It is our policy to protect the personal health information of all our patients in accordance with legal obligations set out by the Ontario’s Personal Health Information Protection Act (PHIPA) and in accordance with good business practices, along with privacy & security best practices.
Specifically, it is our policy to:
- Protect patient/client personal and health information against theft, loss and unauthorized collection, use or disclosure and to ensure that the records containing the information are protected against unauthorized copying, modification or disposal.
- Comply with legislative and regulatory requirements.
- Identify and appoint a designated security officer.
- Ensure staff understand their responsibilities and ensure that they receive appropriate training to discharge those responsibilities.
- Provide reference material for staff with practical security practices in key areas affecting the operation of our office.
- Perform periodic reviews of security practices.
- Prominently post the security policy for ready access by both staff and our patients.
- Enter into contractual agreements with security commitments with any third party that may handle person information and personal health information.
PHIPA gives you the right to:
- Be informed of the reasons for the collection, use and disclosure of your personal health information;
- Be notified of the theft or loss or of the unauthorized use or disclosure of your personal health information;
- Refuse or give consent to the collection, use or disclosure of your personal health information, except in certain
circumstances; - Withdraw your consent by providing notice;
- Expressly instruct that your personal health information not be used or disclosed for health care purposes without your
consent; - Access a copy of your personal health information, except in limited circumstances;
- Request corrections be made to your health records;
- Complain to our office if you are refused access to your personal health information;
- Complain to our office if you are refused a correction request;
- Complain to our office about a privacy breach or potential breach; and
- Begin a proceeding in court for damages for actual harm suffered after an order has been issued or a person has been
convicted of an offence under PHIPA.
If you have any comments or concerns, please contact one of our privacy officers.