other techniques listed above. Web analytics are carried out by the Content Management Systems, Google Analytics and/or other selected parties (as we may inform you from time to time) (“Web Analytics Providers”). When you visit our website or use any mobile or web-based applications, Personal Data may (unless you have refused the processing of your Personal Data via such cookies and technologies) be sent to the Web Analytics Providers for analysis for and on behalf of us for the purposes described in this Privacy Policy. Please note that if you have created an online profile at our website or mobile or web-based application and if you are logged in on this profile, a unique number identifying this profile may also be sent to the Web Analytics Providers in order to be able to match the web analytics data to this profile. If you do not wish information about your behaviour at our website or any mobile or web-based applications to be collected and assessed by Google Analytics, you can install the Google Analytics opt-out browser add-on. Please refer to Google Analytics Opt-out Browser Add-on page for more information on downloading the add-on and opting out;

(e)

Unique application numbers. Certain services include a unique application number. This number and information about your installation of the application (for example, the operating system type and application version number) may be sent to us when you install or uninstall that service or when that service periodically contacts our servers, such as for automatic updates;

(f)

Local Storage. We may collect and store information (including Personal Data) locally on your device using mechanisms such as browser web storage (including HTML 5) and application data caches. Such information may include your self-added medication list and medication reminders;

(g)

Retargeting Technologies. Our website and mobile or web-based applications may use retargeting technologies within the Internet. Retargeting technologies analyse your cookies and past surfing behaviour, including clicking of advertisements, so that where you have visited our website, used our mobile or web-based applications or clicked on our advertisements before, we can serve you our advertisements on our partner websites. We may also work with Web Analytics Providers, who use tracking technologies to serve our advertisements to you across the Internet. In order to serve such advertisements, these companies may collect information about your visits to our websites or mobile or web-based applications and your interactions with us and our advertisements. Please refer to our Web Analytics Providers’ privacy policy(ies) for more information about their data protection practices. If you do not wish to receive such advertisements, you may adjust your browser settings for the cookies which your browser accepts.

2.4.

If you provide us with any Personal Data relating to a third party (including, for example, information of your spouse, children, parents, caregiver), by submitting such information to us, you represent to us that:

(a)

you are authorised to act on his/her behalf;

(b)

you have obtained the consent of the third party to provide us with their Personal Data for the respective purpose;

(c)

he/she accepts that his/her Personal Data will be subject to this Privacy Policy (as amended from time to time); and

(d)

you agree to fully indemnify us in respect of any regulatory penalties, claims or proceedings by third parties and any proceedings, investigations, orders, directions, judgements issued by a court, statutory body or regulatory authority, in connection with the provision of his/her Personal Data.

2.5.

You should ensure that all Personal Data submitted to us is complete, accurate, true and correct. Failure on your part to do so may result in our inability to provide you with the products and services you have requested or process your application.

3.      Purposes for the Collection, Use and Disclosure of Your Personal Data

3.1.

Generally, IHiS may collect, use and/or disclose your Personal Data for the following purposes:

(a)

setting up your account with us and managing your use and access of HealthHub;

(b)

facilitating your use of our online and mobile services such as the healthcare management programmes and/or the transactional e-services like e-appointments and e-payments;

(c)

integrating onto healthcare computer systems and applications operated or managed by the Public Healthcare Institutions in order to provide you with the healthcare services (including medical, dental, health-screening and immunisation services) and any programmes related to promotion of good health, healthy lifestyles and prevention and detection of diseases. The institutions include but are not limited to the National Electronic Health Record system managed by the Ministry of Health, the SingHealth Online Appointment System and National Healthcare Group Polyclinics Online Appointment System or any healthcare institutions under the Ministry of Health.

(d)

managing your relationship with us by personalising our services and recommending content related to your health and our services and informing you about service upgrades and updates;

(e)

carrying out security and safety measures and services such as performing network or service enhancement and protecting our platforms from unauthorised access or use;

(f)

carrying out market-related, evaluation or similar research and analysis for our operational strategy and policy planning purposes, including providing data to authorised external parties for any purposes to review, develop and improve the quality of healthcare products and services.

(g)

verifying your identity and such other information provided by you, including but not limited to the relationship between yourself and a third party dependent or the relationship between yourself and a third party caregiver;

(h)

managing the administrative and business operations more effectively such as to attend your queries, feedback, complaints and to comply with our internal record keepings for meeting any applicable laws and regulations;

(i)

facilitating business asset transactions (which may extend to any mergers, acquisitions or asset sales);

(j)

carrying due diligence in accordance with legal and regulatory obligations or our risk management procedures and policies such as conducting audits to prevent, detect and investigate crime or offences or uncover non-conforming process.

(k)

monitoring or recording phone calls and customer-facing interactions for quality assurance, and identity verification purposes;

(l)

in connection with any claims, actions or proceedings (including but not limited to drafting and reviewing documents, transaction documentation, obtaining legal advice, and facilitating dispute resolution), and/or protecting and enforcing our contractual and legal rights and obligations;

(m)

complying with any request or direction of any government authority or public agencies, ministries, statutory boards or similar authorities or non-governmental agencies authorized to carry out specific Government services and duties; and

(n)

any other purpose reasonably related to the aforesaid.

3.2.

To conduct our operations more smoothly, we may disclose the personal data you have provided to us to our third-party services providers, agents and/or affiliates or related corporations (“External Parties”) for such External Parties to process your personal data based on your requested services for one or more of the above stated reasons or purposes. An External Party may be sited in locally or outside Singapore.

3.3.

If we need to use your Personal Data for any other purposes, we will notify you and obtain your consent beforehand in accordance with the requirements of applicable data protection laws.

4.      Accuracy of Personal Data

4.1.

We will take reasonable steps to make sure the personal data we collect, use or disclose is accurate, complete and up to date. To enable us to ensure the quality and accuracy of personal data, you are obliged to provide relevant and accurate information to us.

5.      Protection and Retention

5.1.

We will take reasonable steps to protect the personal data we hold from misuse and loss and from unauthorised access, modification or disclosure.

5.2.

We will take reasonable steps to destroy or permanently de-identify personal data if it is no longer needed for any purpose. Destruction of personal data will be carried out in accordance with IHiS’s prevailing policies and procedures, contractual agreements and Government’s Healthcare Instruction Manuals.

6.      Transfer of Personal Data

6.1.

Generally, we do not transfer personal data out of Singapore except under collaboration with External Parties or our approved third-party services for application services. Should we do so, we ensure there is data protection of a standard that is at least comparable to that under PDPA.

7.      Third Party Sites

7.1.

This site may contain links to sites whose data protection and privacy practices may differ from ours. We are not responsible for the content and privacy practices of these other websites and encourage you to consult the privacy notices of these other websites.

8.      Contacting Us – Feedback, Withdrawal of Consent, Access and Correction of your Personal Data

8.1.

You are entitled to withdraw your consent for the collection, use and disclosure of your personal data at any time. However, depending on the nature of the withdrawal, it may become impossible for IHiS to provide services such as processing or providing services offered by HealthHub. IHiS may also not be in a position to administer any contractual relationship in place, which in turn may also result in the termination of any agreements with IHiS, and your being in breach of your contractual obligations or undertakings. IHiS’ legal rights and remedies in such event are expressly reserved.

8.2.

If you:

(a)

have any questions or feedback relating to your Personal Data or our Privacy Policy;

(b)

would like to withdraw your consent to any use of your Personal Data as set out in this Privacy Policy; or

(c)

would like to obtain access and make corrections to your Personal Data records, you can contact our Data Protection Officer by email at [email protected].

9.      Governing Law

9.1.

This Privacy Policy shall be governed in all respects by the law of Singapore.



Catalog-Item Reuse