"Personal health information" has the meaning given to it by applicable law (if any), and in any event includes information about an individual that (i) relates to the physical or mental health of the individual (including, but not limited to, the individuals medications and doses, medical conditions, allergies and intolerances, and information that consists of the health history of the individual's family), and (ii) relates to the providing of healthcare to the individual (including the identification of a person as a provider of healthcare to the individual), or (iii) relates to payments for healthcare, in respect of the individual. For example, personal health information includes information about an individual's medications, the healthcare services the individual receives, payments for healthcare services for the individual, and messages between an individual and a healthcare provider.
In Ontario, myPillCard is subject to Ontario's Personal Health Information Protection Act, 2004 (the "PHIPA"). Under PHIPA, when we provide services to Ontario healthcare providers and they or their patients provide personal health information to us in relation to those services, we act as an "agent" under PHIPA to that healthcare provider (in that healthcare provider's capacity as a health information custodian under PHIPA).
We also provide services to healthcare providers in other jurisdictions, and in the course of providing those services may collect personal information, including personal health information, from them in order to provide services to them. Our collection, use and disclosure of that personal information are subject to all applicable laws.
We also provide services to individuals directly, and in the course of providing those services may collect personal information, including personal health information, from those individuals in order to provide services to them. Our collection, use and disclosure of that personal information are also subject to all applicable laws.
We collect personal information to provide you with services and support, establish contractual relationships and process payments. For example, we require your name and email address in order to provide you with access to our website. We will only ask you to provide the information required to complete your request or improve your service. You can always choose not to disclose information, but this may make it impossible for us to provide you with a particular service.
In some cases, we collect and use information provided by healthcare providers about their patients to provide services to the healthcare provider. As described above, we use this information to assist the healthcare provider in the provision of healthcare. A plain-language description of the services we provide is available at the end of this Privacy Statement.
In other cases, we collect and use information provided by individuals to provide them with services related to their healthcare. This can be information we collect on behalf of the individual's healthcare provider (for example, personal information provided to us by a patient after being invited by a healthcare provider to use our services), or it can be information we collect from the individual for use in our delivery of services directly to the individual, on his or her own behalf. For example, we collect your name, email address and other demographic information to create your account.
To provide, maintain and improve our services, we also collect monitoring and auditing data in order to analyze, support and improve our services. For example, we may automatically track certain information about your visits to our website, such as your geographic location, computer type and the site from which you discovered us. We aggregate and/or anonymize this data before using or disclosing it. We do not collect personal health information for these purposes.
We will not sell, lease or trade your personal information to any third parties.
If you are an individual using our services, we may disclose your personal information to the healthcare providers to which you give access to that personal information in the course of using our services. For example, if you request or establish a relationship with a pharmacist for our service, your pharmacist and the pharmacy staff may disclose your personal information in order to verify your medication record, and communicate recommendations with other healthcare providers within the circle of care.
We may from time to time use the services of affiliates, subsidiaries and unrelated service providers in the operation of our services, and may disclose your personal information to them in the course of our use of their services. For example, we may use the services of third-party hosting companies. This may involve the hosting of data, including personal information, on servers operated by those hosting companies. We take care to use only service providers that we believe are reputable and able to live up to our and your expectations, including about the handling of personal information.
We cooperate with law enforcement inquiries and demands for information that are made under force of law. Therefore, we may disclose your personal information (a) to any governmental authority as part of an investigation to determine our compliance with any applicable law, rule, or regulation (including privacy laws, rules, and regulations), (b) in response to a court order, subpoena, discovery request, or other lawful judicial or administrative proceeding, or (c) as otherwise required under any applicable law, rule, or regulation.
We may also disclose personal information to the acquirer or its agents in the course of the sale of our business. If we do this, the disclosure will be subject to confidentiality arrangements customary in such transactions.
Finally, please note that in some cases, information (not including personal health information) that we collect may be stored or processed outside of Canada. In such cases, we continue to protect the information with appropriate safeguards, but it may be subject to the legal jurisdiction of those countries and governmental authorities in those countries.
As a user of our services, you agree that you will adhere to the best practices described below to safeguard your personal information. If you are a healthcare provider, you also agree to ensure that your employees and agents adhere to these practices to protect your information and your patients' information.
Specifically, you agree to:
You have the right to access and verify the personal information associated with your account. You may also request changes to your personal health information online, a healthcare representative will respond to your request within thirty days.
We will not provide patients with access to information that we collect or use on behalf of their healthcare provider and that would not generally be accessible to a patient user through the use of our services. Requests for access to this information should be directed to the applicable healthcare provider, who may in turn request the information from us.
If you identify inaccuracies in our personal information, we will make an appropriate change in accordance with your instructions. If we are unable to change your information and you disagree with our decision, we will note your opinion in your file.
We respect your right to withdraw consent to the collection, use and disclosure of your personal information, subject to legal and contractual restrictions and reasonable notice. Upon receipt of a consent directive from an individual or their authorized representative, we will act on your instruction and, if applicable, inform the appropriate health information custodian of the implications. Withdrawing consent for the collection and use of your personal information may limit our ability to provide you with services.
You should direct any questions or concerns about our policy and practices and any access or correction requests to our Chief Privacy Officer:
Chief Executive Officer (Penny Guimont)
2449 Shelter Valley Road
Grafton, ON K0K 2G0
Our services are conducted by health professionals, for patients and/or caregivers, and to assist health professionals in the provision of healthcare. They include:
If you, as a patient or caregiver, have any questions or concerns about these services, please contact us using the information above.