As a Health Information Custodian, Fiddick’s Nursing Home & Retirement Home Ltd.(“Fiddick’s”) is committed to serving our residents with the highest standard of care. Part and parcel of this is making sure that your privacy is respected. We are responsible for making sure your private information is protected, and that we follow the Personal Health Information Protection Act, 2004(“PHIPA”). Below are a set of Principles that we follow to better serve you. If you have questions, please contact our Privacy Officer at email@example.com
- Accountability for Confidential Information
Fiddick’s is accountable for your personal information which we control. Michael Fiddick is Fiddick’s Privacy Officer. Fiddick’s will ensure to:
- Have procedures and policies in place to protect your personal health information.
- Train our staff and affiliates on how to follow our policies and procedures. We will also educate them about their duties with regard to confidentiality.
- Engage with your complaints and inquires in a timely and appropriate manner, in accordance with PHIPA.
- Identifying Purposes for the Collection of Confidential InformationWe will identify the purposes for which confidential information is collected at or before the time of collection. Purposes include, but are not limited to:
- providing health care services or helping to provide health care services
- exchanging communication with other health care providers;
- performing a variety of different activities to improve quality of service, or the quality of any program or care;
- administering, planning, and managing our own managerial operations;
- processing, verifying or reimbursing monetary claims for the payment of health care goods or services;
- contacting an individual authorized (such as a family member or next of kin) to act on behalf of you; and
- educating our staff and agents to better provide health care;
- educating on risk management activities;
- improving educational opportunities and enhancing the provide and reputation of Fiddick’s and its programs.
- as otherwise authorized, permitted, or required by laws of Ontario and Canada.
Information is collected orally or in writing. Upon coming to Fiddick’s, for example, a notice or brochure setting out the purposes may be posted or handed out to the individual.
New purposes for collection will be provided to the individual, and consent will be obtained before the information is used for another purpose.
All those collecting information will be able to explain the purpose for collection.
As a rule, the individual, or their substitute decision-maker, must consent to the collection, use or disclosure of personal health information. We may disclose and use your personal health information without your consent, but only under strict conditions.
Fiddick’s assumes that an individual is able to consent to the collection, use and disclosure of personal health information, unless it is be unreasonable in the circumstances.
Where a data subject is not able to consent to disclosure, collection, or use of personal health information, another substitute authorised decision-maker, may grant consent for the data subject.
Consent may take many forms. It can be implied, or express. PHIPA mandates express consent in some specific circumstances. This includes most circumstances where Fiddick’s discloses personal health information:
- to a person who is not considered a health information custodian; or
- where the disclosure is not for the purposes of providing health care or assisting in providing health care, and it is not to another health information custodian.
There may be instances where Fiddick’s does receive personal health information from the individual, another health information custodian, or individual’s substitute decision-maker. When such receival is for the purposes of providing health care, Fiddick’s will assume that we have the implied consent of the individual to collect, use and disclose the information as needed for that purpose. However, this will not apply if the individual has withheld or withdrawn expressly said consent.
Fiddick’s may assume the implied consent to communicate with others, for example in the case of an emergency. However, this will not apply if the individual has withheld or expressly withdrawn said consent.
Fiddick’s may seek consent for the use or disclosure of personal health information at the time of collection. Circumstances may arise where, we request consent to use or disclose your information after we have received it.
Consent is needed for information being released for a newspaper article, and for photographs taken of a resident for a media or publication purposes.
All consents for release of information or court orders will be filed on the appropriate resident’s record.
In obtaining consent, your reasonable expectations are important. We strive to only obtain your consent in manners that are transparent. We do not obtain consent through deception.
The manner in which we obtain consent may depend on the circumstances and the type of information to be collected. If your consent is obtained orally, we will make a notation of this in your record of personal health information.
You may withdraw consent at any time, whether the consent is express or, by giving us. If you have withdrawn consent orally, we are required to make a notation in your record of personal health information.
- Limiting Collection of Confidential Information
We will limit the scope of the information collected to that which is needed for the purposes identified, as required by law. The amount, and nature of what is collected will be limited as appropriately needed.
- Limiting Use, Disclosure, and Retention of Information
The information we control will be retained for only as long as needed as required by the law. We maintain your information for 10 years, or as otherwise required by applicable law. It will be securely destroyed in accordance with our policies and the applicable legislation.
We may disclose your personal health information to another health care provider if the disclosure is reasonably necessary for the provision of health care and it is not reasonably possible to obtain consent in a timely manner. We may disclose your personal health information without consent if required for the direct treatment or care of a resident, or if there is a court order requiring the release of information.
We may disclose the personal health information about an individual who is deceased, or is reasonably suspected to be deceased, where allowed by law. For example, we may disclose personal health information to identify an individual, for the purpose of informing any person whom it is reasonable to inform in the circumstances of the fact that the individual is deceased or reasonably suspected to be deceased, and the circumstances of death, where appropriate. Lastly, we may disclose personal health information to the spouse, partner, sibling or child of the individual if the recipients of the information reasonably require the information to make decisions about their own health care or their children’s health care.
- Accuracy of Confidential Information
Fiddick’s will take all reasonable measures to maintain accurate, complete, and up-to-date information. Residents have the right to amend, and challenge inaccurate information. Should you believe something need to be amended, please reach out and let us know. Fiddick’s may not make an amendment should we believe the request is made in bad faith, or if we have reasonable grounds to believe the amendment would not be true.
- Security of Confidential Information
Your information will be stored appropriately, and proportionally to the nature of its sensitivity. Protection may include physical locks, codes, identification badges, key passes, or other restrictive measures. It may also include organizational measures, and technological measures, such as passwords, encryption, and anonymization. Contracted agents are bound to privacy and confidentiality as a condition of the contract. We share information on a need-to-know basis only. In the event of a breach, the Privacy Officer shall be immediately notified. We comply with all PHIPA notification requirements.
- Openness about Confidential Information Policies and Practices
Our privacy policies and practices are available online, and in person at our office. Included in our policy is the contact information for our Privacy Officer, how you can access your personal health information held by us, and a description of what information we are holding, and how we may share said information.
- Individual Access to Own Personal Information
Upon being requested in writing, Fiddick’s will furnish an individual with their medical information where reasonable and practicable. There is a charge of 25 dollars for every request, plus additional fees depending on what is requested. For more information, please contact firstname.lastname@example.org. We reserve the right to deny bad faith, frivolous or vexatious requests. You must provide sufficient information so that we can properly identify the information requested. We may deny a request for access for legal reasons; should this be the case; you will be informed in writing.
In the event you have any questions, please contact our Privacy Officer at email@example.com. If you feel that our policies or practices are not in compliance, alert us and if necessary, we shall make changes. If you are still unsatisfied, you can reach out to the Information & Privacy Commissioner of Ontario. The Commissioner’s address is 2 Bloor Street East, Suite 1400, Toronto, ON, M4W1A8, or can be reached at (416)- 325-3333, or 1-800-387-0073.
- Governing Law
In the event you have any questions, please contact our Privacy Officer or delegate at firstname.lastname@example.org. Furthermore, you can write to us at 437 First Avenue Petrolia, ON , N0N 1RO, or call us at (1) 519 882 0370.