Health Information Security Compliance
We are committed to protecting and safeguarding your privacy. We will only use the information that we collect about you lawfully (in accordance with the Data Protection act 1998). This policy sets out how we will treat your personal information.
We may collect, store, and use the following kinds of personal data:
A cookie consists of information sent by a web server to a web browser and stored by the browser. The information is then sent back to the server each time the browser requests a page from the server. This enables the webserver to identify and track the web browser.
We may use both "session" cookies and "persistent" cookies on the website. We will use the session cookies to keep track of you whilst you navigate the website. We will use the persistent cookies to: enable our website to recognize you when you make subsequent visits to this website.
Session cookies will be deleted from your computer when you close your browser. Persistent cookies will remain stored on your computer until deleted, or until they reach a specified expiry date.
Most browsers allow you to reject all cookies, whilst some browsers allow you to reject just third party cookies. For example, in Internet Explorer, you can refuse all cookies by clicking "Tools," "Internet Options," "Privacy," and selecting "Block all cookies" using the sliding selector. Blocking all cookies will, however, have a negative impact upon the usability of many websites[, including this one.
We may use your personal information to:
Where you submit personal information for publication on our website, we will publish and otherwise use that information in accordance with the license you grant to us.
We will not without your express consent provide your personal information to any third parties for the purpose of direct marketing.
In addition, we may disclose information about you:
We will take reasonable technical and organizational precautions to prevent the loss, misuse, or alteration of your personal information.
We will store all the personal information you provide on our secure (password- and firewall-protected) servers.
Of course, data transmission over the internet is inherently insecure, and we cannot guarantee the security of data sent over the internet.
You may instruct us to provide you with any personal information we hold about you. The provision of such information may be subject to the payment of a fee (currently fixed at CAD$10.00).
You may instruct us not to process your personal data for marketing purposes by email at any time. (In practice, you will usually either expressly agree in advance to our use of your personal data for marketing purposes, or we will provide you with an opportunity to opt-out of the use of your personal data for marketing purposes.)
The website contains links to other websites. We are not responsible for the privacy policies or practices of third party websites.
Please let us know if the personal information which we hold about you needs to be corrected or updated.
PIPEDA (Personal Information Protection and Electronic Documents Act) is a Canadian federal law that sets rules for how businesses must handle personal data in the course of commercial activity.
PHIPA (Personal Health Information Protection Act) is a local, provincial (Ontario) legislation that protects the confidentiality and privacy of personal health information.
HIPAA (Health Insurance Portability and Accountability Act of 1996) is United States legislation that provides data privacy and security provisions for safeguarding medical information.
GDPR (General Data Protection Regulation) is a regulation in EU law on data protection and privacy in the European Union and the European Economic Area.
PIPEDA is close in structure to the GDPR regulations in the EU, and PHIPA closely aligns to the US HIPAA regulations.
Personal Information Protection and Electronic Documents Act (PIPEDA) Compliant
Personal Health Information Protection Act (PHIPA) Compliant
Health Insurance Portability and Accountability Act (HIPPA) Compliant
General Data Protection Regulation (GDPR) Compliant
We store and maintain all client records and data electronically with a PIPEDA, HIPPA, and GDPR compliant healthcare data storage solution delivered by IntakeQ.
All client care delivered by video collaboration, teleconferencing, and phone is PHIPA, PIPEDA, HIPPA, and GDPR compliant using the "Zoom for healthcare solution."