Protection of Privacy
As a QHC patient, you can expect that your privacy will be respected. We take steps to protect your personal health information from theft, loss, unauthorized access or use.
We collect your personal health information directly from you or from the person acting on your behalf. This may include your contact information, medical history, records of the care you received during prior hospital visits, etc. We may also collect personal health information about you from other sources if we have obtained your consent or if the law permits.
We use and disclose your personal health information as necessary to:
- Treat and care for you;
- Get payment for your treatment from OHIP, WSIB, your insurer, and others;
- Plan and manage the hospitals and our services;
- Compile statistics;
- Conduct quality improvement activities, such as sending you a patient satisfaction survey; and
- Comply with legal and regulatory requirements.
We also disclose your mailing address to our Foundations so that they may conduct fundraising to improve our services.
All other personal information will be used, maintained, disclosed and disposed of in accordance with applicable legislation, including the Freedom of Information and Protection of Privacy Act and the Personal Health Information Protection Act (PHIPA). PHIPA came into force on November 1, 2004 as Ontario's health-specific privacy legislation. This Act governs the manner in which personal health information may be collected, used and disclosed within the health care system. It also regulates individuals and organizations that receive personal information from health care professionals.
If you have a concern or question about the protection of your personal information at Quinte Health Care, please contact the Privacy Officer.
What is Personal Information?
"Personal Information" is defined as recorded information about an identifiable individual, including regarding his or her, gender, home address, race, medical history, results of medical tests, current or previous diagnosis, identifying numbers (e.g. Health Care number, Social Insurance Number, employee number, etc.), financial or employment information.
Personal Information Banks
A Personal Information Bank (PIB) is any collection of personal information that is organized and capable of being retrieved by an individual's name or other identifier, such as Ontario Health Card number. PIBs can be electronic files, paper files or a combination of both.
QHC's Index of Personal Information Banks provides details on the type of personal information maintained by the hospitals, where it is located, how it is used, to whom it is disclosed and how long it is retained. Contact the Freedom of Information Coordinator if you have any questions about Personal Information Banks.
Correction of Personal Information
If you believe that the personal information we have recorded about you is inaccurate or incomplete, you can:
- Raise this with your care provider;
- Make an informal request for QHC to change your information (e.g., to update your address);
- Make a formal request through the Freedom of Information Coordinator by following these steps:
- Put your request to correct your personal information in writing. Indicate the desired correction and, if applicable, provide supporting documentation.
- Include your name, address, and day-time telephone number.
- Submit your written request to QHC's Freedom of Information Coordinator with the $5 application fee. To protect your privacy, we do not accept freedom of information requests by fax or e-mail.
- When a request for correction is received, the hospital must determine whether the information submitted for correction can be verified. In some cases, the hospital will require documentary proof to support the request.
To request a correction of personal health information, contact the Department of Health Records at (613) 969-7400, ext. 2279.
A privacy breach is an incident involving the unauthorized collection, use or disclosure of personal information.
Quinte Health Care has a responsibility to protect personal information in its custody from unauthorized access or disclosure. Upon discovery of a privacy breach, or suspected breach, the incident must be reported immediately to the relevant unit head (e.g., the Manager) and to QHC's Privacy Officer. Specific decisions on how to respond to a suspected or confirmed privacy breach will be made on a case-by-case basis, however, actions will be taken to contain and remediate any breaches. In all cases, the individual is notified that there has been a privacy breach related to their personal information.