The Terms and Conditions of use of the Electronic Healthcare Logging Platform (ePLOZ)
§ 1
This document defines the rules of using the Electronic Healthcare Logging Platform.
§ 2
The Terms and Conditions of use of the Electronic Healthcare Logging Platform (ePLOZ)
§ 3
§ 4
§ 5
§ 6
§ 7
Security recommendations for the ePLOZ system:
The National Centre for Healthcare Information Systems uses advanced technical and organisational solutions to ensure a high level of ePLOZ security.
However, each user of the system is obliged to take care of the safety of the device, through which he or she uses the ePLOZ.
The following recommendations should be followed for this purpose:
Attention:
All events, including attempts to log into ePLOZ, both successful and unsuccessful, are recorded.
All actions performed after logging into ePLOZ are registered.
The National Centre of Healthcare Information Systems does not take responsibility for the users environment from which the connection to the ePLOZ takes place, in particular for unauthorised access and actions resulting from malicious computer software or failure to secure it by the ePLOZ user.
Legal basis:
Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation)
the Act of 28 April 2011 on the Healthcare Information System (Journal of Laws of 2019, item 408, as amended).
Act of 17 February 2005 on computerisation of the activities of entities performing public tasks (Journal of Laws of 2019, item 700, as amended).
Dear user!
Since 25 May 2018, Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation) (referred to as GDPR) has been in force.
At https://eploz.ezdrowie.gov.pl/ Electronic Healthcare Logging Platform hereinafter referred to as EPLOZ has been made available.
ePLOZ is an element of the Platform for Providing On-Line Services and Digital Resources of Medical Registers, to the extent consistent with the Act of 28 April 2011 on the Healthcare Information System (Journal of Laws of 2019, item 408, as amended) and is used to authenticate the users of the aforementioned platform.
The controller of personal data in the system is the Minister of Health, with the registered office in Warsaw, ul. Miodowa 15, 00-952 Warsaw. Contact details of the Data Administrator: iod@mz.gov.pl.
The system administrator, i.e. the entity responsible for technical and organisational maintenance of the system, is the Centre of Health Information Systems with its registered office in Warsaw, ul. Stanis³awa Dubois 5A, 00-184 Warszawa (hereinafter referred to as the "Centre"), an ePUAP box: /csiozgovpl/SkrytkaESP.
In case of technical problems, call: 19 457 or e-mail: logowanie@cez.gov.pl.
Assistance is provided on working days, from 9:00 to 15:00.
Collection and processing of data
In ePLOZ we process your personal data necessary to provide the service provided by means of ePLOZ.
In the ePLOZ we collect the following data: first name, surname, login, PESEL and in case of lack of it the number of the document confirming its identity, e-mail address, in order to create an account in the ePLOZ according to your applications.
The legal basis for the processing of the above mentioned data is Article 6(1)(c) and (e) of the GDPR, i.e. the processing is necessary to fulfil the legal obligation imposed on the controller and the processing is necessary to perform a task carried out in the public interest or in the exercise of public authority entrusted to the controller.
The data shall be processed and archived for the period necessary for the purpose of processing, provision of ePLOZ services and until the expiration of claims.
Your rights
Every person whose data are processed has the right to demand from the controller the access to personal data pursuant to Article 15 of the GPDR, and in particular the right to a free of charge first copy of data pursuant to Article 15 paragraph 3 of the GPDR.
Every person whose data are processed has the right to immediately rectify the personal data concerning him/her which are processed by the ePLOZ.
Every person whose data is processed has the right to delete the data. In the case of a request to delete the data, the User will lose the possibility to log in to the systems for which the ePLOZ constitutes an authentication system.
Each person whose data is processed has the right to limit the processing in the scope compliant with Article 18 of the GPDR.
Every person whose data is processed has the right to transfer data in the scope compliant with Article 20 of the GPDR.
Everyone whose data are processed has the right to object to the processing in accordance with Article 21 of the GPDR.
Any person whose data are processed has the right to submit a complaint to the supervisory authority.
In order to exercise the rights indicated above, please contact us by electronic or traditional means.
Legal basis
The legal basis for the processing of the above mentioned data is Article 6 paragraph 1 point c and e of the GPDR , i.e. the processing is necessary for the fulfilment of the legal obligation imposed on the controller and the processing is necessary for the performance of a task carried out in the public interest or in the exercise of public authority entrusted to the controller.
The Act of 28 April 2011 on the Healthcare Information System (Journal of Laws of 2019, item 408 as amended )