PRAXES Emergency Specialists Incorporated
Last Updated: May 10, 2018
Your privacy rights
Effective January 1, 2004, all Canadian businesses engaged in commercial activities were required to comply with the Personal Information Protection and Electronic Documents Act (PIPEDA). This Act gives you rights concerning the privacy of your personal information.
On May 25, 2018 the European Union is implementing a new privacy law called the General Data Protection Regulation (GDPR). This provides protection.
We are responsible for the personal information we collect and hold. To ensure this, we have developed this policy, and trained our representatives about our policies and practices.
Why do we collect personal information?
We provide Services to a wide range of clients. In order to do this, we must collect information about our clients and individual users of our Services.
What personal information do we collect?
Personal information is any information that identifies you, or by which your identity could be deduced. Depending on the services you request of us, it will include some or all of the following: your name, date of birth, address, email address, phone number, insurance company, place of employment, provincial health insurance number, information regarding your health and medical history and more. We need this information in order to provide healthcare and other services to our clients.
How do we collect your personal information?
We collect information only by lawful and fair means and not in an unreasonably intrusive way. Wherever possible, we collect your personal information directly from you.
Sometimes we may obtain information about you from other sources which, depending on the type of services we provide to you, may include:
- Your insurance company;
- Your doctor or other health care provider; and
- Government agencies or registries.
By requesting one of our services, you are consenting to our collecting, using and disclosing the information referred to in this document. In some cases we require additional consent from you. In some cases, written consent may be necessary.
Use of your information
We use your personal information to provide advice and service to you, and, from time to time, to provide you with information about our services, or to request feedback about services we have provided to you. If you tell us that you no longer wish to receive information about our services, we will remove you from our mailing list.
Disclosure of your personal information
We do not disclose your personal information to any third parties to enable them to market their products and services. We are required, however, to disclose information to certain government organizations and to your insurer to obtain payment of our account. In addition, we will disclose your personal information when:
- Required or authorized by law to do so;
- You have consented to the disclosure;
- Necessary in order to establish or collect sums owing to us;
- We engage a third party to provide administrative services to us, such as computer back-up services or archival file storage; and
- The information is already publicly known.
We also disclose your personal information to third parties to facilitate the provision of health care services. By way of example, we may disclose information about a health incident to another health care provider, or medical facility.
Retention of your personal information
The Colleges of Physicians and Surgeons in each Province of Canada require that medical records are retained for a minimum of 10 years after the last date on which services were provided, or for 10 years after the patient has reached the age of majority. This allows us to respond to enquiries about any Services we have provided to you.
Updating your information
Since we use your personal information to provide services to you, it is important that the information be accurate and up-to-date. If any of your information changes after your initial registration for the Services, please inform us so that we can make any necessary changes.
Is your personal information secure?
We take all reasonable precautions to ensure that your personal information is kept safe from loss, unauthorized access, modification or disclosure. Among the steps taken to protect your information are:
- Security of our premises;
- Restricted access to personal information;
- Deploying technological safeguards like security software and firewalls to prevent hacking or unauthorized computer access;
- Internal password and security policies.
- Data encryption during transmission and storage.
Notifications and Communications
The GDPR requires us to notify you about any unauthorized access to your data within 72 hours. You may provide us with instructions with respect to communications. Normally, our policies are as follows:
Telephone: Unless we are otherwise instructed, we will only leave our name and telephone number when we leave a message for you.
Fax: Each of our fax transmissions is accompanied by a cover sheet which indicates that the information is confidential. It is not possible, however, for us to confirm the privacy policies in place at the receiving end.
Mail or Courier: When we deliver health information, we place it in an envelope which is then sealed and marked confidential, and addressed to the attention of the authorized recipient.
Email: We will provide email notification if there has been a change (addition, modification) to your personal health record (PHR) but you will have to access that information by using your username and password to log into our secure software system with a username and password.
Right of Access to your personal information and data portability
You may ask for access to any personal information we hold about you. Summary information is available on request. We may ask to be reimbursed for copying charges if you require copies of the information held in our files.
Denial of access to personal information
Your right to access your personal information is not absolute. We may deny access when:
- denial is required or authorized by law;
- granting access would have an unreasonable impact on other people’s privacy;
- it is necessary to protect our rights and property;
- where the request is frivolous or vexatious.
If we deny your request for access to, or refuse a request to correct information, we will explain why.
Data Privacy Officer
The “Data Privacy Officer” (DPO) is the individual at PRAXES responsible for alerting the authorities and yourself if there are any privacy breaches that affect your personal health information.
Neil McWilliam, Data Privacy Officer (DPO)
Phone number: +1 (902) 420-9725
The “Data Controller”, responsible for storing and processing your personal health information, is PRAXES Emergency Specialists Inc. PRAXES provides Services using the following brand names – MDAccess, PRAXES and ClipperTelemed+, mobileDOCTOR.
PRAXES Emergency Specialists Inc.
6030 Almon St, Halifax, NS B3K 1T8 Canada
Phone number: +1 (902) 420-9725
Requests for Access
If you have any questions, or wish to access your personal information, please contact us at:
PRAXES Emergency Specialists Inc.
6030 Almon St, Halifax, NS Canada B3K 1T8
Phone: (902) 420-9725
Fax: (902) 420-9987
If you are not satisfied with our response, the Privacy Commissioner of Canada can be reached at:
Office of the Privacy Commissioner of Canada
30 Victoria Street
K1A 1H3 Canada
Phone: (819) 994-5444
TTY: (819) 994-6591