- Another Successful Oesophageal Replacement Surgery at MTRH
- Interventional Radiology Simulator Marks Major Step Towards Expanding Interventional Radiology Access in Kenya
- US Applauds Successful Partnership Programs at MTRH
- MTRH, MU CHS Partner with Charlotte Maxeke Johannesburg Academic Hospital and Wits University for Clinical and Academic Collaboration
- MTRH Supports Lifesaving Pediatric Trauma Training in Mombasa
FAQs
- Another Successful Oesophageal Replacement Surgery at MTRH
- Interventional Radiology Simulator Marks Major Step Towards Expanding Interventional Radiology Access in Kenya
- US Applauds Successful Partnership Programs at MTRH
- MTRH, MU CHS Partner with Charlotte Maxeke Johannesburg Academic Hospital and Wits University for Clinical and Academic Collaboration
- MTRH Supports Lifesaving Pediatric Trauma Training in Mombasa
MTRH Data Protection Officer
MTRH is registered as a Data Controller and Data Processor. Data Protection Officer was appointed to oversee and ensure compliance to the Data Protection Act, 2019 whose contact details are as follows;
Ms. Margaret C. Koech
P.O Box 3-30100,Eldoret.
Email address: dpo@mtrh.go.ke
1.Privacy Statement
This privacy statement sets out how we collect, use, process, and protect your personal information in accordance with the Data Protection Act, 2019 and its regulations.
This statement should be read together with the Terms and Conditions of use for other MTRH Services. Where there is a conflict as regards data privacy, this privacy statement will prevail.
This statement applies to all patients, staff, students, suppliers, consultants, 3rd parties, parastatals, development partners and all visitors to MTRH.
2. Definitions
“MTRH” means Moi Teaching and Referral Hospital established by Legal Notice No. 78 of 1998 pursuant to the State Corporations Act CAP 446 Law of Kenya.
“Data Protection Officer” is a person designated or appointed by MTRH to monitor compliance with the Data Protection Act, No. 24 of 2019 and the Regulations made under the Act.“Data Collection” means gathering of information that relates to you.
“Personal data” means information about you that identifies you directly or indirectly as a unique individual such as name, an identification number, location data, an online identifier or one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of a natural person.
“Processing” means any operation or sets of operations which is performed on your personal data whether or not by automated means, such as: collection, recording, organization or structuring; Storage, adaptation or alteration; Retrieval, consultation or use; Disclosure by transmission, dissemination, or otherwise making available; Alignment or combination, restriction, erasure or destruction.
“Sensitive personal data” is data revealing your racial or ethnic origin, political opinions, professional membership, and the processing of genetic data, biometric data for the purpose of uniquely identifying a natural person, data concerning health or data concerning a natural person’s gender.
“Third Party” means a natural or legal person, public authority, agency or body other than you and MTRH, who under the direct authority of MTRH are authorized to process your personal data.
3. Lawful Basis
MTRH shall process your personal data as per the applicable law:
- With your consent
- Where processing is necessary for carrying out the mandate of the Authority
- For the performance of a contract to which you are party to or at your request before entering a contract.
- In compliance with any legal obligation to which MTRH is subject.
- For protecting the vital and legitimate interests of MTRH or another person.
- For the performance of a task carried out in public interest.
- For historical, statistical, or scientific research.
3.1 Collection of Personal Data
MTRH collects your personal data both directly and indirectly in accordance with the law. We collect your personal information with your knowledge and consent with exception to cases where prior consent cannot be obtained for real reasons and the processing of the data is permitted by law.
We may collect personal information from you, such as your name, email address, phone number, and any other personal information you choose to provide to us. We may also collect non-personal information, such as your IP address and browser type, through cookies or other tracking technologies through your consent by accepting cookies.
During the nature of offering services to you we may also collect sensitive data that are in line with regulations such as those under Ministry of Health, Kenya and other relevant government bodies.
3.1.1 Sensitive Personal Data
MTRH collects special category of personal data about you revealing details about your race, health status, ethnic origin, belief, property details, marital status, family details including details of your children, parents, spouse or spouses, gender and biometric data.
MTRH shall ensure that sensitive personal data about you is processed in accordance to your right of privacy and as permitted in Part V of the Data Protection Act, 2019.
3.2 Use of Personal Data
| Stakeholder | Personal data collected | Purpose |
| Patients | Name, ID.No, Next of Kin, Phone Number, County of residence, address, date of birth, gender | For medical care and management |
| Students | Name, ID.No, gender, Next of Kin, Phone Number, County of residence, address, date of birth, name of the parents, guardian and contacts | For education purposes |
| Staff | name, postal and physical address, location, phone number, date of birth, email address, age, gender, dependant details, academic details, profession, biometric information such as fingerprints, Closed circuit Television surveillance recordings, health records | Management of Employment relationship and benefit processing |
| Staff dependent’s | Identity type, name, postal and physical address, location, phone number, date of birth, email address, age, gender | Employee dependant benefit processing |
| Interns and attachees | Identity type, name, postal and physical address, location, phone number, date and place of birth, email address, age, gender, account details, family details-next of kin, academic details, profession, closed circuit television surveillance recordings, | Internship and attachment processing |
| Researchers | Identity type, name, postal and physical address, location, phone number, Name of educational institution, email address, closed circuit television surveillance recordings | Validation of request |
| Development partners /representatives | Name, phone number, email address, closed circuit television surveillance recordings, associated development partner | Management of relationships with development partners |
| Other individuals/interested parties e.g., Insurance firms, NSSF, Financial institutions, Law firms, consultants, vendors, bidders etc. | Identity type, name, postal and physical address, location, phone number, date of birth, email address, age, gender, academic details, profession, closed circuit television surveillance recordings | Administration of procurement functions and contracts |
3.3 Access to your Personal Data
Access to your personal data is restricted based on need to know and least privilege principle. We take steps to ensure that your personal data is not altered by unauthorized entities or persons. All authorized persons accessing your personal data are bound by a duty confidentiality.
3.3.1 Your Legal Rights.
Under the Data Protection Act, 2019, you have the following rights in relation to your personal data;
Rights to;
- Be informed
- Access your personal data
- Request correction of your personal data
- Request erasure of your personal data
- Object processing of your personal data
- Request restriction of processing of your personal data
- Transfer of your personal data
- Withdraw consent
Please contact us when you need to exercise the above rights.
3.4 Transfer and Sharing of Personal Data
3.4.1 Data Sharing
MTRH shall share personal data with your consent and in a manner that is compatible with the purpose for which it was collected.
We may share or disclose the personal data we collect to third parties who provide support to MTRH in providing its services. We shall also disclose or process your personal data to a third party when required by law.
It is our policy to use only third-party providers that are bound to maintain appropriate levels of security and confidentiality, to process personal information only as instructed by us.
3.4.2 Data Transfer
Where MTRH has informed consent from the data subject, it may transfer personal data to other countries, stakeholders, partners or entities outside Kenya for purposes of eg research, medical care, employment, learning etc so long as those countries, stakeholders, partners or entities have equivalent data protection laws and informed the Data Commissioner.
In the event that MTRH undergoes a business transformation, your personal data may be among the assets to be transferred to new platforms or entities and the acquirer of data assets may continue to process the personal data.
3.5 Protection of Personal Data
MTRH ensures that access to electronic and physical repositories containing your personal data is controlled based on reasonable and appropriate administrative, physical, and organizational safeguards.
We implement security measures designed to protect your information from unauthorized access.
3.6 Retention of Personal Data
We will only retain your personal data to fulfil the purposes for which we collect your data and to satisfy any legal requirements to which we are subject. To determine the appropriate retention period, we consider the size, nature and sensitivity of the personal data, the purposes for which we process the data, the need to comply with internal policies and the applicable legal requirements.
Due to the nature of our mandate, we may retain your personal data as per MTRH Records Retention and disposal schedules or any other legal obligation.
In some situations, you can request to delete your data as per legal rights provided in clause 3.7 below.
4.Use of Cookies, Embedded Plug-Ins, Widgets & Links
MTRH website use “cookies” to give you more personal, convenient website visits. This enables us to recognize you during subsequent visits. A cookie is a text file that is placed on your hard disk by a Web page server. This statement explains how we use cookies and similar technologies to enhance user experience, improve website performance, and ensure secure access to our digital services.
Data stored in a cookie is created by the server upon your connection. This data is labelled with an ID unique to you and your computer and can only be read by a web server in the domain that issued the cookie to you.
Disabling and Enabling Cookies
You can accept or decline cookies.
You may disable cookies via the following links:
Website Link
www.mtrh.go.ke/delete-cookies
You may also disable/enable cookies via your browser. You block cookies by activating the setting
on your browser that allows you to refuse the setting of all or some cookies. However, if you use
your browser settings to block all cookies (including essential cookies) you may not be able to access all or parts of our site.
The various browsers provide different procedures to manage your settings. Click on any of the browser links below for instructions.
- Internet Explorer https://support.microsoft.com/fr-fr/help/17442
- Mozilla Firefox https://support.mozilla.org/fr/kb/activer-desactiver-cookies
- Safari https://support.apple.com/kb/PH21411?viewlocale=fr_FR&locale=fr_CA
- Chrome https://support.google.com/accounts/answer/61416?hl=fr
- Opera http://help.opera.com/Windows/10.20/fr/cookies.html
Within the Website, there are embedded applications, plug-ins, widgets or links to non-MTRH Websites (collectively “sites”). These sites operate independently of the MTRH and have their own privacy policies. When you visit these sites, you leave our website and no longer will be subject to our privacy and security policies. MTRH is not responsible for the privacy or security practices or the content of other sites, and as such does give an endorsement of those sites or their content.
5. Review of the Privacy Statement
MTRH will review the Data Privacy Statement from time to time or when need be.
6. CONTACT
MTRH welcomes your questions or concerns about how it processes your personal data or if you want to exercise any of your rights in relation to your personal data, on Telephone :(+254)053-2033471/2/3/4 or by writing to us on email: ceo@mtrh.go.ke and copy dpo@mtrh.go.ke.