
Privacy Policy
Clinic Sport & Health takes Patient Information very seriously. All patient privacy issues are handled by the Privacy Officer Dr. Jeffrey Payne D.C.
Clinic Sport & Health uses an Electronic Health Record Keeping System (EHR). This system is a cloud-based system who's main servers are located outside of Canada. They are stored safely in Australia. Each patient's information is encrypted and can only be accessed by approved users who must use 2-Step Authentication. Every measure is taken to ensure no un-authorized parties are able to access patient information.
Clinic Sport & Health has the following training and awareness programs in effect: all new staff completes an orientation with the privacy custodian at the beginning of employment and is required to attend quarterly privacy review meetings. The policy is read and signed off by all staff responsible for handling and then sequentially is filed for record of privacy training. Contractors are required to sign a confidentiality agreement are are briefed on the importance of privacy once contract commences.
All incidents are reported to the Privacy Office and are handled accordingly. Our Incident Response Plan will be initiated as soon as the Privacy Officer determines there is a breach in confidentiality or integrity to individual health information. A privacy meeting will be immediately called and the Privacy Office will resolve the issue and decide where our Privacy Policies might need to be amended. Incidents are reported to OIPC as required.
All policies are in compliance with the Health Information ACT (HIA), under the supervision by the Office of the Information and Privacy Commission (OIPC). Our full Privacy Impact Assessment (PIA) is available upon request.