Protection of privacy is a key element in the professional standards adhered to at Winsor Health Services. As such Winsor Health Services has implemented a Privacy Policy that ensures adherence to both PIPEDA (Personal Information Protection and Electronic Documents Act) and PHIPA (Personal Health Information Protection Act) requirements. Winsor Health Services employees are provided with training to ensure they understand the requirements and are fully compliant.

As part of our Privacy protocols, Winsor Health Services has incorporated the 10 Principles of PIPEDA into our Quality Control Program as follows:

  1. Accountability – Winsor Health Services has appointed Rita Rajkumar as the Privacy Officer. She is responsible for ensuring that the organization is in continual compliance with all of the 10 principle areas of the Act. The Privacy Officer is also the Health Information Custodian per PHIPA regulations.
  2. Identifying purposes – Winsor Health Services openly states the reasons why personal information is being collected and is specific in identifying how this information will be used. For claimants, this information is contained in the Informed Consent Form signed by each claimant prior to an assessment. For employees and contractors, this information is provided as information is requested and is also covered in the employee handbook.
  3. Consent – Consent of individuals to collect their personal information and to use it for the specific intended purposes is obtained with the Informed Consent Form signed by all claimants prior to each assessment and on a form signed by employees during the hiring process.
  4. Limiting collection – Winsor Health Services limits the amount and type of information gathered to what is necessary for the identified purposes. Our internal information-handling policies and practices state the type of information we collect and the reason we require it. All employees are required to understand our policies and be able to explain why the information is needed, if asked.
  5. Limiting use, disclosure, and retention – Winsor Health Services has policies in place regarding the parameters of use for specific groupings of information and clearly identifies the information lifecycle: 1) information – why it is collected 2) how it is used, how it is stored 3) when its usage is defined as finished, and 4) how this information is disposed of or destroyed.
  6. Accuracy – Winsor Health Services takes the necessary steps to keep personal information as accurate, complete and up to date as necessary, taking into account its use and the interests of the individual.
  7. Safeguards – Winsor Health Services protects personal information against loss or theft, safeguards the information from unauthorized access, disclosure, copying, use or modification, and has policies and practices to protect personal information regardless of the format in which it is held.
  8. Openness – Winsor Health Services informs customers and employees that it has policies and practices for the management of personal information and makes these policies and practices understandable and easily available.
  9. Individual access – When requested, Winsor Health Services will inform individuals if it has any personal information about them and explain how it is or has been used and provide a list of any organizations to which it has been disclosed, as well as give individuals access to their information.
  10. Challenging compliance – Winsor Health Services has a complaint policy and procedures that are implemented to address any complaints about compliance with PIPEDA or handling of personal information. If a complaint is received, the process is explained to the complainant and the appropriate steps are taken to resolve the situation, according to our policies.