Privacy of personal information is an important principle to Nurse Direct. We are committed to collecting, using and disclosing personal information responsibly and only to the extent necessary for the services we provide. We try to be open and transparent about how we handle personal information. This document describes our privacy policies.
What is Personal Health Information?
Personal health information is information about an identifiable individual. Personal health information includes information that relates to:
• The physical or mental health of the individual (including family health history);
• The provision of health care to the individual (including identifying the individual’s health care provider);
• A plan of service under the Home Care and Community Services Act, 1994;
• The donation or testing of an individual’s body part or bodily substance;
• The individual’s health number; or
• The identification of the individual’s substitute decision maker.
Who We Are
Nurse Direct is a privately owned company. We use a number of consultants and agencies that may, in the course of their duties, have access to personal health information we hold. These include Physicians, Nurses, Hospices, Pharmacies, CCAC (Community Care Access Centers) and their contracted service providers. Nurse Direct also uses consultants and agencies that may, in the course of their duties, have limited access to personal health information we hold. These include credit card companies, website managers, etc. We restrict their access to any personal information we hold as much as is reasonably possible. We also have their assurance that they follow appropriate privacy principles.
Why We Collect Personal Health Information
We collect, use and disclose personal information in order to provide quality care to our clients. For example, we collect information about a client’s health history, including their family history, physical condition and function and social situation in order to help us assess what their health needs are, to advise them of their options and then to provide the health care they choose to have. A second purpose is to obtain a baseline of health and social information so that in providing ongoing health services we can identify changes that are occurring over time.
We also collect, use and disclose personal health information for purposes related to:
• Obtain payment for services, either from the individual, their substitute decision maker, private insurers or others.
• To conduct quality improvement and risk management activities. We review client files to ensure that we provide high quality services, including assessing the performance of our contracted staff and external service providers.
• To promote our business, new services, special events and opportunities that we have available. We will always obtain express consent from the client prior to collecting or handling personal health information for this purpose
• To comply with external regulators. Our professionals are regulated by the College of Nurses of Ontario who may inspect our records and interview our staff as a part of its regulatory activities in the public interest. The College of Nurses of Ontario has its own strict confidentiality and privacy obligations. In addition, as professionals, we will report serious misconduct, incompetence or incapacity of other practitioners, whether they belong to other organizations or our own. Also, our organization believes that it should report information suggesting illegal behavior to the authorities. In addition, we may be required by law to disclose personal health information to various government agencies (e.g. Ministry of Health, Information and Privacy Commissioner, Canada Customs and Revenue Agency, etc.).
• To educate new staff. We value the education development of current professionals about the specialty of care.
Protecting Personal Information
We understand the importance of protecting personal information. For that reason, we have taken the following steps:
• Paper information is either under supervision or secured in a designated area.
• Electronic hardware is either under supervision or secured in a designated area. In addition, all personal information is protected by multi level security including firewalls, the latest anti-virus software and password protected access to client data.
• Personal health information is only stored on password protected mobile devices if necessary and is limited to only client contact information.
• Paper information is transferred through sealed, addressed envelopes or boxes by reputable companies with strong privacy policies.
• We do not post any personal information about our clients on social media sites and our staff members are trained on the appropriate use of social media sites.
Retention and Destruction of Personal Information
We need to retain personal information for some time to ensure that we can answer any questions you might have about the services provided and for our own accountability to external regulatory bodies. We keep our client files for ten years from the date of the last client interaction.
We destroy paper files containing personal health information by cross-cut shredding. We destroy electronic information by deleting it in a manner that it cannot be restored. When hardware is discarded, we ensure that the hardware is physically destroyed or the data is erased or overwritten in a manner that the information cannot be recovered.
You Can Look at Your Records
You have the right to see all of your personal information held by Nurse Direct. As an integral part of your health care plan, obtaining health records from third parties is essential for care, however, Nurse Direct will not accept financial responsibility to obtain health records from a third party (e.g. hospital). These costs will be billed to you in additional to services provided.
Do You Have Questions or Concerns?
If you have any questions regarding our policy statement or concerns regarding our business practices, please feel free to contact our Privacy Information officer:
Rick Hale: firstname.lastname@example.org
Or…….. phone: 905-916-0612
You are also welcome to contact Val Dawson, Owner at: email@example.com
We will attempt to answer any questions or concerns you may have.
If you wish, you may also contact the Ontario Information and Privacy Commissioner at 416-326-3333