Privacy Policy

At QHR Technologies Inc., we value your privacy and take great care to protect it. As a leader in the healthcare technology industry, we strive to be transparent about our information handling policies. Below, you will find our privacy policies outlining how we commit to the protection of your data.

Click here to view QHR's internal privacy policies and procedures

QHR Health Information Network Provider Info Sheet

Please contact QHR’s Privacy Office to obtain further information about our policies and procedures or if you have any unresolved inquiries or concerns at: privacy@qhrtech.com

QHR's Public Privacy Notice

Table of Contents

1       Scope & Interpretation.

1.1.1    Personal Information and Personal Health Information.

1.1.2    What Personal Information is Not

2       Consent

3      How We Collect Personal Information.

4       How We Use Personal Information – Purposes

4.1     Provision of Products, Services, Programs, Contests, Promotions or Events

4.2     Business Management

4.3    Communication.

4.4     Market Research.

5       How We Share Personal Information.

6       How We Protect Personal Information.

7       Storage, Use and Disposal of Personal Information.

7.1     How Long We Keep Personal Information.

7.2     Where We Keep, Use Personal Information.

7.3    How We Dispose of Personal Information.

8       Access and Dispute Resolution.

9       Answering Your Privacy Questions

 


Scope & Interpretation

This policy applies to QHR and its affiliates and subsidiaries.  It also applies to websites operated by QHR and such affiliates and subsidiaries.

All references in this policy to “QHR” and to “us”, “we”, or “our” refer to all or any of the foregoing. This policy does not apply to certain related companies of QHR, such as Shoppers Drug Mart Inc. and Loblaw Companies Limited, Personal Information held by them is governed by separate privacy policies.

In this policy, we explain what Personal Information we collect, and how we use, share and manage it.

Please note that when you visit one of our websites, sign up for, participate in or purchase a specific product, service, program, contest, promotion or event available through QHR, additional terms and conditions may be provided regarding the collection, use or sharing of Personal Information in connection with that product, service, program, contest, promotion or event. Those terms and conditions will apply together with this policy.

This policy does not apply to the collection, use and sharing of Personal Information by companies with which we have business relationships.  However, if we receive from such entities Personal Information or non-personal information that we link to Personal Information, then this privacy policy will apply to the collection, use and sharing of that information.

Services provided by a healthcare provider, that we facilitate through our products, are governed by the law and privacy policy applicable to the healthcare provider, who will be the custodian of that information. As such, this Privacy Notice does not apply to the collection, use, disclosure, retention or destruction of Personal Information, including Personal Health Information, by a healthcare provider who is providing healthcare services directly to users of our products.

Personal Information and Personal Health Information

"Personal Information" as used in this policy means information about an identifiable individual, such as the name and date of birth of that individual and includes non-personal information that we link to Personal Information.

"Personal Health Information" is information relating to the state of a person’s health (e.g. your health and prescription history including diagnostic, health history and treatment information, as well as, drug benefit and provincial health card numbers, etc.).

What Personal Information is Not

This policy does not cover non-personal information, which is information that does not identify you. However, as stated above, when we collect non-personal information and link that non-personal information to an identifiable individual, then that information will become Personal Information and become subject to this policy.

Consent

Unless permitted or required by law, QHR will not collect, use or share Personal Information without first obtaining consent. We will obtain consent when we want to use Personal Information for a new purpose or for a purpose other than those stated at the time of collection, in this policy or in the terms and conditions of a specific product, service, program, contest, promotion or event you signed up for, participated in or purchased.

Consent can be “express” through words or by specific acts or “implied” by the conduct of the individual whose Personal Information is being collected, used or shared. By agreeing to this policy, you agree and consent that as a provider of Personal Information, we may collect, use, share or otherwise process your Personal Information in accordance with this policy. We may require an additional consent for specific products, services, programs, contests, promotions or events in the future.

You may withdraw your consent for certain purposes. For example, you may choose not to receive:

  • information addressed to you personally about products, services, programs, contests, promotions or events offered by QHR, affiliated companies or companies with whom we have business relationships; or
  • invitations addressed to you personally to comment on the products, services, programs, contests, promotions or events that you use or that are available to you.

However, because of legal or regulatory requirements that we have or contractual obligations you have with us, there are limited circumstances where you may not withdraw your consent to the collection, use or sharing of your Personal Information. If you choose not to provide us with certain Personal Information or if you withdraw your consent, where such withdrawal is available, we may not be able to offer you the products, services, programs, contests, promotions, events or information that you requested or that could be offered to you.

Please also be aware that, even if you have withdrawn your consent to receive marketing communications from us, we may continue to contact you for certain non-marketing purposes necessary for the management of our businesses, as required by law or related to products, services, programs, contests, promotions or events that you had signed up for, agreed to participate in or purchased.

To withdraw or limit your consent, you can contact us as described below in “Answering Your Privacy Questions”. If you have a product, service, program, or are participating in a contest, promotion, or event that is offered by a third party together with QHR or under a QHR brand, you may also have to provide your consent preferences or withdraw your consent with that third party separately.

Please note that it may take some time for all of our records to reflect changes in your preferences. For example, if you request that you not receive personalized marketing communications from QHR, your preference may not be captured for a promotion already in progress.

How We Collect Personal Information

QHR collects Personal Information in a variety of ways such as during the course of your purchase of, or application or request for a quote for, our products and services or your participation in or use of one or more of our products, programs, contests, promotions or events. QHR limits the collection of Personal Information to what is reasonably required.

QHR collects Personal Information in the following ways:

Directly From You. You may provide Personal Information to us in person, by mail, over the telephone, through our websites or in any other direct manner. For example, Personal Information may be collected through our monitoring and recording of communications, such as telephone calls to our call centres.

From Related Companies. We may receive Personal Information from related companies.  Any such disclosure to us by a related company will be done in accordance with that company’s privacy policy.

From Third Parties. Occasionally, we may receive Personal Information from other sources if we have obtained your consent to do so or if the law permits us to do so.

Through Technology. We may collect Personal Information and non-personal information through various technologies directly from you or from third parties.

Websites, Social Media, Applications and other electronic means: We may collect Personal Information and non-personal information electronically, directly from you or through third parties. For instance, we may access Personal Information about you when you share information about yourself on social media networks and also when you interact with us electronically such as through our information technology systems, websites, email, mobile applications, social media properties or online advertising. For example, when you visit one of our social media sites, we may collect Personal Information that you choose to submit to us such as your name, contact information, opinions or any other information you choose to provide for the purposes of responding to an enquiry you have made, or for any other purpose disclosed to you at the time of the collection. Third parties may provide information about you to us, such as search terms you used, or refer you to us as a result of a search you conducted.

When you interact with us, such as when you visit our websites or click on our ads, we may use, and send to your device or computer, cookies, web beacons, single-pixel gifs and other technologies to help us collect and store Personal Information or non-personal information about you or to enable us to present offers to you, including interest-based ads. These technologies are used to help us understand what actions you take on our own and on third parties’ websites and applications. For instance, we may store Personal Information and non-personal information, such as your name, email address, province and language preference, on one of these technologies to enable us to populate entry fields that you have previously completed or present you with content specific to your region and language preference.

We may also collect, or allow authorized third parties to collect, information about users’ web browsers to monitor the security of our products, including to help you detect fraudulent authentications, and to ensure that our products function properly and securely.

We may also record user and usage data, such as where users click on a page, the internet protocol (“IP”) address, operating system, which website or ad the user clicked on to reach our website and which search terms were used, to help us optimize our websites, generate reports, display interest-based advertisements, or understand which key words result in visits to our websites. You may delete or disable certain of these technologies, such as cookies, at any time via your browser. However, if you do so, you may not be able to use some of the features of our websites.

When you visit our websites, we may place, or we may allow third party companies (such as advertising networks) to place cookies or web beacons on your computer or device to collect information (not including your name, address, email address or telephone number) about your visits to our websites, as well as your other online activity, which may be tracked and used, in combination with other information about you, by us or these third party companies to provide advertisements on our websites and other websites about goods or services that may be of interest to you.  You may delete or disable certain of these technologies, such as cookies, at any time via your browser.

We may use Google Analytics, a web analysis service of Google Inc. ("Google"). Google Analytics uses cookies to analyze your use of the Sites, to create reports about visitor activities for us and to provide further services associated with the use of the Sites and the Internet. Although this information is collected through your Google ad settings, it is not provided to us in a personally-identifiable format. You may opt out of Google’s interest-based advertising at www.google.com/settings/ads or through the Google opt-out browser add-on located at https://tools.google.com/dlpage/gaoptout.

If you choose to download or use a mobile or location-based application (“app”) created by or for QHR, we may receive Personal Information and non-personal information about your current location and about your mobile device, tablet, or browser, such as a unique identifier for your device. Most devices, tablets and browsers allow you to turn off the tracking of your location. However, if you do so, you may not be able to use some or all of our apps.

How We Use Personal Information – Purposes

We identify the purpose for which Personal Information will be used typically at or before the time the Personal Information is collected. Our use of Personal Information is limited to the purposes described in this policy, the purposes set out in the terms and conditions of any product, service, program, contest, promotion or event in connection with which Personal Information was collected, purposes required by law and purposes consistent with any of those purposes. As new purposes may develop over time, we may update this policy so we encourage, you to review this policy periodically online.

QHR collects, uses and shares Personal Information for the following purposes, which involve, among other things, the activities described for each:

Provision of Products, Services, Programs, Contests, Promotions or Events

To provide products, services, programs, contests, promotions or events, which includes:

  • Creating, administering, and maintaining accounts, which may include processing your application or providing a quote for a product, service or program, verifying your identity, determining your eligibility for a product, service or program, or protecting parties from errors and fraud;
  • Maintaining our products and providing customer service, which includes correcting known issues manually or through software updates, and keeping our products operating as intended;
  • Monitoring the security of our products to ensure that they function properly and securely;
  • Processing your transactions or contacting you about special orders; and
  • Connecting you with a healthcare provider

Business Management

In order to manage our businesses, which includes:

  • Maintaining the security of the public and customers, employees and property;
  • Maintaining quality service levels and to assist in training staff and service providers;
  • Maintaining a record of who our current and past customers are;
  • Deploying and managing our information technology applications and systems, including to troubleshoot a problem or to test systems including before a change is deployed throughout a system (we use non-personal or anonymized information for such purposes as much as possible); and
  • Managing and facilitating the use of our websites and mobile applications, which may include using cookies and other similar technology.

We use third-party use cookies, web beacons and other site-related technologies for various purposes including session management, traffic monitoring, personalization, transactions (e.g. credit card sales), marketing or promotional purposes, to better understand which web, mobile or other electronic features you use, or to improve or to develop new products, services, programs, contests, promotions or events. For example, we may use cookies to count the number of visitors to our websites, and to compile aggregated information on websites and user activity to help us improve the functionality of our websites.  Please refer to the section titled “Through Technology” in “How We Collect Personal Information”, and also to the terms of use on our websites, social media sites and mobile applications for more information about the Personal Information and non-personal information that is collected on those sites and applications and the purposes for which that information is used.

Communication

In order to communicate with you, which includes: 

  • Informing you about special offers and promotions or products, services, programs or events that QHR reasonably believes may be of interest to you;
  • Enabling your participation in contests, promotions, surveys, chats, seminars or workshops, including contests where entry is automatic;
  • Taking or verifying instructions from you;
  • Responding to your enquiries;
  • Providing you with information about the products, services, programs, promotions, contests and events you currently have or are participating in;
  • Recommending particular products, services, programs, promotions, contests or events to meet your needs;
  • Providing you with offers or services based on the location provided by your mobile device (also referred to as location-based advertising) or based on your interests;
  • Establishing a record of the Personal Information you provide or that we receive about you; and
  • Communicating changes to QHR's policies or procedures that affect you, including this policy.

Unless you tell us otherwise or consent is required by law, we may contact you by any means for which you have provided contact information.

If you no longer wish to receive commercial electronic messages from us please follow the unsubscribe directions provided in every commercial electronic message we send, or you can send an email to privacy@qhrtech.com for assistance.

Market Research

In order to understand current and future consumer interests, which includes:

  • Conducting market research by tracking and analyzing current or previously collected information such as purchases, web activities (including offers viewed, opt-out preferences, bounces, click-throughs, content on social media and IP addresses), account activity, use of mobile device (including use of features, and duration, frequency), and the methods used to apply for or to access or use products, services, programs, promotions, contests or events;
  • Using information from these marketing, research and statistical analyses to improve or to develop new products, services, programs, promotions, contests or events, to better understand you and communicate with you as set out above;
  • Using information derived from your use of our products, including partner applications integrated for use with our products, configurations, log data, feature access, and performance results to optimize and improve our products, retain customers, or otherwise operate our business.

Please note that Personal Health Information, as that term is defined in law, such as medical or prescription information, is not shared for market research purposes among QHR, its affiliates, subsidiaries or related companies. 

How We Share Personal Information

Where permitted by law, we share Personal Information within QHR for the purposes described in this policy.  Please note, however, that Personal Health Information or financial information is only shared within QHR on a limited basis, such as to provide support, process a claim or a credit card transaction and is not shared for marketing purposes (although may be used by the company to which it was provided for some marketing purposes).

Subject to the provisions of this policy, we may also share Personal Information and non-personal information, for the purposes described in this statement, with related companies.  These related companies are not governed by this policy, but have in place their own policy or policies as well as appropriate safeguards for the protection of Personal Information.  For example, we may share your purchase history and other information about you with Loblaw Companies Limited and its affiliates and subsidiaries, current and future, and our other affiliates to help improve our respective products and services, better understand your information needs and communicate with you.

We may also share Personal Information about you with other organizations outside of QHR that help QHR provide products, services, programs, promotions, contests or events or help us with our business operations. These other organizations may include sub-contractors, third party service providers, third parties that offer products, services, programs, promotions, contests or events under one of our brands, or organizations that help us improve our products, services, programs, promotions, contests or events as well as our business and technology systems, procedures and infrastructure. When QHR shares Personal Information with any such party, we limit the use of such Personal Information to those purposes requested by us and we require the party to have appropriate safeguards for the protection of that Personal Information.

Other sharing. Canadian law permits or requires the use or sharing of Personal Information without consent in specific circumstances. These circumstances include situations when permitted or required by law or when necessary to protect QHR, employees, customers, or others. Should this occur, QHR will not share more Personal Information than is required to fulfill that particular purpose.

Sale or transfer of business. From time to time, we may decide to sell or transfer all or part of our business to a related company or to a third party, to merge with another entity, to insure or securitize its assets, or to engage in another form of corporate or financing transaction (including transfers made as part of insolvency or bankruptcy proceedings or as part of a corporate reorganization or stock sale or other change in corporate control). In addition, the manner in which products, services, programs, contests, promotions and events are provided to you, and the organization providing those products, services, programs, contests, promotions or events, may also change. If your Personal Information is required in connection with any such transactions, we will require that the parties involved, including affiliates, advisors or other service providers, agree to protect your Personal Information with policies meeting standards equivalent to those set out in this policy both during and after completion of the transaction.

Similarly, the relationship between QHR and a third party that provides a product, service, program, contest, promotion or event under a QHR brand may cease. If that third party continues to provide a product, service, program, contest, promotion or event to you, your Personal Information will be subject to that third party’s privacy policy.

Other than as stated in this policy or as stated in terms and conditions or as part of a consent in relation to a product, service, program, contest, promotion or event, QHR does not sell, trade or share for financial or other benefit any Personal Information with third parties.

How We Protect Personal Information

QHR strives to maintain appropriate physical, procedural and technical safeguards with respect to the offices, websites and information storage facilities so as to prevent loss, misuse, unauthorized access, disclosure, or modification of Personal Information. These safeguards also apply to the disposal or destruction of Personal Information.

QHR has taken steps to ensure that everyone who works for QHR, and the third parties with which we contract, understand the sensitivity of Personal Information and are required to adhere to the protection of Personal Information as set out in this Policy. We educate and train our staff on the importance of protecting Personal Information and ensure that access is provided only on a “need-to-know” basis. We use roles-based access to ensure that only those who are authorized to access your Personal Information can access it.

We also seek to ensure that any Personal Information in our custody is as accurate, current and complete as necessary for the purposes for which we use that Personal Information.

QHR uses various security safeguards to protect Personal Information, which include but are not limited to multi-factor authentication, proactive penetration tests, encryption of data in transit and at rest, active logging, intrusion detection and prevention systems, unique user accounts, role-based access based on need to know policies and ensuring that third parties have similar or better privacy practices than QHR.  QHR applies a risk-based approach to determining which controls are required for each instance of Personal Information.

In addition to the safeguards, we regularly monitor our systems for possible vulnerabilities and attacks.

Storage, Use and Disposal of Personal Information

How Long We Keep Personal Information

We actively retain Personal Information only as long as it is required for our relationship and a certain period of time afterwards to respond to queries or as required by federal and provincial laws. When this period ends, Personal Information is scheduled for destruction according to our record retention policies. Depending on the nature of the Personal Information and the purpose for which it was collected, this schedule may vary.

Where We Keep, Use Personal Information

In general, we store, access and use Personal Information in Canada. Unless there is a legal or regulatory requirement to keep such information in Canada, Personal Information may also be stored, accessed, or used outside of Canada. For instance, when we engage a service provider outside of Canada, Personal Information may be stored, accessed or used in any country where the service provider is located, or from which it provides services, including the United States. Personal Health Information that is stored within our products and hosted by us is stored within Canada. We may engage service providers outside of Canada to process Personal Health Information for the purposes of improving data security, connecting peer-to-peer connections, or streaming video. Peer-to-peer connections and video streaming are supported from within Canada, with fail-over servers located in the United States. The contents of video streams cannot be viewed by service providers. Where Personal Information is located outside of Canada, it is subject to the laws of that jurisdiction.

How We Dispose of Personal Information

Once Personal Information is no longer required for the purposes it was collected or to meet other regulatory requirements it will be scheduled for deletion.  Where the Personal Information is stored in an electronic format, it will be deleted from the application or systems which it is retained.  Any backups of the Personal Information will exist until rotated out of the backup archives.  Physical storage which is retired is put through a deep data wipe, degaussing and/or physical destruction to ensure there is no risk of Personal Information being recovered.  Personal Information which is recorded on paper is shredded to ensure that the Personal Information cannot be recovered. 

Access and Dispute Resolution

QHR provides a right of access and review of your Personal Information in accordance with applicable laws and will endeavor to provide the Personal Information in question within a reasonable time. You will be asked for identification so that we may verify your identity before providing you with your Personal Information. If you require the documents in an alternative format, we will make reasonable efforts to provide you with your Personal Information in that format. If there will be charges for us to retrieve or provide you with specific information that you have requested, we will advise you of the charges that you would be responsible for and obtain your authorization before proceeding.

Our policy is to respond to access requests as required by applicable laws. QHR may decline access to Personal Information in certain circumstances. These include where the information requested would reveal confidential information or Personal Information about someone else, or if legal or regulatory requirements prohibit providing access or permit not providing access to such information. To access your Personal Health Information, a written request should be sent to the Provider from which you received Services.

If you are concerned about how we treat your Personal Information, please contact the Privacy Officer using the contact information set out below in “Answering Your Privacy Questions”.

If the Privacy Officer is unable to address your concern to your satisfaction, arbitration may be an option recommended to you to settle the dispute. Arbitration is a form of dispute resolution. If the parties decide to pursue arbitration, then the parties would refer the dispute to an arbitrator who would take into account the evidence of each of the parties and render a decision.

Answering Your Privacy Questions

QHR encourages you to review this policy periodically. If you have any questions about how we treat your Personal Information or wish to know what information we have in our files about you, ask a question about the information in your file or request a change to the information in your file, please contact the Privacy Officer at privacy@qhrtech.com.

For inquiries that relate to personal health information, please contact the Provider from which you received Services.

If you have a product, service, program, or are participating in a promotion, contest or event that is offered by a third party under a QHR brand, the third party may hold certain of your Personal Information. Should you have any questions or concerns, we will direct you to the appropriate contact so that you may make enquiries as to that party’s privacy policies and practices.

At QHR, we understand the responsibility that comes along with collecting, using and sharing Personal Information. In adopting and adhering to this policy, we assure you that the Personal Information we collect will be used in an appropriate and responsible manner.

 

QHR's Internal Privacy Policies and Procedures

Collection, Use and Disclosure Policy  5

Retention of Personal Information Policy  5

Individual Access to and Correction of Personal Information Policy  6

Privacy Incident and Breach Management Policy  8

QHR Health Information Network Provider Info Sheet 

Definitions


Collection, Use and Disclosure Policy

This policy describes how QHR collects, uses, and discloses Personal Information. Often, we are acting on behalf of a Health Information Custodian. Either the Health Information Custodian, or QHR, will collect explicit or implied consent before collecting, using, or disclosing your personal information. We tell people why their personal information is being collected and what it will be used for before collecting it, and before QHR allows other organizations to access Personal Information, we ensure those organizations have appropriate safeguards in place.

Consent

QHR shall obtain the consent of individuals, or their authorized representative, for the collection, use and disclosure of the individual’s Personal Information, except where QHR is authorized by law to do so without consent.

Individuals may provide consent orally, in writing, or electronically as long as the identity of the individual providing consent can be verified.

·     If an individual provides consent orally, QHR shall document it so as to have a record of the consent.

Consent may be implied where the purpose for collecting, using, or disclosing the Personal Information would be considered obvious and where the individual voluntarily provides the Personal Information for that purpose, unless express consent is required by law.

QHR shall not require consent as a condition for providing a product or service, beyond that required to fulfill an explicitly specified and legitimate purpose, and shall not obtain consent though deception, coercion, or misleading practices.

Individuals may withhold or withdraw their consent for QHR to use their Personal Information subject to certain exceptions, such as where the Personal Information is necessary to provide the service or product, or where the withdrawal of consent would frustrate the performance of a legal obligation. 

·        An individual’s decision to withhold or withdraw their consent to certain uses of Personal Information may restrict QHR’s ability to provide a particular service or product. If so, QHR will explain the situation to assist the individual in making the decision.

Collection of Personal Information

QHR shall inform individuals of the purposes for which Personal Information is collected, used, and disclosed at or before the time QHR collects their Personal Information.

QHR shall only collect Personal Information that is necessary to meet our obligations to individuals and health care providers.

Authorized Persons shall only collect Personal Information as required for the performance of their duties with QHR.

The purposes for which Personal Information may be collected includes, but is not limited to:

·        the provision of products, services, programs, contests, promotions or events;

·        business management;

·        communication; and

·        market research.

Use of Personal Information

QHR shall not use Personal Information for purposes other than those for which it was collected, except with the consent of the individual or as required by law.

QHR shall not use Personal Information for purposes for which consent has been withdrawn, unless consent is subsequently reobtained from the individual.

Authorized Persons shall only use Personal Information as required for the performance of their duties with QHR.

Disclosure of Personal Information

QHR shall not disclose Personal Information for purposes other than those for which it was collected, except with the consent of the individual or as required by law.

QHR shall not disclose Personal Information for purposes for which consent has been withdrawn, unless consent is subsequently reobtained from the individual.

QHR shall ensure that third parties to whom QHR discloses Personal Information have appropriate safeguards in place for the protection of the Personal Information.

Authorized Persons shall only disclose Personal Information as required for the performance of their duties with QHR.

Safeguards

QHR shall employ physical, technical, and administrative safeguards to protect QHR’s systems and all Personal Information under QHR’s control against loss or theft, and from unauthorized access, disclosure, copying, use, disposal, or modification. QHR shall ensure that all safety and security measures are appropriate for the sensitivity level of the Personal Information.

QHR shall ensure that all service providers and agents have appropriate safeguards in place for the protection of the Personal Information, are required to maintain confidentiality, and may not use the Personal Information for any unauthorized purpose.

Privacy Breach Notification

Any collection, access, use, or disclosure of Personal Information not complying with this policy shall be reported to the Privacy Office. See QHR’s “Privacy Incident and Breach Management Policy” for more details.

Non-compliance with this policy may result in disciplinary action up to and including termination of employment or appointment.

Non-Identifying Information

Non-Identifying Information may be collected, accessed, used, and disclosed by QHR for any purpose, in accordance with the applicable legislation as long as the recipient of the data is not able to re-identify it.

QHR may transform Personal Information into Non-Identifying Information where the end user of the information does not require the identity of the individual(s) or business(es).

 


Retention of Personal Information Policy

QHR only retains Personal Information only for as long as is necessary to meet the purposes for which it was collected, or for as long as is necessary to meet our legal requirements, and then destroys that information.

Retention

QHR shall only retain Personal Information for as long as is necessary for the fulfillment of the purposes for which it was collected, unless QHR is otherwise required to retain said Personal Information.

QHR may be required to retain Personal Information for a period of time after fulfillment of the purposes for which it was collected in order to respond to queries or as required by federal and provincial laws. Depending on the nature of the Personal Information and the purpose for which it was collected, this schedule may vary.

For example:

o   QHR may retain Personal Information involved in data imports or exports for up to six months after the import or export takes place; and

o   QHR may retain financial Personal Information for up to seven years from the end of the last tax year that it relates to.

Once the purposes for the collection of Personal Information have been fulfilled, and if QHR is not otherwise required to retain said Personal Information, QHR shall destroy the Personal Information in a way that is appropriate for the sensitivity level of the Personal Information.


Individual Access to and Correction of Personal Information Policy

Individuals may access and request correction to any of their Personal Information held by QHR at any time. Where QHR is acting on behalf of a Health Information Custodian, all requests regarding access and correction of Personal Information must be made to the Custodian of the information.

Individual Requests to Access Own Personal Information

Individuals may request access to their own Personal Information, subject to limited exceptions.

Requests to access Personal Information must be made in writing and provide sufficient detail to identify the Personal Information being sought.

QHR shall verify the identity of the individual before providing them with access to their Personal Information.

Individual requests for access to Personal Information shall be directed to the department holding the Personal Information and QHR shall respond to requests as soon as reasonably practical.

Before providing an individual with access to their Personal Information, QHR shall review the records and redact any Personal Information relating to anyone other than the individual who is making the request.

QHR departments, in conjunction with the Privacy Office, may develop processes and fee schedules for responding to requests for Personal Information.

Individual requests for access to Personal Information that is classified as Personal Health Information shall be forwarded to the Health Information Custodian, or as per any agreed instructions from the Health Information Custodian in an agreement, as soon as reasonably practical.

Upon request, QHR shall also inform individuals how QHR uses their Personal Information and to whom it is disclosed, if applicable.

If a request is refused in full or in part, QHR shall notify the individual in writing, providing the reasons for refusal and the recourse available to the individual.

Individual Requests to Correct Own Personal Information

QHR shall make reasonable efforts to ensure that Personal Information is accurate and complete where it may be used to make a decision about the individual or disclosed to another organization.

Individuals may request amendments or corrections to their own Personal Information.  

Requests to correct Personal Information must be made in writing and provide sufficient detail to identify the Personal Information being sought.

QHR shall verify the identity of the individual before correcting or amending their Personal Information.

Individuals requesting corrections of Personal Information shall be directed to the department holding the Personal Information and QHR shall respond to requests as soon as reasonably practical.

QHR departments may, in conjunction with the Privacy Office, develop processes for responding to requests for amendments or corrections.

Individual requests for amendments or corrections to Personal Information that is classified as Personal Health Information shall be forwarded to the Health Information Custodian, or as per any agreed upon instructions from the Health Information Custodian in an agreement, as soon as reasonably practical.

If possible and as appropriate, where Personal Information is demonstrated to be inaccurate or incomplete, QHR shall correct the Personal Information as soon as reasonably practical. QHR shall send the corrected Personal Information to any organization to which QHR disclosed the Personal Information in the previous year, if it is reasonable to do so. If the correction is not made, QHR shall note the individual’s correction request in the file.

Requests regarding other matters shall be directed to the Privacy Office as soon as reasonably practical.


Privacy Incident and Breach Management Policy

In the event of a Privacy Incident or Breach, QHR takes immediate action to contain the event, assess the risk, and notify the appropriate individuals and regulatory bodies in accordance with applicable law. Where QHR is acting on behalf of a Health Information Custodian, we will notify the Custodian of any Privacy Breaches, and the Custodian will then follow their own privacy policies regarding notification to individuals and governing bodies.

Privacy Events

QHR employees shall report Privacy Events to the Privacy Office immediately.

Containment

A Response Team shall be assembled in order to contain and investigate the Privacy Event and the Response Team shall consider the Privacy Event a critical situation until it has been contained and investigated to mitigate potential further damage. 

The Response Team shall contain the Privacy Event as quickly as possible.

·        Containment involves limiting the scope and impact of the Privacy Event and may include stopping the unauthorized practice, recovering the data or records, shutting down the system that was breached, revoking or changing computer access codes, or correcting weaknesses in the physical or electronic security.

QHR employees shall not destroy evidence that may be valuable in determining the cause or allowing QHR to take appropriate corrective action until authorized to do so by the Response Team.

Classification

The Response Team shall classify the Privacy Event as a Privacy Incident or a Privacy Breach.

If the Privacy Event is classified as a Privacy Incident, a breach did not occur, and the next step is for the Privacy Office to complete an evaluation of the Privacy Incident.

[Skip to section Evaluation and Response, below.]

If the Privacy Event is classified as a Privacy Breach, the next step is to assess the risk resulting from the breach.

[Continue to section Risk Assessment, below.]

Risk Assessment

The Response Team shall determine whether there is a real risk of Significant Harm arising from the Privacy Breach based on the sensitivity of the Personal Information involved in the breach and the probability that the Personal Information has been, is being, or will be, misused.

While assessing the risk, the following should be considered:

·        How sensitive is the Personal Information?

·        What happened and how likely is it that someone would be harmed by the breach?

·        Who actually accessed or could have accessed the Personal Information?

·        How long has the Personal Information been exposed?

·        Is there evidence of malicious intent (e.g., theft, hacking)?

·        Were a number of pieces of Personal Information breached, thus raising the risk of misuse?

·        Was the Personal Information exposed to limited/known entities who have committed to destroy and not disclose the data?

·        Was the Personal Information exposed to individuals/entities who have a low likelihood of sharing the information in a way that would cause harm? (e.g. in the case of an accidental disclosure to unintended recipients)

·        Was the Personal Information exposed to individuals/entities who are unknown, or to a large number of individuals, where certain individuals might use or share the information in a way that would cause harm?

·        Is the Personal Information known to be exposed to entities/individuals who are likely to attempt to cause harm with it (e.g. information thieves)?

·        Has harm materialized (demonstration of misuse)?

·        Was the Personal Information lost, inappropriately accessed or stolen?

·        Has the Personal Information been recovered?

·        Is the Personal Information adequately encrypted, anonymized or otherwise not easily accessible?

If the Response Team determines there is NOT a real risk of Significant Harm, the next step is for the Privacy Office to complete an evaluation of the Privacy Breach.

[Skip to section Evaluation and Response, below]

Notice

If the Response Team determines there is a real risk of Significant Harm to an individual, the Response Team shall refer to the applicable privacy legislation to determine whether the individual(s) involved must be notified of the Privacy Breach.

Where notice is required, the Response Team shall notify that individual of the breach as soon as is feasible, unless the Personal Information that was breached is classified as Personal Health Information and QHR is an Agent of a Health Information Custodian.

·        Where the Personal Information that was breached is classified as Personal Health Information and QHR is an Agent of a Health Information Custodian, the Response Team shall notify the Health Information Custodian of the breach as soon as is feasible.

Where notice is required, notice must be given directly to the individual or Health Information Custodian, unless indirect notification is permitted.

If applicable, the Response Team may also notify any other organizations or government institutions (for e.g. law enforcement or payment processors) that the Response Team believes could reduce the risk of harm or mitigate that harm that could result from the breach.

Notification must include the following information:

·        a description of the circumstances of the breach;

·        the date, estimated date, or the period during which the breach occurred;

·        a description of the Personal Information that is the subject of the breach to the extent that the information is known, but should not contain the actual Personal Information unless necessary to explain the nature and sensitivity of the information;

·        a description of the steps that QHR has taken to reduce the risk of harm that could result from the Privacy Breach;

·        a description of the steps that affected individuals could take to reduce the risk of harm that could result from the breach or to mitigate that harm; and

·        contact information that the affected individual can use to obtain further information about the breach.

Report

If the Response Team determines there is a real risk of Significant Harm to an individual, the Response Team shall refer to the applicable privacy legislation to determine whether the Privacy Breach must be reported to the Privacy Commissioner of Canada or a provincial privacy commissioner.

If the Response Team determines that the Privacy Breach must be reported to the Privacy Commissioner of Canada or a provincial privacy commissioner, the Response Team shall provide a Privacy Breach Report to the appropriate commissioner as soon as is feasible after the Privacy Breach, even if not all information is known or confirmed. QHR may add or correct information as it becomes available.

A Privacy Breach Report must be submitted using the approved form, and must contain:

·          a description of the circumstances of the breach, and, if known, the cause;

·          the date, estimated date, or the period during which the breach occurred;

·          a description of the Personal Information that is the subject of the breach to the extent that this information is known, but should not contain the actual Personal Information unless necessary to explain the nature and sensitivity of the information;

·          the number of individuals affected by the breach or, if unknown, the approximate number;

·          a description of the steps that QHR has taken to reduce the risk of harm to affected individuals that could result from the breach or to mitigate that harm;

·          a description of the steps that QHR has taken or intends to take to notify affected individuals of the breach in accordance with applicable legislation;

·          the name and contact information of a person who can answer, on behalf of QHR, the Commissioner’s questions about the breach.

Evaluation and Response

The Response Team shall conduct a thorough review of the Privacy Event and consider whether any administrative, technical, or physical controls need to change or whether a prevention plan for the future should be developed.

·          Any remediation items identified should either be planned for implementation or documented as to why they will not be implemented.

Records

The Privacy Office shall keep Records of all Privacy Events involving Personal Information that QHR controls or that QHR manages on behalf of another party.

Each Record must include:

·          the date, estimated date, or the period during which the Privacy Event occurred;

·          a general description of the circumstances of the Privacy Event;

·          a description of the Personal Information involved in the Privacy Event, but should not contain the actual Personal Information unless necessary to explain the nature and sensitivity of the information;

·          whether or not the Privacy Event was a Privacy Incident or Privacy Breach;

·          if the Privacy Event is classified as a Privacy Breach, whether the Response Team determined there was a real risk of Significant Harm;

·          if the Response Team determines that a Privacy Breach does not pose a real risk of Significant harm, a brief explanation of how the Response Team came to that conclusion;

·          who was notified about the Privacy Event; and

·          a description of the steps that QHR has taken or will take to reduce the risk of harm to the affected individual(s) resulting from the Privacy Event or to mitigate that harm, including steps taken to reduce the chance of a similar Privacy Event occurring in the future.

QHR shall keep records of all Privacy Events for a minimum of two years.


QHR Health Information Network Provider Info Sheet

QHR provides services that enable Health Information Custodians to use electronic means to disclose Personal Health Information to one another. Under the Ontario Personal Health Information Protection Act Regulation, we are therefore considered a “Health Information Network Provider” and are required to provide a plain language description of these services. Below, please find a description of our services that enable Health Information Custodians to disclose PHI to each other electronically.

e-Prescribing

The e-Prescribing service is an alternative means to fax, paper and phone for delivery of a Prescription from a Prescriber to a Pharmacy, as well as for communications between a Prescriber and a Pharmacy.  The ePrescribing service is available for use only where the Prescriber is using an integrated EMR and the Pharmacy is using a compliant Pharmacy Management System or the ePrescribing application.

Secure messaging for e-Prescribing is facilitated by having a unique address for each eligible recipient and sender (which clearly identifies a user, the organization they work for and what e-Prescribing service is being used). Messages are stored in a secure centralized messaging server and only retrieved after a recipient has logged in and is available to review them. A prescription cannot be sent using e-Prescribe if a recipient is not known (your patient must tell you what pharmacy the prescription should be sent to or e-Prescribe cannot be used).

Health information contained within an e-Prescription is communicated in a standard, internationally recognized, format to ensure the message is accurate when received and messages in transit are encrypted so that the message cannot be read until opened by the authenticated user.

Data Sharing

Data Sharing allows Healthcare Providers who are a primary Provider for a patient to receive patient records from a covering Provider who sees their patient, and who is in the same data sharing community. Once the encounter is complete, the patient’s covering Provider can send a message to the primary Provider, sharing notes, prescriptions, and history updates. The patient’s primary Provider is notified and has the option to easily update the patient record. Sensitive data like billing, tasks, messaging, and audit logs remain private. Additionally, data sharing enables the ability for providers within the same data sharing community to find and view records for a patient within the data sharing community. This access is “read only” and is logged. Any encounter notes or changes made to any patient record would be logged as well. It is the responsibility of the clinics participating in a data sharing community to setup an Information Sharing Agreement, or similar document, to govern when it is appropriate to be accessing a patient’s record.

Data Sharing is disabled by default and can only be enabled when an authorized user requests QHR to enable it. Each provider that is joining a data sharing community needs to fill in a sign-up form before QHR will enable this module. If an organization signs up for this module, all patient records of that organization would be part of the data sharing community. Data Sharing also requires Server-Client certificates to be setup for each node in a Data Share Community.  These certificates act to ensure that Data Sharing Requests are fulfilled only by other members of the same community.

General Safeguards

QHR uses various security safeguards to protect Personal Information, which include but are not limited to multi-factor authentication, proactive penetration tests, encryption of data in transit and at rest, active logging, intrusion detection and prevention systems, unique user accounts, role-based access based on need to know policies and ensuring that third parties have similar or better privacy practices than QHR. QHR applies a risk-based approach to determining which controls are required for each instance of Personal Information.

See our Privacy Policy for more information about how we protect your Personal Information.

Definitions

Agent in relation to a Health Information Custodian, means a person that, with the authorization of the custodian, acts for or on behalf of the custodian in respect of Personal Health Information for the purposes of the custodian, and not the agent’s own purposes, whether or not the agent has the authority to bind the custodian, whether or not the agent is employed by the custodian and whether or not the agent is being remunerated.

Authorized Persons means individuals providing services or acting on behalf of QHR who have been granted access to Personal Information on a “need to know” basis, including employees, students, appointees, volunteers, individuals providing services under a contract or agency relationship, health services providers, or others as defined in the relevant legislation.

Collection means gathering, acquiring, receiving or obtaining Personal Information by any means from any source.

Disclosure means to make Personal Information available or to release it to another person or organization.

Health Information Custodian means a health information custodian as defined in Ontario’s Personal Health Information Protection Act.

Personal Health Information is a subset of Personal Information and means information relating to the health of an individual, such as diagnostic, health history and treatment information, as well as drug benefit and provincial health care numbers.

Personal Information means information about an identifiable individual, including non-personal information that is linked to information about an identifiable individual, including, but not limited to:

  • name, address, and contact information, including an identifying number or symbol assigned to an individual;
  • race, ethnic origin, gender or marital status;
  • educational, financial, employment or criminal history;
  • opinions of others about the person;
  • personal views and opinions of a person (unless these are about another person); or
  • Personal Health Information.

Privacy Breach means the loss of Personal Information, unauthorized access to Personal Information, or unauthorized disclosure of Personal Information resulting from a breach of QHR’s security safeguards or policies, or from a failure to establish said safeguards or policies.

Privacy Breach Report means a report made to the Privacy Commissioner of Canada or a provincial privacy commissioner that contains all necessary information as set out in section 11.3 of the Privacy Incident and Breach Management Policy.

Privacy Event includes both Privacy Incidents and Privacy Breaches.

Privacy Incident means an event that violates QHR’s security safeguards or policies and puts Personal Information at risk, but where the loss of Personal Information, unauthorized access to Personal Information, or unauthorized disclosure of Personal Information does not actually occur.

Non-Identifying Information means information that cannot be linked to the identity of an individual by the person in possession of said information.

Record means an internal document that contains all necessary information as set out in section 13.2 of the Privacy Incident and Breach Management Policy.

Response Team means a team of stakeholders from relevant departments with proper authority and access to relevant information to respond to the Privacy Event and shall always include someone from the Privacy Office.

Significant Harm includes bodily harm; humiliation; damage to reputation or relationships; loss of employment, business, or professional opportunities; financial loss; identity theft; negative effects on the credit record; and damage to or loss of property.

Use means to view, handle or otherwise deal with Personal Information.