We're Open! Please Read Our COVID-19 Service Impact Statement
We're Open! Please Read Our COVID-19 Service Impact Statement
Commitment to Privacy
The appropriate collection, use and disclosure of patients’ personal health information is fundamental to our day-to-day operations and to patient care.
Protecting the privacy and the confidentiality of patient personal information is important to Grand River Foot & Orthotics Clinic.
We strive to provide our patients with excellent medical care and service. Every client of Grand River Foot & Orthotics Clinic must abide by our commitment to privacy in the handling of personal information. This policy was last modified on the January 12, 2020.
What is Personal Health Information?
Personal health information means identifying information about an individual relating to their physical or mental health (including medical history), the providing of health care to the individual, payments or eligibility for health care, organ and tissue donation and health number.
Cookies are widely used and most web browsers are configured initially to accept cookies automatically. You may change your Internet browser settings to prevent your computer from accepting cookies or to notify you when you receive a cookie so that you may decline its acceptance. Please note, however, if you disable cookies, you may not experience optimal performance of our website.
The 10 Principles of Privacy
2. Identifying Purposes: Why We Collect Information
We ask you for information to establish a relationship and serve your medical needs.
We obtain most of our information about you directly from you, or from other health practitioners whom you have seen and authorized to disclose to us. You are entitled to know how we use your information and this is described in the Privacy Statement posted at Grand River Foot & Orthotics Clinic. We will limit the information we collect to what we need for those purposes, and we will use it only for those purposes. We will obtain your consent if we wish to use your information for any other purpose.
You have the right to determine how your personal health information is used and disclosed. For most health care purposes, your consent is implied as a result of your consent to treatment, however, in all circumstances express consent must be written.
Your written Consent will be obtained at your first visit and stored electronically in your medical record.
Patients who have withdrawn consent to disclose PHI must sign and date the Consent to Withdrawal Form. It is understood that the consent directive applies only to the PHI which the patient has already provided, and not to PHI which the patient might provide in the future: PHIPA permits certain collections, uses, and disclosures of the PHI, despite the consent directive; healthcare providers may override the consent directive in certain circumstances, such as emergencies; and the consent directive may result in delays in receiving health care, reduced quality of care due to healthcare provider’s lacking complete information about the patient, and healthcare provider’s refusal to offer non-emergency care.
Your written Consent to Withdrawal Form will be stored electronically in your medical file.
4. Limiting Collection
We collect information by fair and lawful means and collect only that information which may be necessary for purposes related to the provision of your medical care.
5. Limiting Use, Disclosure and Retention
The information we request from you is used for the purposes defined. We will seek your consent before using the information for purposes beyond the scope of the posted Privacy Statement.
We will retain your information only for the time it is required for the purposes we describe and once your personal information is no longer required, it will be destroyed. However, due to our on-going exposure to potential claims, some information is kept for a longer period.
We endeavour to ensure that all decisions involving your personal information are based upon accurate and timely information. While we will do our best to base our decisions on accurate information, we rely on you to disclose all material information and to inform us of any relevant changes.
7. Safeguards: Protecting Your Information
We protect your information with appropriate safeguards and security measures. Grand River Foot & Orthotics Clinic maintains personal information in web-accessed electronic files. All data is backed up daily across multiple storage sites using 2048 bit SSL certification for encryption in transit. All data is also encrypted at rest and backed up daily using the industry standard AES-256 encryption algorithm.
The hosting facility has achieved the following accreditations and certifications:
PCI DSS Level 1 (Payment Card Industry Data Security Standard), ISO 27001 (Information Security Management System), FIPS 140-2 (United States Federal Information Processing Standard).
Access to personal information will be authorized only for the Chiropodist and employees associated with the Practice, and other agents who require access in the performance of their duties, and to those otherwise authorized by law.
We provide information to health care providers acting on your behalf, on the understanding that they are also bound by law and ethics to safeguard your privacy.
Our computer systems are password-secured, and electronic records require 2-step authentication to gain access.
If you send us an e-mail message that includes personal information, such as your name included in the "address", we will use that information to respond to your inquiry. Please remember that e-mail is not necessarily secure against interception. If your communication is very sensitive, you should not send it electronically unless the e-mail is encrypted or your browser indicates that the access is secure.
8. Openness: Keeping You Informed
If you have any additional questions or concerns about privacy, we invite you to contact us by phone and we will address your concerns to the best of our ability.
9. Access and Correction
With limited exceptions, we will give you access to the information we retain about you within a reasonable time, upon presentation of a written request and satisfactory identification.
We may charge you a fee for this service and if so, we will give you notice in advance of processing your request.
If you find errors of fact in your personal health information, please notify us as soon as possible and we will make the appropriate corrections. We are not required to correct information relating to clinical observations or opinions made in good faith.
You have a right to append a short statement of disagreement to your record if we refuse to make a requested change.
If we deny your request for access to your personal information, we will advise you in writing of the reason for the refusal and you may then challenge our decision.
10. Challenging Compliance
In most cases, an issue is resolved simply by telling us about it and discussing it. You can reach us at:
Kyle Wagler, Chiropodist
Grand River Foot & Orthotics Clinic
129 Park St.
Waterloo, Ontario, N2Y 1Y4
If, after contacting us, you feel that your concerns have not been addressed to your satisfaction, you have the right to complain to the Information and Privacy Commissioner/Ontario. The Commissioner can be reached at:
2 Bloor Street East