Rose of Durham is compliant with the principles for privacy incorporated in the federal privacy legislation, Bill C 54 – Personal Information Protection and Electronic Document Act (PIPEDA) – Jan 2004 and the provincial privacy legislation, Personal Health Information Protection Act (PHIPA) – Nov 2004.
1. Principle One – Accountability for Personal Information:
Rose of Durham is responsible for personal information under its custody or control and has a designated privacy officer, who is accountable for the organization’s compliance with the following principles.
2. Principle Two – Identifying purposes for collecting personal information:
At or before the time personal information is collected, Rose of Durham will identify the purposes for which personal information is collected, used, disclosed, and retained. These would include delivery of direct client care; the administration of the organization and the health care system; education, research; and statistics; and the compliance with legal and regulatory requirement.
3. Principle Three – Consent for collection, use and disclosure of personal information:
The knowledge and consent of the individual are required for the collection, use or disclosure of personal information, except where applicable by law.
4. Principle Four – Limiting collection of personal information:
Rose of Durham will limit the collection of personal information to that which is necessary for the purposes identified. Information will be collected by professional, fair and lawful means.
5. Principle Five – Limiting use, disclosure and retention of personal information:
Personal information will not be used or disclosed for purposes other than those for which it was collected, except with the prior consent of the individual or as required by law. Personal information will be retained for a specified length of time defined in our Policy on Record Retention.
6. Principle Six – Accuracy of Personal Information:
Personal information will be as accurate, complete, and up-to-date as necessary to fulfill the purposes for which it is to be used.
7. Principle Seven – Safeguards for personal information:
Security safeguards appropriate to the sensitivity of the information will protect personal information. All access to information is limited to designated employees who require access based on function. Electronic information is password protected, and Hard Copy information is stored in secure/locked filing cabinets, etc.
Rose of Durham will make readily available to individuals, specific information about its policies and practices relating to management of personal information.
9.Principle Nine – Individual access to information:
Upon receipt of a written/signed release of information form, an individual will be informed of the existence, use and disclosure of his or her personal information and will be given access to that information. An individual will be able to challenge the accuracy and completeness of the information and have it amended as appropriate.
An individual will be able to address a challenge concerning compliance with the above principles to the Privacy Officer or appropriate designated individual.
For questions or concerns relating to privacy at Rose of Durham please contact us.