e-Nabız

Illumination Text

This Disclosure Notice has been prepared by the Ministry of Health of the Republic of Turkey (the Ministry), acting as the data controller under the Law on the Protection of Personal Data No. 6698 ("KVK Law"),in accordance with Article 10, titled “Obligation of the Data Controller to Disclose Information", and for the purpose of informing users of the e-Nabız Personal Health Record System (e-Nabız) regarding the processing of their personal data. Pursuant to the KVK Law, the Ministry, as the data controller, is headquartered at the following address: Ministry of Health of the Republic of Turkey, Üniversiteler Mahallesi, Şehit Mehmet Bayraktar Caddesi No:3, Çankaya/Ankara

Identity of Data Controller

In terms of your personal data processed in e-Nabız, the data controller is the TR Ministry of Health.

Purposes of Processing Personal Data

In this application, your personal data listed below are processed for the following purposes:

- ID data: Your identity information is processed for the purpose of verifying your identity, executing/supervising/analyzing/monitoring health care processes.

- Contact data Your contact information is processed for the purpose of executing emergency management processes, conducting communication activities for health services, executing medical diagnosis, treatment and care services, executing/supervising/analyzing/monitoring health care processes.

- Criminal conviction and security measures data: If you have prison history information, this information is processed for the purpose of conducting medical diagnosis, treatment and care services, planning/managing health services, executing/supervising/analyzing/reporting/monitoring healthcare processes.

- Transection safety data: Your transaction security information is processed for the purpose of executing information security processes and executing access authorizations.

- Personnel data: Your personal information is processed for the purpose of carrying out emergency management processes, carrying out medical diagnosis, treatment and care services, executing/supervising/analyzing/reporting/monitoring healthcare processes.

- Finance data: Your financial information is processed for the purpose of executing activities in accordance with the legislation, increasing the efficiency of public finance, executing/supervising business activities, executing health service processes, and carrying out finance and accounting works.

- Location data: Your location information is processed for the purpose of executing emergency management processes, executing medical diagnosis, treatment and care services, executing communication activities, and executing health service processes.

- Health data: Healthcare data is processed for executing/supervising/analyzing/reporting/monitoring healthcare-related activities, to perform medical diagnosis, treatment and caring services, to carry out public financial management, to perform/plan/manage the process of healthcare services and perform healthcare notices via SMS, push notification, e-mail, etc.

- Professional experience data Your professional information is processed for the purpose of ensuring business continuity, carrying out medical diagnosis, treatment and care services, and carrying out health service processes.

- Visual and audio data: Your photo related to your health problem and your photo added in the profile are processed for the purpose of ensuring business continuity, carrying out medical diagnosis, treatment and care services, and carrying out health service processes.

Transfer of Personal Data

In case you receive services from private health institutions that provide health services, your personal data in e-Nabız may be made available to the relevant physician(s) in line with your current security preferences within the scope of the third paragraph of Article 6 of the KVK Law. If you receive intensive care or emergency health care, the data in your e-Nabız account may be made available to the relevant physician, as your condition may be life-threatening. In addition, if the cost of the health service you have received will be covered by the Social Security Institution, your personal data will be collected and can be made available to the TR Social Security Institution. The exemption clauses in the first paragraph of Article 28 of the KVK Law are reserved.

Patient Tracking Screens

In case you request that your name and surname be masked (Ex: Ay*** Ün***) on the patient follow-up and outpatient clinic call screens where the examination order is followed in health facilities, in the Profile Edit section on the e-Nabız profile, you can check the option "I prefer my name and surname to be hidden with asterisk on the patient follow-up and outpatient call screens in healthcare institutions. I don't want my name and surname to be stated clearly"

Two-factor authentication

After entering your Turkish identity number and e-Nabız password during your login to the e-Nabız profile, a password can be sent via text message (SMS) to the phone number originally registered in your profile and you have the opportunity to activate this feature in the Profile Editing area of your e-Nabız profile.

Method and Legal Reason for Personal Data Collection

Your personal data is obtained automatically via the e-Nabız System or by your manual addition of information such as height and weight to your profile. Your personal data is processed by authorized persons or authorized institutions/organizations that are under the obligation of secrecy for the purpose of carrying out treatment and care services, planning and managing health services and financing; pursuant to the legal reasons of KVK Law article 5, pharagraph 2, subparagraph (a) "explicitly stipulated in the laws" and subpharagraph (ç) “It is obligatory for the data controller to fulfill its legal obligation” and the 3rd pharagraph of article 6 public health protection, preventive medicine, medical diagnosis.

Rights of Relevant Persons and Application to Data Controller

e-Nabız users may exercise their rights stipulated under Article 11 of the Personal Data Protection Law by applying to the Ministry within the scope of Article 13 of the same Law and in accordance with the provisions of the Communiqué on the Principles and Procedures for Application to the Data Controller. Pursuant to Article 13 of the Law, written applications must be submitted to the following address: Republic of Turkey Ministry of Health, Universiteler Mahallesi, Şehit Mehmet Bayraktar Street, No:3, Çankaya, Ankara Applications submitted via Registered Electronic Mail (KEP) must be sent to the following address: sb@hs01.kep.tr

e-Nabız is a website that provides access to all health information of a person from a single portal. The e-Nabız’s aim is to provide citizens and the physicians authorized by citizens with access to personal health data effectively and efficiently through information and communication technologies.

The rules that are seen as fundamental for ensuring the safety of the transactions made by the people over the e-Nabız and the information used in these transactions are given below.

The Ministry of Health has fulfilled the security measures required for the safe delivery of the e-Nabız system and its visual infrastructure.

Security of Personal Data

Only the person and the physicians and/or people who have received the consent of the person can see the health information on e-Nabız.

Information shared by the people on e-Nabız will not be shared or given to any third party, institution or organization for any reason whatsoever, unless it is approved by the person or is subject to judicial decision and/or legal obligation. With no exceptions, this information will not be disclosed unless a statutory requirement requires disclosure of such information.

Storage of Personal Data

Personal data processed within the scope of e-Nabız are retained for the duration required by the purpose of processing, in accordance with Articles 4 and 7 of Law No. 6698 on the Protection of Personal Data and the provisions of the Regulation on the Deletion, Destruction, or Anonymization of Personal Data, as well as for the minimum retention periods prescribed by the relevant legislation. When the relevant periods expire or the reasons requiring the processing of personal data cease to exist, such data shall be deleted, destroyed, or anonymized by the Ministry of Health ex officio or at the request of the data subject. Although it is not possible for personal data to be removed entirely from the central personal health data system established by the Ministry, an individual may restrict the viewing of their own data on their e-Nabız profile.

Limitations of Liability

The Ministry of Health and/or employees shall not be liable for any damages, including, but not limited to, direct or indirect damages or costs that may result from errors, omissions, viruses, delays caused by administrative deployment and/or system connection failure during use of e-Nabız, whether they are aware of such possibilities or not.

The services and applications offered in e-Nabız are provided by the Ministry of Health. However, the sufficiency of the information given here is the responsibility of the institutions that send data to e-Nabız, the health professionals who enter data in these institutions, the persons who add their own data (blood pressure, sugar, etc.) and the drug information system service providers where drug information is received. The Ministry of Health has no responsibility for the mistakes and deficiencies in these services or due to delays and disruptions.

The Ministry of Health has the right to temporarily suspend services due to changes in services, web services, pages, information, visual and literary content and technical problems published in e-Nabız.

Copyright

The Ministry of Health retains the licenses and copyrights related to the materials, technologies and information that make up e-Nabız's design, and their use, reference, quotation and modification. No organization or person shall use, distribute, rent, sublicense, modify or otherwise use commercial or non-commercial purposes for the purpose of providing, submitting, or using any part or all of the content presented or used in e-Nabız unless written permission is obtained from the Ministry of Health. All copyrights, registered trademarks, patents, intellectual and other proprietary rights belonging to the Ministry of Health for information and materials that provide competitive advantage to the Ministry of Health other than third party and / or firm materials. The citation may be granted provided that The Ministry of Healh is shown as the source.

REPUBLIC OF TÜRKİYE MINISTRY OF HEALTH COOKIE POLICY

COOKIE POLICY

This policy has been prepared to inform users visiting the https://enabiz.gov.tr website about our cookie usage principles.

1. WHAT IS A COOKIE?

Cookies are small-sized data files that websites save on users’ devices and are used to identify users. Cookies are used by websites to identify users and provide tailored services to to these identified users.

2. REPUBLIC OF TURKEY MINISTRY OF HEALTH COOKIE USAGE

Cookies are used on the https://enabiz.gov.tr website to provide users with the best experience.

What Types of Cookies Do We Use?

Cookies necessary for the website to work (Session Cookies)

Cookies that allow us to improve the user experience (Function Oriented Cookies)

Performance cookies used to understand and analyze how and how often the content on our website is used by users to improve the content offered. (Performance and Statistics Cookies)

Cookie Provider	Name of the Cookie	Purpose of the Cookie	Type of the Cookie	The time Cookies are retained in the browser
enabiz.gov.tr	_gid	Google analytics	Functionality	Max. 1 day
enabiz.gov.tr	_gat_gtag_UA_47362495_11	Google analytics	Functionality	Max. 1 minute
enabiz.gov.tr	_ga	Google analytics	Functionality	Max. 1 minute
enabiz.gov.tr	__RequestVerificationToken	User authentication	Session Cookie	Max. 8 minute
enabiz.gov.tr	.AspNet.ApplicationCookie	Login type	Session Cookie	Max. 8 minute
enabiz.gov.tr	.ASPXAUTH	User authentication	Session Cookie	Max. 8 minute

3. COOKIE MANAGEMENT

If you do not want cookies to be kept on the device that you use to access our website, you can prevent, delete and limit the use of cookies through your browser settings. Besides, you can delete the previously saved cookies from your device through your browser settings. It is also possible to change these preferences later.

If you access our website through different devices, you can set the cookie usage settings on each device and browser you access, in accordance with your preferences, via the links below.

As a user, if you want to prevent the use of cookies;


Google Analytics	https://tools.google.com/dlpage/gaoptout
Google Chrome	https://support.google.com/accounts/answer/61416?co=GENIE.Platform%3DDesktop&hl=tr
Internet Explorer	https://support.microsoft.com/tr-tr/help/17442/windows-internet-explorer-delete-manage-cookies
Mozilla Firefox	https://support.mozilla.org/tr/kb/cerezleri-silme-web-sitelerinin-bilgilerini-kaldirma
Opera	https://help.opera.com/en/latest/web-preferences/
Safari	https://support.apple.com/tr-tr/HT201265