Home Tamina Health Data Protection Statement

Data Protection Statement Tamina Health Center

1. Responsible Entity

Grand Resort Bad Ragaz AG
Tamina Health Center
Bernhard-Simon-Strasse 20
7310 Bad Ragaz
Switzerland

Phone: +41 81 303 38 90

E-mail: doctor@resortragaz.ch

Website: www.resortragaz.ch/en/tamina-health

The Tamina Health Center is responsible for processing your personal data in accordance with the Swiss Federal Act on Data Protection (FADP, Bundesgesetz über den Datenschutz – DSG) and other applicable data protection regulations. If you have any questions regarding data protection or wish to exercise your data protection rights, please contact the administrative staff or your attending physician directly.


2. Purpose of Data Processing

The processing (collection, storage, use, and retention) of your data is carried out based on the treatment contract and legal requirements in order to fulfil the purpose of treatment and the associated obligations. Data is collected on the one hand by your attending physician in the course of your treatment. On the other hand, we also receive data from other physicians and healthcare professionals who have treated or are treating you, provided you have given your consent.

Only data related to your medical treatment is processed in your medical history. This includes the personal information provided on the patient form such as personal details, contact information, and insurance information, as well as, among others, the informed consent discussions conducted during treatment, health data collected such as medical history, diagnoses, therapy proposals, and findings.

We process your personal data in particular for the following purposes:

  • Provision of medical services (diagnosis, therapy, care, follow-up)
  • Maintenance of the patient record
  • Communication with you, your attending physicians, and other authorized third parties
  • Billing with health insurers, social insurers, or other cost bearers
  • Fulfilment of statutory documentation and retention obligations
  • Quality assurance, internal statistics, and research (only in anonymised or pseudonymised form and with your consent)

3. Categories of Data

We process, in particular, the following categories of data:

  • Master data (name, address, date of birth, contact details)
  • Health data (diagnoses, findings, laboratory results, therapies, medical history)
  • Insurance and billing data
  • Communication data (e.g., emails, medical letters, telephone notes)

Health data is classified as particularly sensitive personal data. We treat it with special care.


4. Data Disclosure

Your personal data, and in particular your medical data, is only transferred to external third parties if this is legally permitted or required, or if you have consented to the transfer in the course of your treatment.

  • Transmission to your health insurance, accident insurance, or disability insurance takes place for the purpose of billing the services provided to you. The type of data transmitted is limited to the legally required minimum.
  • Disclosure to cantonal and national authorities (e.g., cantonal medical services, health departments, etc.) takes place on the basis of statutory reporting obligations (in very limited scope).
  • Optional: Disclosure of necessary patient and billing data to a collection agency takes place for debt collection purposes (collection of outstanding receivables).
  • In individual cases, depending on your treatment and with your consent, data may be transmitted to other authorized recipients (e.g., laboratories, other physicians).

Data is disclosed only insofar as it is required for the above purposes, if you have consented to the disclosure in the course of your treatment, or if there is a legal basis:

  • to attending physicians, nurses, and other persons involved in your treatment
  • to laboratories, radiology institutes, or other medical service providers
  • to health and social insurers, authorities, or other cost bearers
  • to IT service providers for the performance of specific data processing tasks
  • optional: to collection agencies for debt recovery purposes

A list of service providers (processors) used can be found here. All service providers are informed by us about their responsibilities in the context of data processing and are contractually obliged to comply with the applicable data protection provisions.


5. Data Retention

We retain your personal data for as long as necessary for treatment and to fulfil legal obligations. Patient records must be retained by law for at least 20 years after the completion of treatment. After this period, they are securely deleted or destroyed.


6. Data Security

We implement appropriate technical and organizational measures to protect your data against unauthorized access, loss, misuse, or manipulation.


7. Your Rights

Within the scope of applicable law, you have the following rights in particular:

  • Access to your processed personal data: You have the right to access your personal data at any time. You may view your medical history or request a copy. A fee may be charged for providing the copy. Any costs, which depend on the effort required, will be communicated to you in advance.
  • Correction of inaccurate or incomplete data: If you find or believe that your data is incorrect or incomplete, you may request correction. If neither the accuracy nor the incompleteness of your data can be established, you may request that a note of dispute be added.
  • Deletion of your data, provided there are no statutory retention obligations preventing this (see section 5).
  • Data release or transfer (data portability): You have the right to have data that we process automatically or digitally handed over to you or to a third party in a common, machine-readable format. This applies in particular to the transfer of medical data to a healthcare professional of your choice. If you request direct transfer of the data to another controller, this will only be carried out if technically feasible.
  • Revocation of previously given consent with effect for the future: If you have given your explicit consent for data processing, you may revoke this consent at any time in whole or in part. The revocation or request for modification of consent must be made in writing. Once we have received your written revocation and if processing cannot be based on any other legal ground, processing will be discontinued. The legality of data processing carried out until the revocation remains unaffected.

To exercise your rights, please contact the address mentioned above.


8. Further Data Protection Provisions and Amendments

For your stay at the Grand Resort Bad Ragaz, please refer to the Resort’s Data Protection Statement, where you will find further information.

Data protection statement | Grand Resort Bad Ragaz Group

We may amend this Data Protection Statement at any time. The current version published on our website applies.

Your web browser is outdated

Update your browser for more security, speed and a good user experience.

Update browser Continue