PHIPA POLICY

Privacy Policy:
Jessica O’Connor Social Work Professional Corporation, Vault Mental Health Inc.

 Effective Date: May 1, 2012

Purpose of This Privacy Policy

Protecting the privacy and confidentiality of client personal information is important to us. Jessica O’Connor Social Work Professional Corporation, Vault Mental Health Inc. (herein referred to as “We” and “Our”), maintains a commitment to privacy in the handling of personal information provided by and about individuals and families. The terms of this Notice of Privacy Practices apply to Jessica O’Connor Social Work Professional Corporation, Vault Mental Health Inc., and its current or future affiliates, employees, and representatives. Please note that for the purposes of psychotherapy treatment, information below may relate to the personal health information of the child, parent/guardian, or other participating individual in Psychotherapy and/or Social Work services, including in-person and virtually.

Our Privacy Policy attests to our commitment to privacy and demonstrates the ways we ensure that client privacy is protected. Our Privacy Policy applies to the personal health information of all our patients that is in our possession and control, and maintains compliance with the Ontario Personal Health Information and Protection Act (PHIPA).

What is Personal Health Information?

Personal health information means identifying information about an individual relating to their physical or mental health (including medical history), the providing of health care to the individual, payments or eligibility for health care, organ and tissue donation and health number.

Our Privacy Policy reflects our compliance with fair information practices, applicable laws and standards of practice.

Why We Collect Information

We ask you for information to establish a relationship and serve your, your child’s needs. We obtain most of our information about you directly from you, and we may also gather information from other health practitioners whom you have seen and authorized to disclose to us. You are entitled to know how we use your information. We will limit the information we collect to what we need for the purposes of providing services, and we will use it only for those purposes. We will obtain your consent if we wish to use your information.

Consent and Confidentiality

You have the right to determine how your personal health information is used and disclosed. For most health care purposes, your consent is implied as a result of your consent to treatment, however, in all circumstances express consent must be written. Your written Consent to services or to disclosure of PHI (personal health information) will be documented in the identified client’s file. Clients who have withdrawn consent to disclose PHI must sign and date their written request. It is understood that the consent directive applies only to the PHI which the patient has already provided, and not to PHI which the patient might provide in the future.

Exceptions to Confidentiality

PHIPA permits certain collections, uses, and disclosures of the PHI without your consent. We are permitted and/or required by law to make disclosures of your protected health information without your consent or authorization for the following: Any purpose required by law; • Public health activities such as disease, injury, or death, or in connection with public health investigations; If we suspect child abuse, neglect, or domestic violence; To a government oversight agency or governing body conducting audits, investigations, civil or criminal

proceedings; Court or administrative ordered subpoena or discovery request; Suspected elder abuse or neglect, or suspected abuse or neglect of a dependent adult; To coroners and/or funeral directors consistent with law; and • To certain programs such as Veteran’s Affairs Canada or Victim’s Services, if you are receiving psychotherapy services funded by them.

Limiting Collection

We collect information by fair and lawful means and collect only that information which may be necessary for purposes related to the provision of your or your child’s care.

Limiting Use, Disclosure and Retention

The information we request from you is used for the purposes defined. We will seek your consent before using the information for purposes beyond the scope of the posted Privacy Statement. There are some types of disclosure of your personal health information that may occur as part of this Practice fulfilling its routine obligations and/or practice management. This includes consultants, supervisors, and clinical records holders for the Practice, on the understanding that they abide by our Privacy Policy, and only to the extent necessary to allow them to provide business services or support to this Practice. We will retain your information securely for the amount of time required, and then it will be destroyed.

Accuracy

We endeavour to ensure that all decisions involving your personal information are based upon accurate and timely information. While we will do our best to base our decisions on accurate information, we rely on you to disclose all material information and to inform us of any relevant changes.

Protecting Your Information

We protect your information with appropriate safeguards and security measures. The Practice maintains personal information mostly in electronic files. Electronic files are housed with Owl Practice, a secure online clinical records system that is PHIPA compliant. However, some minimal paper records concerning individuals’ personal information are stored in files kept onsite at our office, in a locked cabinet. Access to personal information will be authorized only for the owner and any employees associated with the Practice, and other agents who require access in the performance of their duties, and to those otherwise authorized by law. We provide information to health care providers acting on your behalf, on the understanding that they are also bound by law and ethics to safeguard your privacy. Other organizations and agents must agree to abide by our Privacy Policy and may be asked to sign contracts to that effect. We will give them only the information necessary to perform the services for which they are engaged, and will require that they not store, use or disclose the information for purposes other than to carry out those services. Our computer systems are password-secured and constructed in such a way that only authorized individuals can access secure systems and databases. If you send us an e-mail message that includes personal information, such as your name included in the “address”, we will use that information to respond to your inquiry. Please remember that e-mail is not necessarily secure against interception. If your communication is very sensitive, you should not send it electronically unless the e-mail is encrypted or your browser indicates that the access is secure.

If you have any additional questions or concerns about privacy, we invite you to contact us and we will address your concerns to the best of our ability.

Breach of Privacy

We will notify you in the event a breach occurs involving or potentially involving your unsecured health information.

Access and Correction

With limited exceptions, we will give you access to the information we retain about you within a reasonable time, upon presentation of a written request and satisfactory identification. We may charge you a fee for this service and if so, we will give you notice in advance of processing your request. If you find errors of fact in your personal health information, please notify us as soon as possible and we will make the appropriate corrections. We are not required to correct information relating to clinical observations or opinions made in good faith. You have a right to append a short statement of disagreement to your record if we refuse to make a requested change. If we deny your request for access to your personal information, we will advise you in writing of the reason for the refusal and you may then challenge our decision.

Challenging Compliance

We encourage you to contact us with any questions or concerns you might have about your privacy or our Privacy Policy. We will investigate and respond to your concerns about any aspect of our handling of your information. In most cases, an issue is resolved simply by telling us about it and discussing it. You can reach us at: Jessica O’Connor (705) 503-9699, info@vaultmentalhealth.com If, after contacting us, you feel that your concerns have not been addressed to your satisfaction, you have the right to complain to the Information and Privacy Commissioner/Ontario. The Commissioner can be reached at: Information and Privacy Commissioner of Ontario, 2 Bloor Street East, Suite 1400 Toronto, ON M4W 1A8 Telephone: 416-326-3333 • 1-800-387-0073 Fax: 416-325-9195 TTY: 416-325-7539 Website: www.ipc.on.ca

If there is a discrepancy between this Policy and PIPEDA, FIPPA or PHIPA, the regulations made under those Acts, or with the Agency’s Regulation, the legislation or regulation take precedence.