Hospital Umra, Shah Alam

logo-Hospital-Umra
Emergency
603 5518 4319
6019 664 4319
Make An Appointment
Whatsapp Us

Personal Data Protection Notice

  1. Introduction
    Hospital Umra is committed to protecting your personal data in accordance with the Personal Data Protection Act 2010 (PDPA). As a multi‑disciplinary hospital, we recognize the sensitive nature of medical, financial, and personal information across all specialties — including obstetrics & gynaecology, paediatrics, surgery, internal medicine, diagnostics, and wellness services.

 

  1. Scope of Application
    This Notice applies to:
    • Patients across all hospital services (inpatient, outpatient, emergency, specialty clinics)
    • Next of kin, guardians, and guarantors
    • Newborns and minors (via parental/guardian consent)
    • Employees, trainees, and medical students
    • Vendors, suppliers, and business partners*
    • Visitors and digital platform users (website, mobile apps, social media).

 

  1. Types of Personal Data Collected

          We may collect and process:

  • Identification: Name, NRIC, passport, date of birth, nationality
  • Contact: Address, phone number, email
  • Medical:
    • General medical records, diagnosis, treatment history, prescriptions, and lab results
    • Specialty data (e.g., O&G pregnancy records, neonatal assessments, fertility treatment data, surgical notes, diagnostic imaging)
  • Financial: Payment details, insurance information, guarantor data
  • Employment: CV, qualifications, HR records (for staff)
  • Digital: CCTV recordings, cookies, mobile app usage, device information
  • Other: Next of kin details, emergency contacts, consent forms.

 

  1. Purpose of Processing

          Your personal data may be used for:

  • Delivery of medical care across all specialties
  • Billing, insurance claims, debt recovery
  • Compliance with Ministry of Health (MOH), MSQH, and other regulatory requirements
  • Birth registration with Jabatan Pendaftaran Negara (JPN), where applicable
  • Hospital administration, HR, and training
  • Research, quality improvement, and accreditation audits
  • Marketing and patient engagement (with consent)
  • Security, safety, and emergency response.

 

  1. Disclosure of Personal Data

          We may share your data with:

  • Healthcare professionals within Hospital Umra and partner facilities
  • MOH, MSQH, Family Health Division, and other regulators
  • JPN for birth certificate issuance (O&G/neonatal cases)
  • Diagnostic labs, fertility centers, and specialist referral hospitals (with consent)
  • Insurers, banks, auditors, and legal advisors
  • Vendors, suppliers, and IT service providers
  • Law enforcement agencies or government authorities (where legally required).

 

  1. Cross-Border Data Transfer

          Where necessary, your personal data may be transferred outside Malaysia, including:

  • Specialist referrals abroad
  • Fertility tourism
  • Foreign diagnostic laboratories and medical specialists. Safeguards will be applied to ensure compliance with PDPA.

 

  1. Data Retention
    • General medical records: retained for a minimum of 7–10 years
    • Neonatal records: retained until the child reaches 18 years of age
    • Fertility treatment records: retained indefinitely or per MOH guidelines
    • Other records: retained as required by law, accreditation standards, and hospital policy.

 

  1. Your Rights

         You have the right to:

  • Access and obtain a copy of your personal data
  • Request correction or updates
  • Withdraw consent or limit processing (subject to legal/contractual obligations)
  • Opt-out of marketing communications
  • Restrict disclosure of sensitive data (e.g., reproductive health)
  • Withdraw consent for research use of medical data
  • Request data portability (where applicable)
  • Lodge a complaint with the Department of Personal Data Protection (JPDP).

 

  1. Security Measures

          Hospital Umra applies strict safeguards, including:

  • Restricted access to sensitive medical records (e.g., O&G, neonatal ICU, psychiatric care)
  • Encryption of genetic test results and diagnostic imaging
  • Consent verification before sharing sensitive health data
  • Audit trails for all medical record access across departments.

 

  1. Contact Us

        For inquiries, requests, or complaints regarding personal data, please contact:

      Data Protection Officer

      Hospital Umra,
      Seksyen 13, Shah Alam,
      Selangor

      Tel: 03-5518 4319

 

Protecting Your Information: Why PDPA and Proper Forms Matter

You’ve just walked in, perhaps feeling a little unwell, and the first thing we hand you is a clipboard with forms! You might be thinking, “I’m here for a check-up, not to write a story! Why should I say so much?”

At Hospital Umra, we take your personal and medical information seriously. Under the Personal Data Protection Act (PDPA), we are responsible for keeping your information safe and confidential. This means your details will only be used for your care and will not be shared without proper reason.

When you come to the hospital, you will be asked to fill in a registration form. This registration or even consent forms are more than just “admin.” They are actually the first step in your care.

 This is why it’s very important to complete this form fully and correctly. Accurate information helps us identify you properly, contact you if needed, and provide the right treatment without delay. When you fill in your medical history, allergies, and current medications, you aren’t just giving us data; you’re giving us a map. Even a “small” detail about a supplement you take or a mild allergy helps our medical team make safe decisions.

 Incomplete registration forms are like a puzzle with missing pieces—we want the full picture to give you the best treatment possible. Missing or wrong details can cause confusion, delays, or even affect your care.

Consent forms are also important. These forms explain the treatment or procedure you may need. By signing, you’re acknowledging that you understand your treatment plan and that you’re an active partner in your health journey. Please take time to read the form carefully. If you are unsure about anything, do ask our staff—they are happy to help explain.

Filling in forms may seem simple, but it plays a big role in your safety and care. By giving complete and correct information, and by understanding what you are signing, you help us serve you better.

By filling out your forms properly, you are clearly telling us how we can contact you and who is authorized to receive your updates. It ensures your lab results don’t end up in the wrong hands and that your privacy stays, well, private.

At Hospital Umra, your safety, privacy, and trust are always our priority.

 Thank you for helping us help you. Now, let’s get you feeling better!