GDPR Compliance at
Executive Health Sweden
AB Personal Integrity

At Executive Health Sweden AB we are proud to say that the personal integrity of our customers is of great importance to us. Therefor we have developed clear and structured procedures for the protection of our customers’ personal data.

All our employees are clearly informed and well aware of the high priority given to the continuation of the responsible treatment of all personal data relating to our clients. This especially considering the sensitive nature of the collected data. Our routines emphasize especially how to inform the client about what type of data is being processed and for what purpose.

As a health care-related clinic a journal (EMR) is kept of examinations of the client. Executive Health has as an overall objective is to limit the transfer of personal data to the EMR only in a continuous dialogue with the client. The EMR contains the results from the examinations and personal data such as name, personal number, address, cell phone number and email address. Executive Health uses the EMR Webdoc. Webdoc is a web-based journal system with high security. No transfer to a third party or country outside the EU is made.
Lawfulness of
the treatment of
personal data
The by far most extensive treatment of personal data is done in the EMR in connection to the examination or in dialogue with the doctor in charge. This treatment of personal data is crucial for the clinic to be able to perform its obligations towards the client. The client is at any stage entitled to correction of any inaccuracy and also has the right to have all its personal data deleted. For any treatment of personal data beyond what is necessary to complete the service to be lawful the explicit consent of the client is needed.
Purpose of the

Personal data collected during the screening is used to execute the service bought by the client and any other use of personal data requires the explicit consent of the client. To be a part of the newsletters and emails from Executive Health the client has to further give his or her explicit consent. The consent can be withdrawn or upheld by the client at any point with immediate effect.

Especially for Screening customers

With the help of logging in with BankID, screening customers at Executive Health have the opportunity to submit personal health information in a special module in the EMR Webdoc; Vårdrummet. After the clinical examination is done by the doctor, information is entered into a separate module in Webdoc, while the results from the other examinations are entered by the specialist doctors into other modules. The information is summarized and handed over to the customer digitally or in paper form in connection with the follow-up conversation after approximately ten days. The customer thereby gets access to all his survey results; both analyzes and relevant individual action plans. After the follow-up conversation, personal data is only found in digital form in the EMR Webdoc unless the customer asks to have the information deleted.

Given that the screening examination for the majority of the clients is repeated after a couple of years, the information saved is used as a reference in the next examination.

Data Safety

For the protection of the personal data of all our clients Executive Health has implemented all necessary technical and organizational security measures available. The personal data is stored according to all relevant standards regarding operational environment and the data is only accessible to some limited authorized personnel.

Please be observant that when contacting the clinic by email, the clinic cannot guarantee the integrity of the transferred information since the content may be visible to a third party. Executive Health recommends contact through phone or regular post when confidential and sensitive information is transferred to guarantee that no unauthorized third party get access to the data.

The clients’ rights
regarding personal data
All clients at Executive Health has the right to receive information about what types of personal data is being treated and for what purpose. The client has the right to have any erroneous data changed, data removed or to limit the treatment of personal data according to your wishes. Personal data that is solely treated on the basis of the explicit consent of the client is to be terminated immediately upon the withdrawal of the same consent. If the clinic is required by law to store the personal data, the client has the right to receive information regarding this. All clients at Executive Health has the right to have his or her data to a transferrable medium.
Research purposes
Any possible studies on the clinical results among our clients will only be handled according to the rules stipulated in acts with current Ethical Approval. No genetic or biometric data can be processed without a previous stipulation in an Ethical Approval for a Scientific Research.