Skip to main content
search

Client Privacy

Learning about Privacy is required by law for all Circle of Care employees. We deal with very sensitive information each day – about client care, client conditions, personal information about clients, and much more. It is important that we do everything we can to protect the privacy of our clients by making sure we have good practices for working with and dealing with our clients’ personal health information.

Related Policies

What is Privacy?

The definition of privacy in Canada falls under a law called the Privacy Act. The Privacy Act sets out rules for how organizations like Circle of Care collect and deal with personal information.

According to the law, an organization may not collect personal information unless it relates directly to the operations or activities of the organization. In general, when an organization collects an individual’s personal information directly from the individual, it must inform that person directly of the purpose for which the information is being collected (there are some exceptions). Personal information may be used only for the purpose for which the information was collected and intended, unless the individual agrees otherwise.

Also, the personal information collected must not be disclosed, unless the individual consents. Under the law, every Canadian citizen or permanent resident has the right to be given access to personal information about themselves and can request correction if the information is inaccurate. The Privacy Commissioner of Canada receives and investigates complaints involving privacy.

The Office of the Privacy Commissioner of Canada Definition of Privacy

Privacy is often called “the right to be left alone.” That’s a good enough definition, as far as it goes. It reflects people’s instinctive reaction to being monitored or bothered. That’s what “invasion of privacy” means to many people.

But there’s another kind of privacy invasion that’s less obvious, and that’s the collection, use and disclosure of information about us without our knowledge or consent.

This is why the Office of the Privacy Commissioner of Canada defines privacy as “the right to control access to one’s person and information about oneself.”

This definition is useful for understanding how our privacy is becoming threatened. Our privacy is very volatile. Our privacy was once protected by default. As long as information about us was in paper records scattered over a lot of locations, someone would have had to go to a lot of trouble to invade our privacy. Unless you were famous or extremely important in some regard, or “notorious”, your privacy was pretty safe.

But those barriers of time, distance and cost are gone. With developments in computers, databases, surveillance, biometric identification and genetic testing, a stranger with access to a computer and an internet connection can put together a detailed file on our whole lives in a matter of minutes.

Personal Health Information Protection Act (PHIPA)

At Circle of Care, we have access to a lot of information about our clients – both personal information and personal health information. We know specific conditions they may have, any special requirements they may need, as well as their personal contact numbers and family members. Because we have access to this information, we must follow the rules and regulations around PHIPA – the Personal Health Information Protection Act.

The goal of PHIPA is to:

  • Set rules for collection, use and disclosure of Personal Health Information (PHI) that protects the confidentiality and privacy of individuals;
  • Facilitate the effective provision of care;
  • Provide individuals with a right of access to their PHI, subject to certain exceptions;
  • Provide individuals with a right to the correction or amendment of their PHI, except for in certain situations;
  • Provide effective remedies for privacy violations/ breaches.

Personal Information Vs. Personal Health Information

Personal Information

  • Any factual or subjective information, recorded or not, about an identifiable individual. This includes information in any form.
  • Personal information does not include the name, title, business address or telephone number of an employee of an organization.

Examples

  • Name
  • Age
  • Gender
  • Education
  • Home Address
  • Phone Number
  • Race
  • Ethnic Origin
  • Services, payment, or eligibility for health care
  • Religion
  • Marital status

Personal Health Information

  • Personal information that relates to the health of an individual or the provision of health services.

Examples:

  • Weight
  • Height
  • Fingerprints
  • Blood type
  • Medical records
  • Physical or mental health information
  • Services, payment, or eligibility for health care
  • Substitute decision maker (SDM) information
  • Health number, plan or service
  • Donation of bodyparts or substances
  • Client Diagnosis
  • Client medical contacts
  • Funding information
  • Client Care Plan
  • Doctor/Physician
  • Medical Appointment Information
  • Specific hours of care service
  • List of Medications
  • Specific Delegations

Client Privacy Policy

All employees within Circle of Care must understand the privacy legislation, including that a client has the right to:

  • Receive a copy of the agency’s Privacy Practices.
  • Request restrictions on the uses and disclosures of health information.
  • Request to receive confidential communication.
  • Access their protected health information for inspection or copying.
  • Amend their healthcare information.

What is my role in protecting client privacy?

Whether working on the front line or in a supporting role within the agency all employees are responsible for privacy! What does that mean for your role? It means that we must do everything possible to protect a client’s personal health information. We must not discuss a client’s condition or personal affairs with anyone outside the agency, unless you are authorized to do so by an agency manager. This includes employee to employee conversations that may happen casually and not within the confines of the workspace. We must not share any medical information with other clients or visitors. If you are not sure about whether you are able to share certain information, please talk to your supervisor before taking action.

  • Protect a client’s personal health information
  • Do not discuss a client’s condition or personal affairs with anyone outside the agency
  • Do not share any medical information with other clients or visitors
  • All information that is seen or heard regarding clients, directly or indirectly, is completely confidential. Do not discuss it, even with your family or coworkers.
  • Do not remove any client files/information from the place of care.

Failure to recognize the importance of confidentiality is a breach of professional ethics and may result in legal proceedings against the employee.

Who To Contact

Questions, Complaints, and Reporting of any suspected or true breaches of privacy should be directed to Circle of Care’s Privacy officer at 416-635-2900 and ask for the Privacy Officer, or via email at privacy@circleofcare.com.