HME Home Health Ltd.. (the “Company”) is committed to protecting the privacy of clients, end-users (usually patients in care facilities using our products), and business partners dealing with the Company. This policy informs you of the Company’s practices concerning the collection, use and disclosure of personal information and ensures compliance with applicable privacy laws, including the B.C. Personal Information Protection Act (“PIPA”) and the B.C. Freedom of Information and Protection of Privacy Act (“FOIPPA”).
This policy applies to “personal information”. This is defined by legislation as any information about an identified or easily identifiable individual. Personal information does not include business contact information (e.g. business telephone and fax number, business address and email), information about corporations or other entities or information about individuals not associated with their identity (e.g. anonymous statistics).
Personal information is very broadly defined and includes unrecorded information or information recorded in any form, including in writing, electronically or on video or audio tape. Personal information includes relatively obvious or publicly available information such as home address, age or hair colour, through to more sensitive information such as credit card numbers or other financial information.
The Company collects only such personal information about individuals as is reasonably required to provide our products and services to them. In the case of Company clients this includes the following information which the Company uses for the following purposes:
Generally speaking, the Company will obtain your consent to the collection, use and disclosure to others of your personal information, subject only to exceptions permitted or required by law. In many situations, where you voluntarily provide personal information about yourself and the purpose or use of the information is obvious, providing the information constitutes sufficient consent. In other situations, the Company will either notify you of a planned use or disclosure (e.g. by a note at the bottom of a form) or seek your consent in writing, electronically or orally to the collection, use or disclosure to others of your personal information.
There are circumstances permitted under applicable privacy laws where the collection, use, or disclosure of personal information may be done without consent and other situations where collection, use or disclosure is required by other legislation. Such situations include:
You may, on reasonable advance notice in writing to the appropriate Company manager, withdraw consent to any collection, use or disclosure of personal information and we will comply with your request, except where such withdrawal would frustrate a legal obligation e.g. to maintain records to comply with record-keeping requirements of tax legislation. You should also appreciate that withdrawal of such consent may deprive you of benefits or other advantages from the Company or others.
The Company does not sell, trade, barter or exchange for consideration any personal information it has obtained. When using services of contractual service providers who may receive personal information collected by the Company, the Company ensures that they agree to use such personal information solely for the purposes of providing those services and they agreed to comply with relevant portions of this policy.
In order to service Company clients and end-users, the Company transmits personal information to affiliates and external service providers. In compliance with FOIPPA, the Company stores all personal information in Canada or in data centers located in Canada.
As set out above, there are a limited number of situations where disclosure of personal information maintained by the Company is either required by law (e.g. legislation entitling law-enforcement agencies to obtain information) or disclosure without consent is permitted by law (e.g. an emergency where your consent cannot be obtained).
The Company endeavours to ensure that all personal information in its possession is as accurate, current and complete as possible for the purposes for which it is used by the Company. You can assist us by advising us of any changes in your personal information, e.g. changes in your home address, phone number or email address.
The Company takes appropriate security measures to ensure that both paper and electronic records containing personal information are secure from loss, unauthorized use, access or copying, disclosure or modification. Security measures include locking areas containing sensitive special personal information and general security of our offices. Our computer systems include passwords to gain access to sensitive personal information. The Company also limits access to personal information to those who “need to know” to provide you with products or services.
The Company allows individuals to have reasonable access to their personal information and will endeavour to provide requested information within reasonable time and generally within 30 days following a written request. Individuals may request:
upon written request to the appropriate manager or to the Privacy Manager identified below.
Although the Company will generally comply with such requests, the Company may decline access to personal information on grounds permitted or required under applicable legislation, including the following situations:
Individuals may request that the Company correct records of personal information. If the Company concludes the requested change is unwarranted, it will so advise the requesting person, but will append the requested change to the record kept by the Company.
The Company endeavours to only retain personal information for so long as it is either:
subject to the requirement under privacy legislation to retain information that was used to make a decision directly affecting the individual for one year after the date of the decision. Because many of our products have a long “in service” life, and may require service, maintenance, repair or notification of product issues from the manufacturer, we generally keep information about our sales for many years.
When personal information is no longer needed, it will be destroyed in a suitably secure manner, e.g. shredding of paper records containing personal information.
The Company cannot provide access to personal information about clients or end-users in care facilities to a client/end-user family member or other support person without consent from the client/end-user. The Company will facilitate access to personal information by family members or support persons with consent. Please ask us about how you can get written consent to accessing the client/end-users’ personal information. If you have a general power to manage the financial or health affairs of a client or end-user (e.g. a Power of Attorney, Advance Directive, Representation Agreement, or Committeeship Order), then please provide us with a copy to allow access.
If you wish to access your personal information, you must make the request directly to the Manager whom you believe is responsible for the personal information you wish to review. Alternatively, you may contact the Privacy Manager for the Company, who may be reached at (604) 821-0075, ext 101, or hr@hmebc.com. The Privacy Manager is generally responsible for firm compliance with applicable privacy legislation and with the application and administration of this policy. You may contact the Privacy Manager with any questions arising out of this policy.