In Ontario, personal health information (PHI) includes any and all information related to the provision of health care for an individual's physical or mental health. Such as:
personal identification information
plans of service
eligibility for health care
information regarding body parts or substances
This also includes any other information not specifically listed that can identify the individual or a substitute decision-maker who acts on the individual’s behalf.
PHIPA’s Basic Principles of Collection, Use and Disclosure
Under PHIPA, clinics in Ontario must follow a set of basic principles when they are collecting, using or disclosing PHI. These are:
Only collect, use or disclose PHI if the individual consents or if required by PHIPA.
Do not collect, use or disclose PHI if other information will serve the purpose.
Do not collect, use or disclose more PHI than necessary to meet the purpose.
For marketing purposes, express consent is required.
You may ask for consent to collect, use or disclose information for fundraising purposes, and if you limit information to name and mailing address and you provide an easy way to opt out, you may assume implied consent.
Limit collection of health numbers to purposes related to provincially-funded health resources, explicit disclosure by the individual, official purposes of health professionals, health administration, planning or research.
Collect PHI directly from the individual unless otherwise impossible. If you must collect PHI indirectly, consult PHIPA on acceptable reasons and parameters.
INFORMATION COLLECTION, USE, AND SHARING
We are the sole owners of the information collected on this site. We only have access to/collect information that you voluntarily give us via email or other direct contact from you. We will not sell or rent this information to anyone.
We will use your information to respond to you, regarding the reason you contacted us.
We will not share your information with any third party outside of our organization, other than as necessary to fulfill your request (i.e. providing the therapist to whom we have made the referral the information you have provided to us).
Unless you ask us not to, we may contact you via email (or phone, if provided) in the future to follow-up about your experience with the referral directory. We may also contact the referred therapist to inquire about whether contact has been made to help ensure adequate service.
YOUR ACCESS TO AND CONTROL-OVER INFORMATION
You may opt out of any future contacts from us at any time. You can do the following at any time by contacting us via the phone number or contact form given on our website:
See what data we have about you, if any.
Change/correct any data we have about you.
Have us delete any data we have about you.
Express any concern you have about our use of your data.
The OPC Referral Directory securely stores your information (name, email and phone if provided) for a minimum of 2 years; at which point it will be securely destroyed.
We take precautions to protect your information. When you submit sensitive information via the website, your information is protected both online and offline.
Sensitive information is encrypted and transmitted directly to our referral agents in a secure way. You can verify this by looking for looking for “https” at the beginning of the address of the web page.
If you have contacted us through the website and provided your email as a form of communication the OPC Referral Directory agents may contact you via email and send your request to the referred therapist via email. We take every precaution to ensure the safety of your personal information, but cannot guarantee this form of communication. Therefore, you, the client, agree to assume the risks inherent in this form of communication by submitting through our website and providing email contact information.
While encryption is used to protect sensitive information transmitted online, we also protect your information offline. Only employees who need the information to perform a specific job (making and following up about your referral request) are granted access to personally identifiable information. The computers/servers in which we store personally identifiable information are kept in a secure environment.
You can also contact the Office of the Privacy Commissioner of Canada by following this link https://www.priv.gc.ca/en/contact-the-opc/