Privacy FAQ

SLFNHA PRIVACY FAQ

1. What are Privacy and Confidentiality?

Privacy – is the individuals’ right to control their private information from the collection, use, access and disclosure of their information.

Confidentiality – is the right of an individual to have their personal health/ identifiable information kept private. It is the responsibility of SLFNHA and our Staff to secure the Personal Health Information (PHI)/Personal Information (PI) in our custody, and to keep the information private between the service provider and the client. And also, to handle it securely, that includes keeping the information/files locked and secured at all the time.

2. Why is it important to SLFNHA?

SLFNHA is aware that without proper organization-wide practices of privacy, security and safeguard, the basic rights of our clients are at risk. And we are aware of the consequences of violating our clients’ trust, which costs our organization’s reputation. So, we collaboratively follow the privacy and security culture in our organization.

3. What is PHI – Personal Health Information and PI – Personal information?

PHI - Any identifiable individual’s information (oral/written/recorded) associated with their healthcare is defined as personal health information. For instance, the information that has an individual’s identifiable information along with their service-provided or health card number or insurance details or their medical history or any medical reports are personal health information.

PI – Any information that identifies an individual or for which it is reasonably foreseeable in the circumstances that it could be utilized, either alone or with other information, to identify an individual. For instance, an individual name along with demographic data, age, dates related to birth or death, personal contact information, driver’s license number, status treaty number, employee’s employment-related information or social insurance number are all examples of personal information.

4. What is not a Private information PHI or PI?

Any general or non-identifiable information like job title, business address, business contact number or common area codes that do not identify any specific individual or community is not private information.

5. What PHI does SLFNHA collects?

We collect personal health information about you either directly from you or from a person designated to make care decisions on your behalf. We collect PHI in order to provide you with health care by us or to assist in the provision of healthcare to you by other healthcare providers. The personal health information that we collect may include your name, date of birth, address, treaty number, health history, other records of your visits, the care that you received either at Sioux Lookout First Nations Health Authority or from other healthcare providers and the care you received during those visits. Occasionally, we collect personal health information about you from other sources if we have obtained your consent to do so or if the law permits us to do so. We make sure that only those people who need to see your personal health records are allowed to look at them. We protect your Personal Health Information / Personal Identifiable Information through our privacy policies and by adopting appropriate safeguards and security measures.

6. For what purposes SLFNHA uses my PHI?

We may use and disclose your PHI:

  • To communicate with your various health care providers including your family physician, allied health providers, nursing station staff and/or other health care institutions for continuity of care, to treat/support and care for you (unless you tell us otherwise)

  • For the purpose of obtaining payment or processing, monitoring, verifying or reimbursing claims for payment for the provision of health care or related goods and services. (e.g. from OHIP, NIHB, WSIB, your private insurer, or other payers)
  • To plan, administer and manage our internal operations; deliver programs and services, and to conduct risk management activities
  • To conduct quality improvement activities (such as sending client satisfaction surveys)
  • To teach, conduct research (only under strict rules overseen by a the SLFNHA research ethics board) and compile statistics
  • To contact a relative, friend or alternate decision-maker, if the client is unable to make decision
  • For funding purposes to improve our programs and services
  • To fulfill other purposes as permitted or required by law or by a treaty, agreement or arrangement made under an Act.
  • To comply with legal and regulatory requirements

7. How is my Private information PHI/PI protected by SLFNHA?

  • We ensure that all SLFNHA staff are provided with Privacy and confidentiality Training upon hire.
  • We take privacy and security seriously, so we take appropriate steps to protect your PHI/PI from theft, loss and unauthorized access, copying, modification, use, disclosure and disposal
  • We ensure that electronic access to PHI/PI is protected through the use of strong encryption and password protection
  • We ensure that the location of written PHI/PI is retained, transferred and disposed of securely.
  • We conduct regular audits and complete investigations to monitor and manage our privacy and confidentiality compliance
  • We take appropriate steps to ensure that everyone who performs services for us to protect your privacy and only use your PHI or your PI for the purposes you have consented to us.

8. Can I access my PHI/PI Records?

Yes, you may access and correct your PHI/PI or withdraw or withhold your consent by contacting us (subject to legal exceptions).

9. Can I access my Spouse Records?

You cannot access your spouse’s record unless you are the substitute decision-maker for your spouse, or your spouse has provided us with the written informed consent to release such information to you

10. Can anyone working at SLFNHA access my PHI/PI record?

No, only SLFNHA staff who are involved in your treatment services or program care will have access to your record. And we make sure that only those people who need to see your personal health records are allowed to look at them. We protect your Personal Health Information and your Personal Identifiable Information through our privacy and confidentiality policies, privacy code of conduct and signed the oath of confidentiality agreements with the staff as a condition of their employment. And also, by adopting appropriate safeguards and security measures like locked filing cabinets, restricted access to offices, the use of strong passwords, limiting access to our HIS(Health Information System) on a “need-to-know” basis, following secure PHI/PI transfer, secure disposal or destruction procedures, logging, auditing, monitoring, training to staff, and by Privacy Impact Assessments(PIA).

11. How will I know if someone accessed my information, without the appropriate access consent/permission?

The SLFNHA Privacy Office conducts regular privacy audits and if we found any unauthorized access on your information, then as per our privacy policy and procedure we will investigate the situation immediately and notify you.

12. What is a Privacy or Security Breach?

Any unauthorized access or disclosure, or disposal or retention or loss of Personal health information or Personal Information is deemed to be a Privacy or Confidentiality Breach. SLFNHA takes privacy seriously, so any considerable privacy or confidentiality breaches will have subsequent consequences.

13. What are some causes of Privacy Breaches and Incidents?

  • Snooping: Looking-into any individual’s record who is not in your care
  • Misdirected/Wrong faxes: Client’s record faxed to an unintended individual or wrong number
  • Unauthorized access: Accessing Client’s information who is not in your care
  • Unauthorized disclosure: Talking about a client’s information to your family member or other members/staff
  • Cyber-attacks or Lost or Stolen Information: loss or theft of portable devices with client’s Personal Health Information/Personal Information

14. Where can I find more information on SLFNHA’s Privacy rights and protection?

You can find more information from SLFNHA’s Privacy Statement or Privacy Policy or you can get more information by sending your questions/concerns to our SLFNHA’s Privacy Office Email at privacy@SLFNHA.com

15. What if I have a complaint or concern related to privacy?

For more information about our privacy protection practices, or to raise a concern with our practices, please contact us at:

By mail:

Kiruthika R, Privacy Officer
Sioux Lookout First Nations Health Authority,
P.O. Box 1300, 61 Queen St,
Sioux Lookout,
ON P8T 1B8
 

By telephone:

807-737-3933

By email:

privacy@SLFNHA.com / Kiruthika.Radhakrishnan@SLFNHA.COM

You also have the right to complain to the Information and Privacy Commissioner of Ontario, if you think we have violated your rights.

The commissioner can be reached as follows:

Information and Privacy Commissioner of Ontario:
2 Bloor Street East, Suite 1400,
Toronto, Ontario M4W 1A8.
Phone: 416-326-3333 / 800-387-0073 | Fax: 416-325-9195 | TTY: 416-325-7539
Email: info@ipc.on.ca / commissioner@ipc.ca