Information Security Policy

At the healthcare institution Alea Dr. Kandić, we are dedicated to protecting the confidentiality, integrity, and availability of all information we process—especially the personal and health data of our patients. Our information security policy ensures that all data is treated with the highest standards of professional and technical security.

How do we protect your data?

To maintain information security, we implement a range of measures including technical, administrative, and organizational controls to prevent unauthorized access, loss, alteration, or unauthorized sharing of data.

1. Technical Infrastructure

  • We use validated and updated software and hardware systems.

  • The infrastructure is secured for continuous operation, with continuity and recovery plans in place.

  • All access to information within the hospital information system is restricted and logged.

2. Data Backup and Storage

  • All data is archived and stored in accordance with applicable laws and health regulations.

  • There are defined procedures and responsible personnel for timely data backup operations.

3. Staff Education and Responsibility

  • All team members are trained in the secure handling of health data.

  • The responsibilities of employees regarding information protection are defined in employment contracts.

4. Access Restrictions

  • Access to data is granted exclusively to authorized medical personnel, for the purpose of diagnostics, treatment, and monitoring of patients' health conditions.

  • Every access, modification, deletion, or entry of data is monitored and recorded.

5. Information Sharing

  • Information from medical documentation is provided exclusively to the patient or their close relatives with written consent.

  • Access may be granted to competent public institutions or judicial authorities only in accordance with the laws of Bosnia and Herzegovina.

Information Security Principles

Our policy is based on three key principles:

  1. Confidentiality – Data is accessible only to authorized individuals.

  2. Integrity – Data is accurate, complete, and protected from unauthorized alterations.

  3. Availability – Data is available to competent personnel when needed for the provision of healthcare services.

Frequently Asked Questions

Frequently Asked Questions

Find answers to frequently asked questions about our services, appointment scheduling, preparation for examinations, and other important information.

How can I schedule an appointment?

Is a referral required for the examination?

What payment methods are available?

Do you provide emergency medical services?

How long does a systematic exam take?

Frequently Asked Questions

Frequently Asked Questions

Find answers to frequently asked questions about our services, appointment scheduling, preparation for examinations, and other important information.

How can I schedule an appointment?

Is a referral required for the examination?

What payment methods are available?

Do you provide emergency medical services?

How long does a systematic exam take?

Frequently Asked Questions

Frequently Asked Questions

Find answers to frequently asked questions about our services, appointment scheduling, preparation for examinations, and other important information.

How can I schedule an appointment?

Is a referral required for the examination?

What payment methods are available?

Do you provide emergency medical services?

How long does a systematic exam take?