SECURITY / PRIVACY DISCLOSURE
COVID-19 is placing stress on Canada’s public health system. Our health service is offering virtual care to make sure that we can continue to care for our patients safely and effectively. This means that we will be using video and audio technologies for patient visits rather than asking all patients to come into our office. We do our best to make sure that any information you give to us during virtual care visits is private and secure.
By providing your information, you agree to let us collect, use, or disclose your personal health information through video or audio communications (while following applicable privacy laws) in order to provide you with care. In particular, the following means of electronic communication may be used: email, videoconferencing, and text messaging (including instant messaging). Please read and complete as necessary our Privacy and Consent Form here.
All information complies with HIPAA requirements. HIPAA, or the Health Insurance Portability and Accountability Act, establishes national standards for protecting the identifiable health information of health plan beneficiaries and patients. All data is encrypted, using 128-bit GCM encryption – the same standard most banks use to protect your financial information. All data is transferred via HTTPS over TLS. All data is stored in a physically and electronically secure facility, behind firewalls. Data backups are protected by high-grade encryption (FIPS 140-2 certified), meaning your data stays secure and unreadable. You only need to share basic information, such as your name, email, sex, date of birth and insurance carrier information. There is never any storage of credit card information, bank account information, radiological images or reports, laboratory analysis, or diagnostic reports.
There are built in features that protect data on your end. For instance, you will be automatically sign out of the site if you’re inactive, your password should be strong and unique, and you will be locked out of your account if the wrong password is entered too many times.
Despite our efforts to protect your information, no video or audio tools are ever completely secure. There is an increased security risk that your health information may be intercepted or disclosed to third parties when using video or audio communications tools.
To help us keep your information safe and secure, it is recommended that we following these guidelines:
Understand that video, emails, calls, or texts you may receive are not secure in the same way as a private appointment in an exam room.
Always ensure the patient is ready to have a confidential conversation. When appropriate, start video session with clear introductions and confirming the client’s identity.
Use a private computer/device (i.e., not an employer’s or third party’s computer/device), secure accounts and a secure internet connection. For example, using a personal and encrypted email account is more secure than an unencrypted email account, and your access to the Internet on your home network will generally be more secure than an open guest Wi-Fi connection.
Conduct the video session in a private space in both yours and the client’s location. During the session, check if the volume is set to an appropriate but discreet level.
A patient may want to include a family member or caregiver during the video consult. If so, be aware of who is in the room with the client. Establish the level of client comfort and follow the same principles as with in-person visits.
Do not leave connection unattended and/or set on automatic call answering. Once the session is over, all participants are expected to disconnect from the call immediately.
If you are concerned about using video or audio tools for virtual care, other arrangements can be made. However, please note that visiting a health care provider in person comes with a higher risk of coming into contact with COVID-19 and the possibility of spreading the virus.