It is our policy to protect the personal health information of all our patients in accordance with legal obligations set out by the Ontario’s Personal Health Information Protection Act (PHIPA) and in accordance with good business practices, along with privacy & security best practices.
Specifically, it is our policy to:
- Protect patient/client personal and health information against theft, loss and unauthorized collection, use or disclosure and to ensure that the records containing the information are protected against unauthorized copying, modification or disposal.
- Comply with legislative and regulatory requirements.
- Identify and appoint a designated security officer.
- Ensure staff understand their responsibilities and ensure that they receive appropriate training to discharge those responsibilities.
- Provide reference material for staff with practical security practices in key areas affecting the operation of our office.
- Perform periodic reviews of security practices.
- Prominently post the security policy for ready access by both staff and our patients.
- Enter into contractual agreements with security commitments with any third party that may handle person information and personal health information.