Quality and information security policy

Last updated on August 15, 2024

‍This Privacy Policy describes eHeart AB's policies regarding the collection, use and disclosure of your information that we collect when you use our website ([www.eheart.se)) (the Service). By accessing or using the Service, you consent to the collection, use and disclosure of your information in accordance with this Privacy Policy. If you do not agree to this, please refrain from accessing or using the Service.We may change this Privacy Policy at any time without notice to you and will post the revised Privacy Policy on the Service. The revised policy will take effect 180 days after the revised policy is posted on the Service and your continued access or use of the Service after that time will constitute your acceptance of the revised Privacy Policy. We therefore recommend that you review this page regularly.We will use the information we collect about you for the following purposes:Marketing/AdvertisingIf we want to use your information for any other purpose, we will ask for your consent and use your information only after obtaining your consent and only for the purposes you have consented to, unless otherwise required by law.

Your rights:Depending on applicable law, you may have the right to access and rectify or delete your personal data or obtain a copy of your personal data, restrict or object to the active processing of your data, ask us to share (move) your personal information to another entity, withdraw any consent you have provided to us to process your data, the right to lodge a complaint with a government authority, and other rights that may be relevant under applicable law. To exercise these rights, you can write to us at [kontakt@eheart.se]. We will respond to your request in accordance with applicable law. Please note that if you do not allow us to collect or process the necessary personal information or withdraw your consent to process it for the necessary purposes, you may not be able to access or use the services for which your information was requested.We use cookies to enable the websites for which we are responsible to fulfill their technical function and, if you consent, to collect information about your browsing experience on our websites for aggregated statistics, in order to improve our communication and the services we offer.Our policy is to limit as much as possible the cookies that we store on your device.If the cookie is not necessary, we do not store it.We use different types of cookies such as are intended for different purposes.The security of your information is important to us and we will use reasonable security measures to prevent loss, misuse or unauthorized alteration of your information under our control. However, given the inherent risks, we cannot guarantee absolute security and therefore cannot ensure or guarantee the security of any information you transmit to us, and you do so at your own risk.If you have any questions or concerns regarding the processing of your information held by us, you can send an e-mail to our complaint officer at eHeart AB, Valhallavägen 91, Hus C, plan 2, e-mail: kontakt@eheart.se. We will deal with your questions in accordance with applicable law.
Stockholm June 4, 2025

eHeart is a healthcare provider specialising in heart, lung, vascular and sleep apnoea and offers consultation, diagnostics and treatment. eHeart's working methods are based on decades of experience from research into diagnostic methods and practical clinical experience at the University Hospital level, both of which demonstrate the benefit of rapid diagnosis leading to timely and accurate treatment. eHeart will therefore usually receive patients on the same day, which means that patients who reg leaves the clinic with a clear diagnosis and started treatment on the same day.
‍
eHeart är en vårdgivare specialiserad på hjärta, lungor, kärl och sömnapné och erbjuder konsultation, diagnostik och behandling. eHearts arbetsmetoder bygger på decennier av erfarenhet från forskning kring diagnostisk metodutvec och praktiskt klinisk erfarenhet på Universitetssjukhusnivå, som båda visar på nyttan av snabb diagnos som leder till snabb och korrekt behandling. eHeart kommer därför i regel att trä a patienter samma dag, vilket innebär att patienterna som reg lämnar kliniken med en klar diagnos och påbörjad behandling samma dag.

This policy covers all of eHeart's operations and constitutes a conscious commitment to the organization's employees and stakeholders.

The work of the organization is carried out on the basis of patient safety and satisfaction. Through continuous monitoring, we strive to constantly improve our operations with a focus on quality, patient safety and information security. We attach great importance to preventive work, staff training and dissemination of information. Deviations and incidents are reported, managed and prevented in accordance with current guidelines.

Quality and information security work shall be based on the following principles:• Deliver patient-safe care of the highest quality and with high availability.• Quality influencing factors and information assets in all processes of the business must be risk assessed, classified and information protected for proper confidentiality, accuracy, availability and traceability.• Employees should regularly undergo competence-building activities through training and knowledge sharing for high security, risk assessment and management in quality impact areas, information security and IT use, in order to increasecompetence and awareness.• Quality and information security work shall be constantly improved through active work with objectives and associated action plans based on eHeart processes.• Quality and information security work shall be continuously monitored and evaluated in order to create the basis for effective decisions, identify deficiencies and progress, and evaluate whether requirements and objectives are met.• Identified laws and requirements, intellectual property rights and agreements concluded shall be respected and complied with.• Vulnerabilities, threats, risks and anomalies should always be reported.All employees and relevant stakeholders are responsible for understanding, knowing and complying with this policy and associated processes and procedures, as well as reporting events and discrepancies related to quality of care, related processes or information security.CEO

• Deliver patient-safe care of the highest quality and with high availability.
• Quality influencing factors and information assets in all processes of the business shall be risk assessed, classified and information protected for proper confidentiality, accuracy, availability and traceability.
• Employees shall regularly undergo competence-building activities through training and knowledge sharing for high security, risk assessment and management in the areas of quality impact, information security and IT use, in order to increase
  competence and awareness.
• Quality and information security work must be constantly improved through active work with objectives and associated action plans based on eHeart processes.
• Quality and information security work shall be continuously monitored and evaluated in order to create the basis for effective decisions, identify deficiencies and progress, and evaluate whether requirements and objectives are met.
• Identified laws and requirements, intellectual property rights and concluded agreements shall be respected and complied with.
• Vulnerabilities, threats, risks and anomalies should always be reported.

All employees and relevant stakeholders are responsible for understanding, knowing and complying with this policy and associated processes and procedures, as well as reporting events and discrepancies related to quality of care, related processes or information security.
‍
Arabella Cecil
CEO