All personal information handled by is collected, retained, and processed in accordance with relevant laws and regulations. The Personal Information Protection Act provides general standards for the handling of personal information, and will lawfully and appropriately process collected personal information to properly perform its duties and protect the rights and interests of data subjects.
In addition, respects the rights of data subjects, including the right to access, correct or delete personal information, and to request suspension of processing, as stipulated by relevant laws. Data subjects may file an administrative appeal in accordance with the Administrative Appeals Act if their rights are infringed.
has established the following Privacy Policy in accordance with the Personal Information Protection Act to protect personal information and efficiently handle related complaints. Any revisions to this Privacy Policy will be announced through website notices (or individual notices).
▷ Effective Date : May 30, 2014
Article 1 (Items of Personal Information Collected and Methods of Collection)
When collecting personal information, the hospital provides prior notice of the scope and purpose of collection in accordance with applicable laws and regulations. The collected items are as follows.
Personal Information Collected During Website Membership Registration
Collected items: Name, ID, password, home phone number, home address, mobile phone number, email address, access logs, cookies, IP address, preferred consultation area
Collection method: Through the website (membership registration, consultation boards, virtual surgery boards). During service use or service provision, the following information may be automatically generated and collected.
Service usage records, access logs, cookies, IP address information
Personal Information Collected During Medical Treatment
Required items: Hospital registration number, full name (Korean), resident registration number, address, email, marital status, visit route
Health information: Personal health information such as medical history and family history deemed necessary by medical staff to provide medical services
Personal Information Collected During Payment
Credit card payments: Card issuer name, card number, and payment authorization information
* If personal information is collected temporarily for specific purposes, it will be announced separately.
Methods of Personal Information Collection
Collected through the website, written forms, fax, telephone, consultation boards, and email
Article 2 (Purpose of Collection and Use of Personal Information)
The hospital uses collected personal information for the following purposes. Information provided by users will not be used for purposes other than those listed below, and prior consent will be obtained if the purpose changes.
Identity verification for medical treatment, examinations, reservation inquiries, and appointments
Diagnosis and treatment services
Administrative services such as billing, payment processing, and refunds
Issuance and delivery of medical bills, statements, certificates, medications, materials, and results
Online and offline test outsourcing and external laboratory requests
Communication channels for handling inquiries and complaints
Legal and administrative responses for hospital operation and quality management
Minimum analytical data for education and research
Provision of medical information, academic information, and hospital updates
Article 3 (Retention and Use Period of Personal Information)
In principle, personal information is destroyed without delay once the purpose of collection and use has been achieved. However, the following information is retained for the specified periods.
Retained items: Name, gender, login ID, password, home phone number, mobile phone number, email
Legal basis: Website Terms of Use / Enforcement Rules of the Medical Service Act Article 15 (Retention of Medical Records)
Retention period: Destroyed upon membership withdrawal
1. Patient register: 5 years
2. Medical records: 10 years
3. Prescriptions: 2 years
4. Surgery records: 10 years
5. Test result records: 5 years
Article 4 (Procedures and Methods for Destruction of Personal Information)
The hospital destroys personal information without delay once the purpose of collection and use has been fulfilled. The procedures and methods are as follows.
Destruction Procedure
Personal information entered for membership registration is transferred to a separate database (or stored separately for paper documents) and retained for a certain period in accordance with internal policies and relevant laws, then destroyed. Personal information transferred to a separate database is not used for purposes other than retention unless required by law.
Destruction Method
Electronic files are deleted using technical methods that prevent recovery. Printed personal information is shredded or incinerated.
Article 5 (Provision and Sharing of Personal Information)
The hospital does not use or provide personal information beyond the stated purposes without user consent, except as required by law. Exceptions include the following.
Submission of medical records to the Health Insurance Review & Assessment Service for insurance claims
Cases where users have given prior consent
When required by law or requested by investigative authorities through lawful procedures
Provision of anonymized data for statistics or academic research
Article 6 (Rights of Users and Legal Representatives)
The hospital promptly responds to requests for access, correction, or deletion of personal information. To protect personal data, requests are accepted only through in-person visits.
Access to Personal Information
Users may request access by visiting the hospital, and the hospital will respond promptly.
Correction and Deletion of Personal Information
1. If correction or deletion is deemed necessary, the hospital will take action without delay and may request supporting documentation.
2. Identity verification is required through official identification such as a resident ID card, passport, or driver’s license.
3. If access, correction, or deletion is denied in whole or in part, the hospital will notify the user and explain the reason.
4. Legal guardians of children under 14 may exercise these rights upon submission of proof of relationship and identification.
Article 7 (Withdrawal of Consent / Membership Termination)
Users may withdraw consent at any time. Membership termination can be completed through the website or by contacting the Personal Information Protection Office. Personal information will be destroyed without delay.
Article 8 (Cookies and Automatic Data Collection)
The hospital uses cookies to store and retrieve user information. Cookies are small text files sent to the user’s browser and stored on the hard drive.
Cookies are used to analyze visit frequency and usage patterns
Cookies are used to provide customized information based on user interests
Users may allow or refuse cookies through browser settings. Refusing cookies may limit some services.
Article 9 (Personal Information Protection Officer)
The hospital implements technical and administrative safeguards, including firewalls, access control, personnel limitation, and regular security training.
Article 10 (Notification of Policy Changes)
This Privacy Policy may be revised due to changes in laws or internal policies. Any changes will be announced on the hospital website.
Personal Information Protection Officer
Name: Baek Sang-ui
Position: General Manager
E-mail: white132@kakao.com
* Effective Date: August 17, 2020
For reporting or consultation regarding personal information infringement, please contact the following organizations.
1. Personal Dispute Mediation Committee (www.1336.or.kr/1336)
2. Information Security Mark Certification Committee (www.eprivacy.or.kr/02-580-0533~4)
3. Supreme Prosecutors’ Office Cyber Crime Investigation Center (http://icic.sppo.go.kr/02-3480-3600)
4. National Police Agency Cyber Terror Response Center (www.ctrc.go.kr/02-392-0330)
