MNOrtho

Compliance and Privacy

Privacy and Compliance - POPIA

Introduction

At Meintjes & Neethling, we are committed to protecting the privacy of our clients and upholding the highest standards of data protection. As an orthotics and prosthetics provider, we understand the sensitive nature of the personal information you entrust to us. This page outlines our practices and commitments in line with the Protection of Personal Information Act (POPIA), ensuring that we handle your personal and health information responsibly, securely, and in compliance with applicable laws.

Our Comittment

Under POPIA, we are obligated to adhere to the principles of data protection and privacy. Our commitment to you includes:

– Lawfulness and Transparency: Processing personal information lawfully, fairly, and in a transparent manner.
– Purpose Specification: Collecting personal information only for explicitly defined and legitimate purposes related to our services.
– Data Minimization: Ensuring that the personal information we collect is adequate, relevant, and limited to what is necessary.
– Accuracy: Keeping personal information accurate, complete, and up-to-date.
– Storage Limitation: Retaining personal information no longer than is necessary for the purposes for which it was collected.
– Integrity and Confidentiality: Securing personal information against unauthorized access, disclosure, alteration, or destruction.

How We Use Your Information

The personal and health information you provide allows us to deliver personalized orthotic and prosthetic solutions. This may include:

– Designing and fitting custom devices.
– Providing ongoing support and adjustments.
– Communicating with you about your care and treatment.

We may also use your information for internal purposes, such as quality improvement and service development, always ensuring that such use respects your privacy rights.

Your Rights Under POPIA

POPIA grants you several rights regarding your personal information, including:

– The right to be informed about the collection and use of your personal information.
– The right to access your personal information and request corrections if necessary.
– The right to object to the processing of your personal information.
– The right to request the deletion of your personal information under certain circumstances.

Sharing Your Information

We only share your personal information with third parties when necessary for your treatment or as required by law. This may include:

– Health care providers involved in your care.
– Insurance companies for billing purposes.
– Legal authorities, if mandated by law.

We require all third parties to respect the security of your personal information and to treat it in accordance with the law.

Security Measures

At Meintjes & Neethling, we prioritize the security of your personal information with utmost seriousness. To safeguard your data against unauthorized access, alteration, disclosure, or destruction, we have implemented comprehensive technical and organizational measures, including:
– Microsoft 365 for Secure Data Storage: We use Microsoft 365 to store your personal and health information securely. Microsoft 365 provides advanced security features that ensure the safety and integrity of your data at all times.
– Encryption with BitLocker: All data stored on our systems is encrypted using BitLocker encryption technology. This means that even in the unlikely event of unauthorized physical access to our storage devices, the data contained within them is protected by robust encryption, rendering it inaccessible without the proper decryption key.
– Two-Factor Authentication (2FA): Access to our data storage systems, including any information stored within Microsoft 365, requires two-factor authentication. This additional security measure ensures that only authorized personnel can access your information, significantly reducing the risk of unauthorized access.
These measures are part of our commitment to uphold the principles of data protection and privacy as mandated by the Protection of Personal Information Act (POPIA). We continuously review and update our security practices to adhere to the highest standards of data protection.

All security measures are maintained and updated by Shyren (Pty)