top_btn_img
logo logo_m
MENU
ABOUT US
MEDICAL INFO
CENTERS
CLINIC
HOSPITAL NEWS
ONN TV

Privacy Policy

On General Hospital (hereinafter referred to as the Hospital) takes the protection of your personal information very seriously and complies with the 『Personal Information Protection Act』. Through the personal information processing policy, the hospital informs you of the purpose and method of using the personal information provided by you and what measures are being taken to protect personal information.
Indication of processing of key personal information (labeling)

Collection of personal information

Gender, resident registration number, date of birth, address, contact number, ID, etc.

Purpose of processing personal information

Purpose of processing personal information

Consignment of personal information processing

System maintenance development, inspection consignment, website management, etc

Personal information complaint handling department

General Affairs Department, 051-607-0114
The order of this Privacy Policy is as follows.
  • 1. Purpose of personal information processing, collection items, retention and use period
  • 2. Matters concerning the processing of personal information of children under the age of 14
  • 3. Matters concerning the provision of personal information to third parties
  • 4. Matters concerning consignment of personal information processing
  • 5. Destruction procedure and method of personal information
  • 6. Matters concerning the rights and obligations of the information subject and legal representative and how to exercise them
  • 7. Matters concerning measures to ensure the safety of personal information
  • 8. Matters concerning the person in charge of personal information protection
  • 9. Remedy method for infringement of rights and interests of information subject
  • 10. Matters related to the operation and management of image information processing equipment
  • 11. Matters regarding changes to the personal information processing policy
1.Purpose of personal information processing, collection items, retention and use period

The hospital processes the personal information of the information subject as follows.

purpose of collection collection Retention and use period
  • Provision of medical services for treatment and treatment
  • Provision of health checkup service
 Required Hospital registration number, name, resident registration number, alien registration number (limited to foreigners), address, (mobile) phone number, health information If collected for the provision of medical services: In accordance with the medical record storage standards specified in the Medical Act
choice e-mail
Application for medical bills, medical bill statements, proofs, etc Required
  • (home page)
  • [Mobile phone identity authentication]
  • Carrier, name, mobile phone, CI
  • [Mobile phone identity authentication]
  • Carrier, name, date of birth, gender, mobile phone, CI
  • [Co-Certificate Certification]
  • Name, resident registration number, CI
  • [I-PIN authentication]
  • i-pin ID, password, CI
  • ⟨offline⟩
  • [me]
  • identification
  • [relatives]
  • 1. Present the recipient's ID
  • 2. Submission of a copy of patient ID
  • 3. Submission of patient's handwritten consent
  • 4. Submission of family relationship certificate or documents that can be confirmed
  • [deputy]
  • 1. Recipient ID: presented
  • 2. Copy of patient ID: Submission
  • 3. Patient's handwritten consent form: submission
  • 4. Power of Attorney handwritten by patient: Submit
 Destroy when purpose is achieved
Issuance of certificate Required Hospital registration number, department, type of certification (classification, Korean name of certification), list of requests (date of request, Korean name of certification, date of examination, department, special matters), classification of visit, department, period, date of visit, payment, department, Date of visit (hospitalization), date of discharge, doctor, purpose of treatment
  • Certificate: 3 years
  • Destroy when purpose is achieved
Payment of medical expenses Required (In case of credit card payment) Credit card payment approval information such as credit card company name and card number Preservation for 3 years in accordance with the Use and Protection of Credit Information Act
Items collected when booking Required
  • (Make a reservation for first-time customers)
  • [Patient] Name, resident registration number
  • [Booker] Name, cell phone number, main symptom, message you want to leave
  • ⟨Non-member reservation⟩
  • [Patient] Name, resident registration number (foreign registration number) or name, hospital registration number
  • [Reservation] Name, cell phone number, main symptom, message you want to leave
  • ⟨Make a proxy reservation⟩
  • Reservation name, patient name, resident registration number (or alien registration number), hospital registration number
  • ⟨Phone Reservation⟩
  • [New patients aged 14 years and older]
  • Name, resident registration number, mobile phone number, address, recorded consultation data
  • [New patients under the age of 14]
  • Name, resident registration number, mobile phone number, address, relationship with patient, guardian's mobile phone number, counseling recording data
  • [Foreign new patients]
  • Name, date of birth, gender, mobile phone number, nationality, passport number, recorded consultation data
  • [existing patient]
  • [deputy]
  • Call number, consultation recording data
  • If collected for the provision of medical services: In accordance with the medical record storage standards specified in the Medical Act
  • If you do not visit the hospital after the first appointment: Recorded data for 1 month is automatically destroyed when the time to destroy it arrives
choice
  • ⟨Phone Reservation⟩
  • [New patients aged 14 years and older]
  • Relationship with patient, guardian's cell phone number
  • [Foreign new patients]
  • Alien registration number, foreign residence card number
Health promotion center service Required
  • [Health checkup non-member reservation]
  • Name, date of birth, gender, address, mobile phone number, e-mail
  • [Health checkup phone consultation application]
  • Name, date of birth, gender, mobile phone number
  • [Health checkup e-mail consultation]
  • Name, e-mail
  • Retained in accordance with Article 15 of the Enforcement Rules of the Medical Act “Preservation of medical records”
  • Until the phone consultation request is canceled
  • Until cancellation of e-mail consultation
choice
  • [Health checkup phone consultation application]
  • Relationship with applicant, landline phone number
Homepage member registration Required
  • [Age 14+]
  • Name, ID, password, gender, date of birth, mobile phone number, e-mail
  • [Under 14 years old]
  • Name, ID, password, gender, date of birth, mobile phone number, e-mail, name of legal representative (guardian), phone number, year of birth
 Period of use: Membership period (immediately destroyed after withdrawal / separate storage of personal information if not used for more than 1 year)
choice
  • [Age 14+]
  • Whether to receive advertising mail
  • [Under 14 years old]
  • Whether to receive advertising mail
Authenticate your identity on the website Required
  • [Identification]
  • - Identity authentication, CI, DI
  • Name, date of birth, gender, carrier, mobile phone number
  • - I-PIN authentication
  • [Required]
  • ID, password, mobile phone number, identity verification, CI, DI
Collection of statistics on website service use automatic collection Service use record, access log, cookie, access IP information Destroy when purpose is achieved
Items collected when applying for a job Required Name, date of birth, gender, password, phone number, mobile phone number, nationality, e-mail, photo, address, religion, hobbies, specialties, disability, awards, academic background, grades, family information, qualifications, career history, military service history
  • Retention period : 6 months after the end of the recruitment process
  • Reason for retention : Management of future recruitable resources such as permanent talent pool
Confirmation of identity of applicant and confirmation of submitted documents for issuance of copies of medical records Required
  • ⟨The patient himself⟩
  • A copy of the ID of the person requesting record inspection or issuance of a copy or online identity verification
  • ⟨Relatives and Representatives⟩
  • - A copy of the applicant's identification card (passport, driver's license, resident registration card, etc.)
  • - Documents to confirm kinship, such as a certificate of family relationship and a copy of resident registration card
  • - Consent signed by the patient (except for minors under the age of 14)
  • Retained in accordance with Article 15 of the Enforcement Rules of the Medical Act “Preservation of medical treatment records”
  • Required documents submitted are destroyed after being stored for 3 years
  • Online Copy PDF
    • - 90 days past the date of printing
    • - 14 days unprinted results
    • - 14 days unpaid
  • Destroy after storing online payment details for 5 years
2. Matters concerning the processing of personal information of children under the age of 14

When the hospital collects personal information about children under the age of 14, it is done through a separate form written in plain language that is easy for children to understand, and collects the minimum amount of personal information necessary to perform the service with the consent of the legal representative. do.

[Required]

- Name of legal representative, relationship, mobile phone number, year of birth

When collecting personal information of children under the age of 14, the hospital may request minimum information such as the name and contact information of the legal representative from the child, and confirm whether the legal representative has consented in one of the following ways. A method of having the legal representative indicate whether or not he or she consents on the Internet site where the contents of consent are posted, and verifying the identity of the legal representative through mobile phone authentication, etc. How to check the child's legal representative can request access, correction, and deletion of the child's personal information. If you wish to view, correct, or delete your child's personal information, click Edit member information to view, correct, or delete your child's personal information.
3.Matters concerning the provision of personal information to third parties

The hospital will use your personal information beyond the scope notified in the 'Purpose of collection and use of personal information' in any case, except for cases with your consent or in accordance with the provisions of the relevant laws, Doesn't provide.
However, the following cases are exceptions.

  • -In case the consent of the information subject is obtained
  • -In case there are special provisions in the law or it is unavoidable to comply with legal obligations
  • -In cases where the data subject or his/her legal representative is in a state where he/she is unable to express his/her intention or cannot obtain prior consent due to unknown address, etc., it is clearly recognized as necessary for the immediate interests of the life, body, and property of the information subject or a third party if it becomes
  • -Statistics creation. In cases where it is necessary for academic research or market research, it is processed and provided in a form in which a specific individual cannot be identified
  • -In cases where personal information is used for purposes other than the intended purpose or if it is not provided to a third party, the duties prescribed by other laws cannot be performed, and the protection committee has deliberated and decided
  • -Where it is necessary to provide to foreign governments or international organizations for the implementation of treaties and other international agreements
  • -When it is necessary for the investigation of a crime and the filing and maintenance of a public prosecution
  • -When it is necessary for the court's trial work
  • -When it is necessary for the execution of punishment (sentence), probation, and protective disposition
  • -The institutions that receive the service are as follows.
  • ※ In cases where the consent of the information subject is obtained and when it is necessary for criminal investigation and prosecution and maintenance, it is excluded from disclosure according to the law (Personal Information Protection Act, Article 18, Paragraph 2, Items 1 and 7) The following table is a guide to organizations receiving information consisting of provider, personal information file name, date and time of provision, legal basis, purpose of provision, and provision items.
turn Provider Personal information file name Delivery date Legal Basis Purpose of provision Provided item
1 National Health Insurance Corporation medical record Upon request (at any time) Article 14, 47, 48, 63 of the National Health Insurance Act, Article 21 of the Medical Service Act Examination of salary costs, confirmation of current eligibility, etc medical records
2 City, county and district security institutions medical record upon request Articles 5, 11, and 33 of the Medical Benefit Act Medical benefit processing Medical records, video data (PACS)
3 Labor Welfare Corporation medical record Upon request (at any time) Industrial Accident Compensation Insurance Act Article 118, Medical Act Article 21 Industrial Accident Compensation Insurance Medical records, video data (PACS)
4 National Pension Service medical record Upon request (at any time) Article 123 of the National Pension Act, Article 32 Paragraph 7 of the Welfare of Persons with Disabilities Act, Article 21 of the Medical Service Act National pension business processing, disability registration review business processing Medical records, video data (PACS)
5 Korea Centers for Disease Control and Prevention medical record 22.07.22 Emergency Medical Services Act Article 13-2, Emergency Medical Services Act Article 13-4, Statistics Act Article 18 Follow-up of severely injured patients Medical records (name, date of birth, address, name of diagnosis, name of surgery, details of treatment, etc.), test results
6 Central Cancer Registry cancer registration survey 22.03.07 Article 8 of the Cancer Control Act, Articles 17 and 18 of the Enforcement Decree of the same Act Cancer related research Name, patient registration number, gender, age, treatment-related data
7 Provincial, city, county public health center medical record Upon request (at any time) Infectious Disease Control and Prevention Act Article 18-4, Medical Act Article 21 Pharmacological research Medical records (name, date of birth, address, diagnosis, operation name, details of treatment, etc.), test results, CD
8 police office medical record Upon request (at any time) Articles 106 and 215 of the Criminal Procedure Act and Article 21 of the Medical Service Act criminal investigation Medical records (name, date of birth, address, diagnosis, operation name, details of treatment, etc.), video data
9 court medical record Upon request (at any time) Article 347 of the Civil Procedure Act, Article 21 of the Medical Service Act Litigation Reference Medical records (name, date of birth, address, diagnosis, operation name, details of treatment, etc.), video data
10 Health Insurance Review and Assessment Service EDI samfile monthly, occasional Articles 47, 96, 87, and 88 of the National Health Insurance Act, Articles 11 and 30 of the Medical Benefit Act, and Article 45 of the Industrial Accident Compensation Act Billing and collection of medical expenses Patient personal information, medical information
11 National Health Insurance Corporation Health Insurance Severe Treatment Registration Application everyday Article 96 of the National Health Insurance Act, Article 81 of the Enforcement Decree of the National Health Insurance Act Reduction of medical expenses due to application of special calculation according to patient's disease Health insurance card number, name, resident registration number, address, phone number, disease name
12 National Health Insurance Corporation Health Insurance Reimbursement Inquiry Form everyday National Health Insurance Act Article 41, National Health Insurance Act Article 81 Determination of whether to apply for insurance benefits due to injury or external disease Health insurance card number, name, resident registration number, address, phone number, disease name
13 Labor Welfare Corporation Industrial Accident Compensation Insurance Report Occasional Articles 31 and 118 of the Industrial Accident Compensation Insurance Act Review, notification of decision, application of insurance benefits, etc Name, resident registration number, address, phone number, doctor's opinion
4.Matters concerning consignment of personal information processing

The hospital entrusts the following personal information processing tasks to external professional companies for smooth operation, such as providing better service and providing customer convenience.

consignment company Contents of entrusted business Personal information retention period
Easy Care Tech Co., Ltd. Hospital information system (S/W) Until the end of the consignment contract
EV Care Co., Ltd. Medical fee unmanned payment machine management Until the end of the consignment contract
Axis Data Base maintenance Until the end of the consignment contract
Medical Corporation Samkwang Medical Foundation Outsourcing inspection to an external inspection institution Until the end of the consignment contract
Seegene Medical Foundation Outsourcing inspection to an external inspection institution Until the end of the consignment contract
Taeyoung Co., Ltd. Integrated PACS maintenance service Until the end of the consignment contract
Garion Information Technology System operation H/W maintenance Until the end of the consignment contract
saerom Health screenings Until the end of the consignment contract
Ed Bank Co., Ltd., GeoU Homepage integrated maintenance service Until the end of the consignment contract

The hospital complies with laws and regulations related to personal information protection through consignment contracts, etc., maintains confidentiality of personal information, prohibits provision of third parties, bears responsibility in case of an accident, obligation to return or destroy personal information after consignment period, processing is completed, etc. stipulates and manages to comply with it so that personal information can be safely managed.

5.Destruction procedure and method of personal information

The hospital destroys the personal information without delay when the personal information becomes unnecessary, such as the elapse of the retention period, achievement of the processing purpose, or closure of the business.

If personal information must be kept in accordance with other laws and regulations despite the expiration of the personal information retention period agreed to by the information subject or the achievement of the purpose of processing, the personal information is moved to a separate database (DB) or stored in a different storage location. and preserve it.

The procedure and method of destroying personal information are as follows.

[Destruction procedure]
- Personal information entered for service subscription, etc. is destroyed according to internal policy and information protection reasons after the purpose of use such as service termination is achieved.

[Destruction method]
- Personal information entered for service subscription, etc. is destroyed according to internal policy and information protection reasons after the purpose of use such as service termination is achieved.
- Personal information printed on paper is shredded with a shredder or destroyed by incineration.

division Preservation grounds Preservation items
patient medical record Medical Law Enforcement Rule Article 15 Paragraph 1 Matters included in “medical records, etc.” under Article 22 of the Medical Act
6.Matters concerning the rights and obligations of the data subject and legal representative and how to exercise them

Customers may request access, correction, or deletion of personal information to the person in charge of personal information protection at the bottom, and the hospital faithfully responds to customer requests and processes them without delay. When requesting access, correction, deletion, etc. of personal information, please submit a request for personal information access, correction, deletion, etc. of personal information according to the form in Annex No. 8 of the Enforcement Rules of the Personal Information Protection Act. The exercise of the rights of the information subject can be done through an agent, such as a legal representative of the information subject or a person who has been delegated. In this case, you must submit a power of attorney in accordance with the form of Attachment No. 11 of the Enforcement Regulations of the Personal Information Protection Act.

▶ Access to personal information

Customers can request access to personal information by visiting the hospital, and must submit a personal information access request form. However, requests to view personal information may be limited as follows in accordance with Article 35, Paragraph 4 of the Personal Information Protection Act.

  • - When viewing is prohibited or restricted by law
  • - If there is a risk of harming the life or body of another person or of unreasonably infringing on the property or other interests of another person
  • - In the event that a public institution causes a significant hindrance in performing its duties

In addition to the above request for reading reception/processing department, the information subject may request access to personal information through the Personal Information Protection Commission's 'Comprehensive Support Portal for Personal Information Protection' website (www.privacy.go.kr). Requests for viewing and correction may be rejected for reasons such as cases in which there is a risk of significant harm to the person in question or a third party, significant impediment to the service provider's business, or violation of other laws and regulations.
Personal Information Protection Commission Personal Information Protection Comprehensive Support Portal → Personal Information Complaint → Request to view Personal Information (You must have an I-PIN to verify your identity)

▶ Correction, deletion, and suspension of processing of personal information

If the information subject wants to correct or delete errors in personal information, please submit it to the person in charge at the bottom, and in this case, the hospital will not use or provide the personal information until correction or deletion is completed.

  • 1.The hospital corrects or deletes personal information without delay when a customer requests correction or deletion of personal information or when it is recognized that there is a need for correction or deletion, such as when the personal information is found to have errors. The hospital may request evidence required to verify the facts of the correction/deletion.
  • 2.When a customer requests to view, correct, delete, or request his or her personal information, the identity of the customer is verified.
  • 3.If there is a legitimate reason for refusing to view, correct, delete, or suspend processing of all or part of personal information, the hospital notifies the customer and explains the reason.

▶ Protection of children's personal information

Membership registration for children under the age of 14 (hereinafter referred to as “children”) is done through a separate form written in plain language that is easy for children to understand, and consent from a legal representative must be obtained when collecting personal information. The hospital collects minimum information such as the name and contact information of the legal representative from the child in order to obtain consent from the legal representative, and obtains the consent of the legal representative according to the method stipulated in the personal information processing policy. The child's legal representative may request to view, correct, or delete the child's personal information. If you wish to view, correct, or delete your child's personal information, click Edit member information to go through the legal representative confirmation process, and then your legal representative can directly view, correct, or delete your child's personal information.

7.Matters concerning measures to ensure the safety of personal information

On General Hospital establishes and implements an internal management plan for the safe handling of personal information. As a technical measure to protect users' personal information, various security devices are in place, and all information provided by users is safely protected/managed by security devices such as firewalls. In addition, Chonnam National University Hospital prepares necessary procedures for accessing and managing users' personal information as a managerial measure for the protection of users' personal information, and conducts continuous security training by limiting the number of people who process users' personal information to a minimum. are doing In addition, we designate users of the system that processes personal information, give them user passwords, and update them regularly. We set up a separate physical storage location for the personal information system that stores personal information, and establish and operate access control procedures.

8.Matters concerning the person in charge of personal information protection

In order to protect customer's personal information and handle complaints related to personal information, we designate the person in charge of personal information protection as follows.

  • Roles and Duties of Customer Personal Information Manager
  • General business related to the collection, use, provision and management of personal information
  • Establishment of privacy policy and related regulations
  • Inspection of illegal or unreasonable infringement of personal information by employees or third parties
  • Designation and supervision of personal information handlers, training
  • Management and supervision of the personal information protection situation of personal information providing or sharing companies and consignment companies
  • Preparing the best measures for matters necessary for other users' personal information
division department contact
Personal Information Protection Officer
  • Department name : Computer room
  • Position : Head of Computer Office
  • Phone number : 051-607-0140
  • Email :onhos01@daum.net
  • Fax number : 051-607-0220
Department in charge of personal information protection
  • Department Name : Medical Information Management Office
  • Phone number : 051-607-0114
  • Email :onhos01@daum.net
  • Fax number : 051-607-0220
Request for access to personal information
  • Department Name : Customer Satisfaction Team
  • Phone number : 051-607-0114
9.Remedy method for infringement of rights and interests of information subject

You can report complaints related to personal information protection that occur while using the hospital's services to the person in charge of personal information protection, the person in charge, or the department in charge. We will promptly process and provide sufficient answers to reports from hospital service users. If you are not satisfied with the hospital's own personal information complaint handling and damage relief results, or if you need more detailed help, please contact us below.

▶ Personal Information Infringement Report Center (operated by Korea Internet & Security Agency)

  • Responsibilities : Report personal information infringement, apply for consultation
  • home page : http://privacy.kisa.or.kr
  • Phone : (without area code) 118
  • Address : Korea Internet & Security Agency Personal Information Infringement Report Center, 9 Jinheung-gil, Naju-si, Jeollanam-do (Bitgaram-dong)

▶ Personal Information Dispute Mediation Committee (Operation of Personal Information Protection Committee)

  • Responsible work : personal information dispute mediation application, collective dispute mediation
  • home page : http://www.kopico.go.kr
  • Phone : (02) 2100-2499
  • Address : (03171) 209 Sejong-daero, Jongno-gu, Seoul, Government Complex Seoul 4th Floor Personal Information Protection Committee
▶ Cyber ​​Investigation Department : (without area code) 1301 (https://www.spo.go.kr)
▶ National Police Agency cyber safety guard : (https://www.police.go.kr/www/security/cyber.jsp)
10.Matters related to the operation and management of video information processing equipment

The hospital installs and operates image information processing equipment as follows.

[Reason for installation and purpose of installation]

  • Patient and facility safety, fire and crime prevention, parking/stop management

[Number of installations, installation location and shooting range]

  • Number of installations: 150 units
  • Installation location and shooting range: Lobby, corridor, parking lot, road, elevator, etc

[Management manager, department in charge, and person with access authority]

  • Name of manager : Lee Dong-hee, team leader
  • Affiliation : Facility Team
  • Phone number : (051) 607-0114

[Video information recording time, storage period, storage location and processing method]

  • Shooting time : 24 hours shooting
  • Retention period : within 30 days (60 days for daycare centers)
  • Storage location : Computer room server room on the 2nd floor of the main building
  • Method of processing : Records and manages matters related to requests for non-purpose use of personal image information, provision to third parties, destruction, and viewing, and upon expiration of the retention period, permanently deletes it in a way that cannot be restored (shredded or incinerated in the case of output).

[Methods and places of application for personal image information]

  • How to apply: Video information viewing application form, official letter for cooperation (government office)
  • Where to apply: Security Management Team
  • Phone number : (051) 607-0114

[Measures against the information subject's request to view video information, etc]

  • If you wish to view or verify the existence of your personal image information, you may request the operator of the image information processing device at any time. However, it is limited to the personal image information recorded by you and the personal image information clearly necessary for the immediate interests of the information subject's life, body and property. In spite of the information subject's request for viewing, etc., the request for viewing personal image information may be rejected in the following cases.
  • 1) When personal image information is destroyed due to the expiration of the retention period
  • 2) If there is a valid reason to reject the request of other information subjects, such as reading

[Technical, managerial and physical measures for video information protection]

  • Image information processed by the hospital is safely managed through encryption measures. In addition, as a management measure for the protection of personal image information, the hospital gives differentiated access rights to personal information, and in order to prevent forgery and falsification of personal image information, the date and time of creation of personal image information, the purpose of reading, the person who viewed it, and the date and time of reading. etc. are recorded and managed. In addition, a locking device is installed for safe physical storage of personal image information.
11.Matters regarding changes to the personal information processing policy

This privacy policy is effective from 2022. 10. 01.

If there are additions, deletions, or modifications to the content of this Privacy Policy due to changes in laws, policies, or security technology, we will notify the reason for the change and details before implementing the changed Privacy Policy.

The previous privacy policy can be found below.

- 2022.10.01. It has been amended and put into effect.

cooperation_img
cooperation_img
cooperation_img
cooperation_img
cooperation_img
cooperation_img
cooperation_img
cooperation_img
cooperation_img
cooperation_img
ON Hospital Ministry of Health and Welfare Medical Institution Evaluation Certification
47261 721 Gaya-daero, Busanjin-gu, Busan (966 Danggam-dong) | Medical Institution Name: ON Group Medical Foundation ON Hospital
Business registration number: 605-82-11399 | TEL: 051-607-0114, Emergency Room: 051-607-0129 | FAX: 051-607-0220
E-Mail : onhospital@hanmail.net | Representative Name: Yoon Seon-hee
© ON Hospital. ALL RIGHTS RESERVED.