Midwifery Care ~ North Don River Valley’s Privacy Code
Commitment to Privacy
Protecting your privacy and the confidentiality of your personal information has always been an important aspect of the Midwifery Care ~ North Don River Valley’s operations. As a provider of midwifery services, the collection and use of clients’ personal information is fundamental to our day-to-day operations. In fact, it might even be said that any midwifery Practice Group’s most important asset is its information.
We strive to provide you with the best midwifery service. To us, that includes treating your personal information fairly and with respect. Each employee and representative must abide by our commitment to privacy in the handling of personal information. This Practice Group is also concerned about the personal information of its employees and representatives.
Applicability of This Privacy Code
Our Privacy Code informs you of our commitment to, and policy on, privacy. It tells you the ways we ensure that your privacy and the confidentiality of your personal information are protected. In this Code, “we”, “us” and “our” means the Midwifery Care ~ North Don River Valley Practice Group. “You” and “your” means the individual who is a client or potential client of this Practice Group. In other words, our Privacy Code applies to protect the personal information, in our possession and control, of all of our clients.
What is Personal Information?
Personal information is any piece of information, either factual or subjective, about an identifiable individual. Personal information does not include the name, title, business address, or telephone number of an employee of an organization.
The 10 Principles of Privacy
Our Privacy Code consists of the following ten key principles:
We take our commitment to securing your privacy very seriously. Each employee and representative of this Practice Group is responsible for the personal information under her control. Our employees are informed about the importance of privacy and receive information periodically to update them about our Privacy Code and related policies.
2. Identifying Purposes: Why We Collect Information
We ask you for information to establish a relationship and serve you as your midwives. We obtain most of our information about you directly from you, or as required, from your doctor. Whenever we collect information about you, we will explain how we intend to use it, either at that time or earlier. We will limit the information we collect to what we need for those purposes, and we will use it only for those purposes. We will obtain your consent if we wish to use your information for any other purpose.
We seek and confirm your consent to use your personal information at the time of collection or in advance. We will endeavor to employ clear, understandable language when we obtain your consent. Consent may be expressed in writing, and in some cases, you may provide it verbally or electronically. Written consent includes completing and signing a consent form. The choice to provide us with personal information is always yours. Upon request, we will explain your options of refusing.
4. Limiting Collection
Information is not collected by this Practice Group without a specific, limited requirement. We collect information by fair and lawful means.
5. Limiting Use, Disclosure and Retention
The information we request from you is used for the purposes defined. We will seek your consent before using the information for purposes beyond the scope of your original consent.
Under no circumstances do we sell client lists or other personal information to third parties. Our policy is to use personal information only to forward communications necessary or appropriate to the fulfillment of our obligations as your midwife, which may include related health care information.
There are some unavoidable types of disclosure of your personal information that may occur occasionally as part of this Practice Group fulfilling its routine obligations and/or conducting its midwifery practice in the ordinary course. This includes, for example, partners, consultants and suppliers to the Practice Group (also known collectively as “service providers”), assuming that they are abiding by our Privacy Code and only to the extent necessary to allow them to provide business services or support to this Practice Group, including technology, banking, financial, auditing, accounting, legal and insurance services.
We will retain your information only for the time it is required for the purposes we describe. Once your personal information is no longer required, it will be destroyed or made anonymous. However, due to our on-going exposure to potential claims and our need for statistical data, most information collected and aggregated is kept indefinitely.
All decisions involving personal information should be based on accurate and timely information. While we will do our best to base our decisions on accurate information, we rely on our clients to disclose all material information and to inform us of any relevant changes.
While you are under our care, we will make reasonable efforts to keep your information accurate and up-to-date, based upon satisfactory evidence provided by you and to the extent updated information is relevant to the purpose for which it was originally collected. We encourage our clients to review and confirm the accuracy of information provided. If you find any errors in this information, we urge you to contact us as soon as possible – by phone, fax, mail, or e-mail and we will make the appropriate corrections immediately, upon receipt of appropriate evidence.
7. Safeguards: Protecting Your Information
We will protect your information with appropriate safeguards and security measures, such as our computer usage and security policies. We audit our procedures and security
measures regularly to ensure that they are being properly administered and that they remain effective and appropriate. This Practice Group maintains personal information in a combination of paper and electronic files. Recent paper records concerning individuals’ personal information are stored in files kept onsite at our office. Older records containing individuals’ personal information are stored in a secure location in compact disk format at both an offsite storage facility as well as in the office.
Access to personal information will be authorized only for our employees, representatives and service providers who require access in the performance of their duties, to any person granted access by the individual through the consent process and to those otherwise authorized by law.
When providing information to health care providers acting on your behalf, we will require such organizations or individuals to abide by our Privacy Code. We will give them only the information necessary to perform the services for which they are engaged, and will require that they not store, analyze or use that information for purposes other than to carry out those services.
Our computer systems, are password-secured and constructed in such a way that only authorized individuals can access secure systems and databases.
If you send us an e-mail message that includes personal information, such as your name included in the “address”, we will use that information to respond to your inquiry. Please remember that e-mail is not necessarily secure against interception. If your communication is very sensitive, you should not send it electronically unless the e-mail is encrypted or your browser indicates that the access is secure.
8. Openness: Keeping You Informed
The Midwifery Care ~ North Don River Valley Practice Group has prepared this plain-language Privacy Code to keep you informed. It is made available to the public, in paper form, in the clinic.
If you have any additional questions or concerns about privacy, we invite you to contact us by phone, fax, mail, or e-mail and we will address your concerns to the best of our ability.
9. Providing Individual Access
We will give you access to the information we retain about you within a reasonable time, with a written request, satisfactory identification and proof of entitlement. You also have the right to know:
how we collected your personal information;
how we are using it; and
to whom it may have been disclosed, except where such disclosure was to a governmental body for routine purposes.
We may charge you a nominal fee and if so, we will give you notice in advance of processing your request.
If you find any errors in this information, we urge you to contact us as soon as possible – by phone, fax, mail, or e-mail and we will make the appropriate corrections immediately, based on the receipt of satisfactory evidence.
In some cases we may not provide access to personal information within our possession or control. This may occur when:
providing access would be likely to reveal personal information about a third party or could pose a threat to the security of the third party, and the information cannot be segregated;
disclosure would reveal confidential commercial information of this Practice Group;
it would be too costly, in our determination, to retrieve it;
the personal information is protected by privilege; or
the information has been collected during the investigation of a legal matter or cannot be disclosed for other legal reasons, such as a non-disclosure agreement.
If we deny your individual request for access to your personal information, we will advise you in writing of the reason for the refusal and you may then challenge our decision.
10. Providing Recourse: Respecting and Responding to Your Privacy Concerns
We encourage you to contact us with any questions or concerns you might have about your privacy or our Privacy Code. We will investigate and respond to your concerns about any aspect of our handling of your information.
In most cases, an issue is resolved simply by telling us about it and discussing it. You can reach us at:
Attn: Carron Canning, Privacy Officer
Midwifery Care ~ North Don River Valley
200 Finch Avenue West
North York, Ontario M2R 3W4
If, after contacting us, you feel that your concerns have not been addressed satisfactorily, please contact our Privacy Officer at the above contact information. Please be sure to include your name, address, preferred method of communication, the nature of your complaint, and relevant details, including your past communications with us.
If the issue is still not resolved satisfactorily, we will provide information on other complaint procedures that may be available to you.
Any changes to our Privacy Code and information handling practices shall be acknowledged in this Privacy Code in a timely manner. We may add, modify or remove portions of this Code when we feel it is appropriate to do so. You may determine when this Code was last updated by referring to the modification date found at the bottom of the page.
Last modified on the 29 th day of October 2014