STN 4notify 004:2026
Gazette: V-2026-04 · Issue date: 2026-05-26
In force
04
Norm 04 of 08 · eHealth
SMSPushEmail

eRecepty and eŠtítky: patient notifications via NCZI and insurers

Slovak eHealth (NCZI — National Health Information Centre) operates ePrescriptions (10M+ yearly), electronic health records and integration with 3 main health insurers (VšZP, Dôvera, Union). 4notify integrates patient notifications from medical systems and insurers.

§ Scope

A patient unaware of a ready eRecept goes unnecessarily to the doctor. Missed lab results can mean delayed diagnoses.

§ Normative refs
Zákon č. 153/2013 Z.z. — Národný zdravotnícky informačný systém

Defines NCZI and intermediary rights.

GDPR čl. 9 — Osobitné kategórie

Health data requires explicit consent; retention only for medical need.

§ Procedure
01

§ 1 NCZI webhook via intermediary

Clinical systems / insurers send prescription_ready, lab_result, appointment_scheduled event.

02

§ 2 Encryption in transit and at rest

AES-256 in transit and DB; PII stripped from logs.

03

§ 3 Quick-reply for appointment confirmation

SMS with „Reply 1 to confirm". Reply filed in clinic SIS.

§ Code
json
{ "template": "ehealth_eRecept_ready", "channels": ["push", "sms"], "patient": { "id_obfuscated": "SK-PAC-XX-481923", "phone": "+421901234567" }, "prescription": { "id": "ERX-2026-481923", "issued_by": "MUDr_Kovac", "valid_until": "2026-06-09", "pharmacy_pickup": "Lekaren_Mile_Bratislava" } }
§ Sample message
SMS

Lekáreň Mile: Your eRecept ERX-2026-481923 ready for pickup. Valid until 09/06.

§ Checklist
  • NCZI intermediary certification
  • AES-256 encryption active
  • DPIA per GDPR Art. 35
What 4notify does differently

Ready templates for eRecepty + lab results with AES-256 encryption and HIPAA-style audit.

§ FAQ
Is 4notify HIPAA / GDPR Health compliant?

GDPR Health: yes. HIPAA not relevant (US). DPIA + BAA-equivalent agreements with clients.

Start free

14 days, no card. Support in Slovak and English.

Other norms