Privacy Policy                                                                                                               Copyright © Annex RMT Physical Health Clinic                    

Annex RMT Physical Health Clinic
Privacy Policy
 

Rev. July 2016

Annex RMT Physical Health Clinic is a Health Services Provider under the Personal Health Information Protection Act, 2004 S.O. 2004, c.3 (hereinafter PHIPA) and as such has certain obligations under PHIPA respecting the protection of Personal Health Information.

In this Privacy Policy:

"Personal Information" has the meaning ascribed thereto in the Personal Information Protection and Electronic Documents Act (Canada), S.C. 2000, c.5 and the regulations made thereunder and all amendments to that Act and its regulations.

"Personal Health Information" has the meaning ascribed thereto in PHIPA.

"Services" Means services provided to custodians.

Annex RMT Physical Health Clinic Privacy Obligations

LIMITING COLLECTION OF INFORMATION
Collection of Personal Health Information shall be limited to that which is necessary for the fulfillment of services.

LIMITING DISCLOSURE AND RETENTION OF INFORMATION
Personal Health Information will not be disclosed except in accordance with Annex RMT Physical Health Clinic obligations under its client agreements.

Annex RMT Physical Health Clinic  is committed to the proper classification, secure retention, and timely disposal of any record containing Personal Health Information that is deposited to or generated in client projects or collected by Annex RMT Physical Health Clinic  on behalf of client organizations, regardless of the media or format, including electronic and paper records, records in Annex RMT Physical Health Clinic possession or control, and records in the possession or control of contractors, outsourced service providers, consultants, or external parties performing tasks on behalf of Annex RMT Physical Health

ENSURING ACCURACY
Annex RMT Physical Health Clinic  will ensure that appropriate reviews are executed for client data integrity, will report any data integrity issues to appropriate management, and will correct all data integrity issues in a timely manner.

A process for the correction of any Personal Health Information will be designed as deemed necessary, to handle issues that cannot be corrected through normal system use or update mechanisms.

SAFEGUARDS
Annex RMT Physical Health Clinic will implement security safeguards appropriate to the sensitivity of the information to protect Personal Health Information against loss or theft, as well as unauthorized use, access, disclosure, copying, modification, or disposal.

INDIVIDUAL ACCESS
Annex RMT Physical Health Clinic has a documented process and procedure, with clear lines of accountability, to comply with applicable sections of PHIPA referring to individual access.

Annex RMT Physical Health Clinic has in place systems and processes to produce audit trails, which if necessary can be used to trace privacy and security violations and breaches.

Policy Concerning our Clients' Roles as Service Providers or Health Information Network Providers

 

GOVERNANCE
In order to meet its governance obligations under PHIPA and its agreements with its clients, Annex RMT Physical Health Clinic will:

Assign a privacy and security officer (PSO) to ensure compliance with obligations related to privacy and security.
Develop a RACI (responsible, accountable, consulted, and informed) chart to clearly define all privacy and security roles and responsibilities as they relate to Annex RMT Physical Health Clinic  obligations in client systems.
Develop key performance indicators to assess and report on privacy or security metrics reports for the particular engagement.
Review the Annex RMT Physical Health Clinic privacy and security policy, and privacy and security practices, processes, and procedures annually to ensure that they comply with applicable legal, contractual, industry and regulatory standards and requirements, and to determine whether changes are necessary or appropriate based on changes in laws and regulations or significant legal or other developments.
 

BREACH RESPONSE PROTOCOL
Annex RMT Physical Health Clinic promises the ability to promptly and appropriately respond to, contain, and mitigate the impact of any privacy or security breach or incident. Accordingly, Annex RMT Physical Health Clinic will have a documented breach response protocol to identify, manage, and resolve privacy and security breaches and incidents which occur as the result of loss, theft, unauthorized use, access, disclosure, copying, modification, or disposal of Personal Health Information.

 

OPERATING PROCEDURES
Annex RMT Physical Health Clinic has practices, processes, and procedures in place to ensure that it meets all requirements of PHIPA and of its client agreements.

Policy Concerning Business Operations, Including Web and Social Media

 

INFORMATION WE COLLECT
Annex RMT Physical Health Clinic and its affiliates have adopted a privacy policy that limits what we can do with Personal Information collected through our business operations, website, email, or other social media. Personal Information includes information about an identifiable individual other than name, address, email, and phone number, such as demographic information, information collected through our website, or other information we may collect from you from time to time. Submitted job applications, including resumes and references, would also qualify as Personal Information.

USE OF PERSONAL INFORMATION
Annex RMT Physical Health Clinic may use or collect Personal Information about you to help us provide services to you, such as to respond to your requests, verify your identity, provide services to you, process payments, process changes or updates to your account, send you notifications, conduct customer satisfactory surveys, provide information regarding our products or services, develop or enhance our products and services, manage and develop our business and operations, or generally maintain our relationship with you.

DISCLOSING YOUR PERSONAL INFORMATION
Annex RMT Physical Health Clinic will never sell your Personal Information to anyone.

Any disclosure is made on a confidential basis, with the information to be used only for the purposes for which it was disclosed. Your Personal Information may also be shared if Annex RMT Physical Health Clinic becomes part of a merger, amalgamation, joint venture, joint project delivery, or otherwise sells its business or part of its business.

PROTECTING YOUR PERSONAL INFORMATION
We follow industry standards to safeguard the confidentiality of your Personal Information. We use a variety of physical, electronic, and procedural safeguards to protect personal information. We do not warrant that the safeguards we implement are sufficient to protect Personal Information you transmit over the Internet. Most of your Personal Information is stored in Canada, Iceland, or the USA. Some companies providing services to Annex RMT Physical Health Clinic may be located outside of Canada (including the USA) and your Personal Information may be stored in those jurisdictions. As such, your Personal Information may be made available to the government or its agencies under a lawful order made in that country (including the USA).

ANALYTICS
We use "Google Analytics" to collect information about use of this site. Google Analytics collects information such as how often users visit this site, what pages they visit when they do so, and what other sites they used prior to coming to this site. We use the information we get from Google Analytics only to improve this site. Google Analytics collects only the IP address assigned to you on the date you visit this site, rather than your name or other identifying information. We do not combine the information collected through the use of Google Analytics with personally identifiable information. Although Google Analytics plants a permanent cookie on your web browser to identify you as a unique user the next time you visit this site, the cookie cannot be used by anyone but Google. Google's ability to use and share information collected by Google Analytics about your visits to this site is restricted by the Google Analytics Terms of Use (as mended for government websites) and the Google Privacy Policy. You can prevent Google Analytics from recognizing you on return visits to this site by disabling cookies on your browser.

Google Analytics employs cookies to define user sessions, which allows for the collection of data about how visitors are using the websites. Google Analytics uses only first-party cookies for data analysis. This means that the cookies are linked to a specific website domain, and Google Analytics will only use that cookie data for statistical analysis related to your browsing behavior on that specific website. According to Google, the data collected cannot be altered or retrieved by services from other domains.

If you choose, you can opt out by turning off cookies in the preferences settings in your web browser. For more information on Google Analytics, please visit Google Analytics

Google Analytics Terms of Service http://www.google.com/analytics/tos.html

Google Analytics Cookie Usage on Websiteshttps://developers.google.com/analytics/devguides/collection/gajs/cookie-usage

YOUR CONSENT
By way of any communication received from you, you are consenting to the collection, use, and disclosure of your Personal Information by providing us, our agents or partners, or such other third parties with your Personal Information. We may contact you by phone, email, or text to provide you with notifications, updates, or other information regarding our services and products.

You may withdraw your consent by mailing us at 303-1415 Bathurst Street, Toronto, ON, M5R 3H8, Canada or emailing us at privacy@annexrmt.com. Please understand that your withdrawal of consent may affect or limit our ability to provide services or products to you.

Please contact us by mail if you have any questions or concerns about our handling of your Personal Information.

Our privacy policy may change from time to time, so please check with us periodically.

How You Can Access or Correct Information

Access to personally identifiable information that is collected from our sites and that we maintain may be available to you. For example, if you created a password-protected account within our site, you can access that account to review the information you provided.

You may also send an e-mail or letter to the following e-mail or street address requesting access to or correction of your personally identifiable information. For verification purposes please include your first name, last name, e-mail address and the password you use for such service.

How to Contact Us

If you have any questions or concerns about the online privacy policy for this site or its implementation you may contact us at privacy@annexrmt.com or by mail:


Annex RMT Physical Health Clinic
Attention: Privacy Officer
303 - 1415 Bathurst Street, Toronto, ON, M5R 3H8, Canada
email: privacy@annexrmt.com