top of page

POLICIES AND PROCEDURES

    1. React Home Physiotherapy’s is committed to collecting, using and disclosing personal information responsibly and only to the extent necessary for the services provided.

    1. The purpose of this statement is to describe React Home Physiotherapy’s privacy policy.

    1. This statement applies to Management, Owner and all Employees or Contractors of React Home Physiotherapy.

    1. Personal Information: is the information about an identifiable individual. Personal information includes information that relates to their personal characteristics (e.g. Sex, age, home address or phone number) or their health (e.g. health history, health conditions, health services received by them). Personal information is different than business information (e.g. an individual’s business address and telephone number), which is not protected by privacy legislation.

    2. Privacy Officer is the person at React Home Physiotherapy who is responsible to:

      1. Encourage compliance with the ten principles for the protection of privacy and other provisions of the personal information protection act (PIPA)

      2. Respond to requests for access to and correction of personal information and general issues concerning personal information and,

      3. Work with the information and privacy commissioner during the investigation of a privacy complaint against the organization

    3. Dylan Parsons as the owner of React Home Physiotherapy is the designated privacy officer, Phone number (780) 920-3239.

    1. All staff are responsible for following the procedure in this policy for the purpose of the collection, use, and disclosure of client information.

    2. Management is responsible for ensuring the compliance of all staff with this policy.

    3. The Privacy officer is responsible for the education and compliance auditing of all staff and for ensuring all company policies follow the applicable regulations and college standards for client confidentiality.

    1. Primary purpose for collecting information

      1. React Home Physiotherapy Collects, uses and discloses personal information in order to serve clients. For clients, the primary purpose for collecting personal information is to provide treatment.

      2. React Home Physiotherapy collects information about a client’s health history, including family history, physical condition, function and social situation in order to assess health needs, to advise of options and to provide the health care clients choose to receive.

      3. A second primary purpose is to obtain a baseline of health and social information so that in providing ongoing health services React Home Physiotherapy can identify changes that are occurring over time.

      4. On React Home Physiotherapy’s website React Home Physiotherapy only collects, with the exception of cookies, the personal information provided, and only uses that information for the purpose for which it was given. Cookies are only used to help the public navigate the website and are not used to monitor members of the public.

      5. For people who are contracted to do work for React Home Physiotherapy (e.g. Contractors or temporary workers), the primary purpose for collecting personal information is to ensure that React Home Physiotherapy can contact them in the future and for necessary work-related communication. Examples of the type of personal information React Home Physiotherapy collects for those purposes include home address and telephone number.

    2. Secondary Purpose for Collecting Information

      1. React Home Physiotherapy also collects, uses and discloses information for purposes related to or secondary to its primary purpose. The most common examples of related and secondary purposes are as follows:

      2. To Invoice clients for services;

      3. To advise clients that their service should be reviewed;

      4. To advise clients and others of special events or opportunities (e.g. a seminar or development of a new service) that we have available.

      5. React Home Physiotherapy reviews client and other files for the purpose of ensuring high quality services, including assessing the performance of employees. In addition, external consultants (e.g. auditors, lawyers, practice consultants, voluntary accreditation programs) may on React Home Physiotherapy’s behalf perform audits and continuing quality improvement reviews including reviewing client files.

      6. Clients or other individuals may have questions about React Home Physiotherapy’s services after they have been received. React Home Physiotherapy also provides ongoing services for some clients over a period of months or years for which previous records are helpful. React Home Physiotherapy retains client information for a minimum of ten years after the last contact to enable React Home Physiotherapy to respond to those questions and provide these services

      7. If React Home Physiotherapy or its assets were to be sold, the purchaser would want to conduct a “due diligence” review of React Home Physiotherapy’s records to ensure that it is a viable business that has been honestly portrayed for the purchaser. This due diligence may involve some review of accounting and service files. The purchaser would not be able to remove or record personal information. Before being provided access to the files, the purchaser provides a written promise to keep all personal information confidential. Only reputable purchasers who have already agreed to buy the organization’s business or its assets are provided access to personal information, and only for the purpose of completing their due diligence search prior to closing the purchase.

    3. Protecting Personal Information

      1. React Home Physiotherapy understands the importance of protecting personal information. For that reason, it has taken the following steps:

      2. Paper copies of personal information is transmitted through sealed addressed envelopes or boxes by reputable companies.

      3. Staff is trained to collect, use, and disclose personal information only as necessary to fulfill their duties and in accordance with our Privacy Policy.

      4. External consultants and agencies with access to personal information enter into a confidentiality agreement with React Home Physiotherapy.

      5. All paper copies will be stored in a locked cabinet accessible solely to the Privacy Officer and any treating practitioners.

      6. Practitioners employed or contracted by React Home Physiotherapy are often required to visit client’s homes and may be required to bring client information from multiple clients with them. In this event the following steps will be taken to:

        1. All files will be kept in an opaque container that has the ability to seal (e.g. a backpack or satchel).

        2. The container containing client files is to remain with the practitioner at all times and must remain sealed unless retrieving items from the container.

        3. In the event that the container is stolen or goes missing, the practitioner is to immediately report the breach to the Privacy Officer.

    4. Reporting Privacy Breaches

      1. A Privacy Breach occurs when there is unauthorized access to or collection, use or disclosure of personal information. Such activity is “unauthorized” if it occurs in violation of applicable privacy legislation such as PIPA. A Privacy breach may also be a consequence of faulty business procedure or operational breakdown.

      2. Some of the most common privacy breaches happen when personal information of patients, clients and employees is stolen, lost or mistakenly disclosed. For example, a computer containing personal information is stolen or personal information is emailed to the wrong person.

      3. When a privacy breach has occurred, or it is unclear as to whether a breach has occurred, the individual making the discovery must immediately inform the Privacy Officer.

      4. Steps should be taken to contain the breach if it is within the individuals power to do so. This may be done by stopping the unauthorized practice, recovering the records or shutting down a system.

      5. The event report process is utilized to determine the root cause and corrective actions to prevent future occurrences.

      6. The Privacy Officer will follow these key steps in responding to a privacy breach:

        1. Contain the Breach and perform a preliminary assessment including determining who needs to be made aware of the incident internally and externally.

        2. Evaluate the risks associated with the breach by considering the following factors:

        3. The type of personal information involved.

        4. The cause and extent of the breach.

        5. The individuals affected by the breach.

        6. The foreseeable harm from the breach.

        7. Develop a prevention plan and put in place corrective actions for the prevention of future breaches.

        8. Notify the appropriate regulatory governing body and clients affected by the breach.

      7. React Home Physiotherapy, acting as the Health Information Custodian, must notify the client of the loss, theft, unauthorized use, collection or disclosure of their personal information. In addition, React Home Physiotherapy must inform the client they are entitled to make a complaint to the privacy commissioner as per PHIPA, Part 2 schedule 12.s(2).

    5. Client Access to information

      1. With only a few exceptions, clients have the right to see their personal information and React Home Physiotherapy will provide access to clients upon request.

©2020 by Reactphysio.ca. Proudly created with Wix.com

bottom of page