+1 (332) 900-1500
1. The patient is requesting not the account deletion, but all his/her PI data deletion, including
2. We are of course bound by law and our own policies to honor a patient’s request regarding his/her data, including to delete it.
3. We should take reasonable steps to confirm the identity of a patient making such a request.
4. We do not want to be responsible for fulfilling those requests on our side, thus getting access to the Patient’s PI data, but instead would like to move that responsibility to the Clinician’s side.
5. Clinicians can do all the operations directly from the UI by editing case, patient information (to delete personal PI info) or editing survey if any personal information is included into the protocol.
No need to worry about trying to keep the pseudonymized PHI dataset.
1. Confirm that the requestor’s identity matches our records.
2. In the emails we currently get the Patient numeric ID, Subscriber ID and Patient Email from our DB.
3. Confirm that we can confidently identify all of the PHI of that patient.
!!! It is important to check if the Protocol itself contains the PI questions as we need to recommend to the clinician to
* strip the required fields through editing case or patient information
* strip the required answers through editing the survey
Dear ________:
We are in receipt of your request that we delete all of your personal health information (“Personal Data”) from our system. We will do so within five business days of confirmation by your physician of your identity.
If you wish us to send you a copy of such Personal Data prior to our deletion, please respond to this email address with specific instructions, including the e-mail address to which to send such Personal Data. Otherwise, neither you nor your physician(s) will any longer have access to your Personal Data on our system.
We are copying your physician of record on our system as a courtesy, and with a request that he confirm your identity as a protection to you. Unless you specifically instruct us to do so, we will not send your Personal Data to him/her or any other third party.
Sincerely yours,
RegenMed Support
5. Send the following email to the Clinician:
Subject:
Patient Request Deletion
Body:
Dear {credentials} {Last Name} OR Dear {First Name} Ben,
We would like to inform you that one of your Patients (Patient ID: {inCytes Clinician ID starting with P} has requested his/her personal data deletion.
You can do this action by clicking “edit” on the case or patient page and stripping each field. If any personal information was included in their surveys, please remove it as well by editing the survey.
Please provide us with a written notice when that patient’s info was deleted.
6. Follow-up as indicated with the physician of record on our system.
7. Execute the deletion of the Personal Data within five days – as soon as possible but no later than five days – of receipt of confirmation of identity from the physician. If not confirmation from the physician within five days, determine another way to confirm the identity of the patient.
8. After deletion, perform an appropriate test that the Personal Data is in fact deleted from our system.
9. Communicate confirmation of the deletion of the Personal Data to the patient and his/her physician.
Keep all communications – except those containing PHI – on HS.
Tomorrow's Healthcare Decisions. Todays's Real World Evidence.
.svg)