Information Security Policy

At our hospital, information security is one of our highest priorities in order to protect patient privacy, safeguard personal data, and ensure the security of all institutional information assets.

All personal data obtained during the provision of healthcare services is processed and protected in compliance with applicable national and international regulations, including the Turkish Personal Data Protection Law (Law No. 6698 – KVKK).

Protection of Personal Data

• Personal data of our patients, employees, and business partners is processed lawfully, fairly, and transparently.
• Data is collected for specific, explicit, and legitimate purposes only.
• Technical and administrative measures are implemented to prevent unauthorized access, loss, alteration, or disclosure.
• Health data, classified as sensitive personal data, is protected with enhanced security measures.

Technical and Administrative Measures

To ensure information security, we implement:

• Secure network infrastructure and firewall systems
• Access control and authorization policies
• Data encryption methods
• Regular data backup and disaster recovery plans
• Information security awareness training for staff
• Internal audits and risk assessment processes

Confidentiality and Patient Privacy

All medical information belonging to our patients is confidential and accessible only to authorized healthcare professionals. Patient privacy is an integral part of the healthcare services we provide.

Continuous Improvement

Our information security processes are regularly reviewed and continuously improved in line with technological advancements and legal requirements.