The appropriate collection, use and disclosure of patients’ personal health information are fundamental to our day-to-day operations and to patient care. Protecting the privacy and confidentiality of patient personal information is important to the physicians and staff at Virtual Health Clinic. We strive to provide our patients with excellent medical care and services. Every member of Virtual Health Clinic must abide by our commitment to privacy in the handling of personal information.
Personal Health Information refers to identifying information about an individual relating to their physical or mental health (including medical history), the providing of healthcare to the individual, payments or eligibility for healthcare, organ and tissue donation and health card number.
You have the right to determine how your personal health information is used and disclosed. For most healthcare purposes, your consent is implied as a result of your consent to treatment; however, in all circumstances express consent must be written. Your written consent will be forwarded to the providers/staff who will document the request in patient’s medical records and notify appropriate healthcare providers and their supporting staff. It is understood that the consent directive applies only to the personal health information that the patient has already provided and not to the personal health information, which the patient might provide in the future. Personal Health Information Privacy Act permits certain collections, uses, and disclosures of the personal health information, despite the consent directive; healthcare providers may override the consent directive in certain circumstances, such as; emergencies and the consent directive may result in delays in receiving healthcare, reduced quality of care due to healthcare providers lacking complete information about the patient, healthcare provider’s refused to non-emergency care.
We collect information by fair and lawful means and collect only the information that may be necessary for purposes related to the provision of your medical care. We will not collect information from you if non-identifying information is sufficient.
On or before collecting personal information about you from you, our organization will disclose to you verbally or in writing:
We endeavor to ensure that all decisions involving your personal information are based on accurate and timely information. While we do our best to base our decisions on accurate information, we only rely on you to disclose all material information and to inform us of any relevant changes.
With limited exceptions, we will give you access to the information we retain about you within a reasonable time, upon presentation of a written request and satisfactory identification. We may charge you a fee for this service and is so, we will give you notice in advance of processing your request. If you find errors of fact in your personal information, please notify us as soon as possible and we will make the appropriate corrections. We are not required to correct information relating to clinic observations or opinions made in good faith. You have a right to append a short statement of disagreements to your record if we refuse to make a requested change. If we deny your request for access to your personal information, we will advise you in writing of the reason for the refusal and you may then challenge our decision.
If you wish to state a complaint about how our organization collects, uses, and discloses your personal information under the Personal Health Information Protection Act (PHIPA) please contact our Privacy Officer.
If you are unsatisfied with our response to your complaint you may wish to contact the Office of the Information and Privacy Commissioner of Ontario to obtain a review and mediation of your complaint.
Information and Privacy Commissioner of Ontario
2 Bloor Street East
We protect all forms of information collected from you or on your behalf (verbal, written and electronic) with appropriate safeguards and security measures that prevent unauthorized access, collection, use, disclosure, copying, modification or disposal or similar risks. Our administrative safeguards comprise of our written policies and procedures, which serve to protect patient, employee, and business information. We also provide our employees with privacy training and require them to sign a confidentiality agreement.Virtual Health Clinicmaintains personal information in a combination of paper and electronic files. Recent paper records concerning individuals' personal information are stored in files kept onsite at our office. Older records may be stored securely offsite. Access to personal information will be authorized only for the physicians and employees associated with Virtual Health Clinicand other agents who require access in the performance of their duties and to those otherwise authorized by law.
If you send us an e-mail message that includes personal information, such as your name included in the "address", we will use that information to respond to your inquiry. Please remember that e-mail is not necessarily secure against interception. If your communication is very sensitive, you should not send it electronically unless the e-mail is encrypted or your browser indicates that the access is secure.
In the case of a suspected privacy breach, Virtual Health Clinic’s Privacy Officer, Eva Sykora, will be notified, and an investigation will be started. The individual(s) whose personal information may have been compromised will be notified at the first reasonable opportunity. If a privacy breach is found to have occurred, the appropriate action will be taken to contain the breach, evaluate the risks, and implement measures to prevent the breach from occurring in the future. Virtual Health Clinicmaintains a record of every privacy breach of its electronic information systems that may pose a risk to an individual’s personal health information. The record includes details of all the corrective procedures taken to diminish the likelihood of future privacy breaches.
In the event of a business interruption or threat to Virtual Health Clinic’s operating capabilities a disaster recovery plan will be implemented to ensure that patient privacy remains protected and operationsare restored in a timely manner.The disaster recovery plan includes procedures used to identify the severity of the disruptive incident, manage the incident, maintain delivery of critical business functions during the incident, and recover from the incident. It also consists of guidelines for notifying users of the incident and contact lists of key individuals involved in operations.
If you have any questions about our privacy practices, please contact our Privacy Officer.
Virtual Health Clinic
Attention: Eva Sykora - Privacy Officer
401 Bay Street - 16th Floor