The protection of your private personal information (PI) is one of the priorities at this website of
Dr. Rachel Wayne, Ph.D., C.Psych (Dr. Wayne). Due to the nature of the business of Dr. Wayne, she is required to collect essential Personal Identifiable Information (PII) as is dictated by law. Additionally, Dr. Wayne is committed to collecting, using and disclosing your PII responsibly, and only to the extent necessary for the goods and services Dr. Wayne provides to you. This document describes how Dr. Wayne’s privacy policies are in alignment with PHIPA, PIPEDA, and the Digital Privacy Act, in addition to Dr. Wayne’s own strict privacy policies & procedures.
Digital Privacy Act:
What Is Personal Information (PI)/ Personally Identifiable Information (PII)?
Personal information is information about an identifiable individual. PII includes information that relates to their personal characteristics (e.g., gender, age, income, home address or phone number, ethnic background, family status), their health (e.g., health history, health conditions, health services received by them) or their activities and views (e.g., religion, politics, opinions expressed by an individual, an opinion or evaluation of an individual).
What Is NOT Personal Information?
What is not considered to be Personal Information is business related information (e.g., an individual’s business address, business title, business email address and business telephone number), all of which is not protected by privacy legislation.
Your Personal Information:
Dr. Wayne is required to collect PII information in regards to yourself which will include; legal name, date of birth, place of residence; basically all contact information in addition to an emergency contact with their contact information, in order to provide you with optimal service. There will be requirements to provide your age, health history, current health condition(s), assessment results or diagnoses from other health providers; health services provided to or received by you.
Currently Dr. Wayne’s, support personnel (accountants, legal representatives, IT tech’s) and administrative staff, etc; are all required to uphold Dr. Wayne’s strict policies and procedures in addition to the stringent protection and management of your confidential PII.
In the course of doing business, Dr. Wayne may use a number of consultants, agencies and resources that may, in the course of their duties, have access to your personal information. Including but not limited to; computer consultants & technicians; office security; legal service providers; etc. Dr. Wayne proactively restricts access to your PII and has engaged these resources and possibly others under strict contracts to insure they follow appropriate privacy policies and procedures which are required by law to protect your PII.
Collection of Personal Information: Primary Purposes
About Patients/Clients (Patients)
Like all health service providers, Dr. Wayne may collect, use and disclose PII in order to serve you the patient.
The primary purpose; for collecting personal information, is to provide Dr. Wayne’s services and treatments. For example, Dr. Wayne may collect information on health history, including family history, physical condition, physical function and social situation in order to assess what your health needs are, to advise you of your options.
The secondary purpose; is to obtain a baseline of health and social information to facilitate the provision of ongoing optimum health services, and identify changes that are occurring over time. In the event Dr. Wayne should need to collect such information without the patient’s express consent, as might occur in an emergency (e.g., the patient is unconscious) or where Dr. Wayne reasonably believes the patient would consent if asked and it is impractical to obtain consent (e.g., a family member passing a message to us, from you the patient and Dr. Wayne has no reason to believe that the message is not genuine due to the reasonable nature of it).
Psychologists are regulated by the College of Psychologists of Ontario;
Who may inspect your records as a part of their regulatory activities, and in the public interest.
As part of Dr. Wayne’s Duty of Care requirement(s);
Dr. Wayne is mandated to report serious misconduct, incompetence or incapacity of any practitioner.
Various government agencies (e.g., Canada Revenue Agency, Information and Privacy Commissioner, Human Rights Commission, etc.) have the authority to review your files as a part of their mandates.
In these circumstances, Dr. Wayne may consult with professionals (e.g., legal representative, or accountants) who investigate the matter on her behalf.
The cost of some goods/services provided by Dr. Wayne to patients is paid for by third parties (e.g., WSIB, private insurance).
These third-party payers often have your consent or by legislative authority to direct us to collect and disclose to them certain information in order to demonstrate patient entitlement to their funding.
Patients or other individuals Dr. Wayne has dealt with may have questions about their goods or services after they have been received years later.
Dr. Wayne also provides ongoing services for many patients over a period of months or years for which previous records are essential resources.
If Dr. Wayne’s practice or its assets were to be sold, the purchaser would conduct a “due diligence” review of Dr. Wayne’s records to ensure that it is a viable business which has been honestly portrayed. This due diligence may involve some review of the accounting and service files. The purchaser would not be able to remove or record personal information. Additionally, before being provided access to the files, the purchaser must provide a written promise to keep all personal information confidential. Only reputable purchasers who have already agreed to purchase the organization’s business or its assets would be provided access to personal information, and only for the purpose of completing their due diligence search prior to closing the purchase.
Members of the General Public;
Dr. Wayne’s primary purpose for collecting a limited amount of your personal information including your email address; is to provide notice of appointments or other services.
Upon your request, Dr. Wayne will remove any reasonable personal information from the contact list. Dr. Wayne does not use, share, sell, or in any way distribute your information in any manner other than it’s original intended use as was provided by you.
Collected Personal Information: Related and Secondary Purposes
Dr. Wayne will also collect, use and disclose information for purposes related to or secondary to the primary purposes and only in compliance with Government Regulations. The most common examples of the related and secondary purposes are as follows, and only upon your consent, would Dr. Wayne share essential information with third parties to provide you with their services under the following circumstances, to name but a few;
invoice patients for goods or services that were not paid for at the time they were provided, to process credit card payments or to collect unpaid accounts
advise patients that their product or service should be reviewed (e.g., to ensure a product is still functioning properly and appropriate for their then current needs and to consider modifications or replacement)
advise patients and others of special events or opportunities (e.g., a seminar, development of a new service, arrival of a new product)
additionally; external consultants (e.g., auditors, legal service providers, practice consultants, voluntary accreditation programs) may conduct audits and reviews for continuous quality improvements
You can decline at any time, to discontinue the participation of some of these related or secondary purposes, (e.g., by declining to receive notice of special events or opportunities, and by paying for your services in advance).
Protecting Your Personal Information
Dr. Wayne understands the importance of protecting all private information. For that reason, Dr. Wayne has taken the following steps:
Paper information is either under constant supervision, or secured in a locked or restricted area.
Digital information is secured by passwords & electronic hardware either constantly under supervision or secured in a locked or restricted area at all times. In addition; strong passwords are used on all computers.
When paper information is transferred, it is in sealed, envelopes or boxes, and by reputable bonded courier companies.
Electronic/Digital information is transmitted either through a direct line (fax), is anonymized and/or is encrypted.
External consultants and agencies with access to your personal information must enter into privacy agreements with Dr. Wayne, or sign confidentiality agreements prior to any transfer of private information or access to any PII in the course of providing their services to Dr. Wayne.
Any unauthorized or unnecessary access to any personal information is prohibited.
Retention and Destruction of Personal Information
Dr. Wayne is required to retain personal information for various time frames in accordance with Government Regulations. Additionally, to ensure that Dr. Wayne can answer questions you might have about the services provided and for her own accountability to external regulatory bodies.
Dr. Wayne will retain patient information for a minimum of ten years after the last contact/entry or ten years after the patient reaches, or would have reached, the age of eighteen. Otherwise if you ask, Dr. Wayne will remove “reasonable” contact information right away. Dr. Wayne will keep any personal information relating to general correspondence (e.g., with people who are not patients) newsletters, seminars and marketing activities for approximately six months after the newsletter ceases publication or a marketing activity is over. Paper files containing personal information are destroyed by shredding. Dr. Wayne destroys electronic information by deleting it and, prior to the hardware being discarded; the memory device, or hard drive is physically destroyed.
You Can Look At Your Information
Under the Privacy Act; you have the right to see what personal information Dr. Wayne has in the files regarding you, within reason, and the provisions of the governing bodies, or law. Often all you have to do is contact Dr. Wayne’s Information Officer. She will need to confirm your identity before providing you with this access. Dr. Wayne reserves the right to charge a nominal fee for each of these requests. Please put your request in writing. If Dr. Wayne cannot give you access, she will inform you by letter or email within 30 days and provide you with the reason why she cannot give you access.
If you believe there is a error in Dr. Wayne’s information regarding you; you have the right to request it to be corrected. This request can only apply to factual information, not financial information and not to any professional opinions. You will be required to provide documentation to support your request for the correction of the files. In the event Dr. Wayne does agree that she has an error in the file on you, she will make the correction and notify those to whom she has been authorized by you to send this information originally. If Dr. Wayne does not agree that she has an error, she will still agree to include a brief statement from you on the point in the file and she will forward a copy of that statement to those who received the earlier information.
Do You Have a Request or a Question?
Information Officer: Dr. Rachel Wayne
2100 Bloor Street West, Unit 6251
Toronto, Ontario M6S 5A5
Dr. Wayne will, to the best of her ability, attempt to answer any questions or concerns you might have or provide direction as to where your answers can possibly be found. If you wish to make a formal complaint regarding these privacy practices; you may make it in writing to Dr. Wayne the Information Officer (contact information above). Receipt of your complaint will be acknowledged, investigated promptly and you will be provided with a formal decision and reasons in writing.
If you have a concern about the professionalism or competence of Dr. Wayne, she would ask you to discuss those concerns with her. If Dr. Wayne cannot satisfy your concerns, you are entitled to contact the regulatory body (the following information lists are maintained on a best efforts basis) as follows:
Notice: the following list is maintained on a best efforts basis
College of Psychologists of Ontario
This policy is made under the (PHIPA) Personal Health Information Protection Act, the (PIPEDA) Personal Information Protection and Electronic Documents Act, and the Digital Privacy Act. All are complex and all provide some additional exceptions to the privacy principles that are too detailed to set out here, and as a result there are some rare exceptions to the commitments Dr. Wayne has set out above.
For more Privacy information and inquiries;
Notice: the following list is maintained on a best efforts basis
The Privacy Commissioner of Canada
The Information and Privacy Commissioner of Ontario
The Provincial; (Ontario) Personal Health Information Protection Act was established in Ontario in 2004. This legislation governs the collection, use and disclosure of personal health information, which is confidential data regarding a patient's mental and physical health.
The Federal; (Canada) Personal Information Protection and Electronic Documents Act sets the ground rules for how private-sector organizations collect, use, and disclose personal information in the course of for-profit, commercial activities across Canada. PIPEDA generally applies to personal information held by private sector organizations that are not federally-regulated, and conduct business everywhere in Canada.
The Federal; (Canada) The requirement for “valid consent” to the collection, use and disclosure of personal information. Every organization that collects, uses and discloses personal information in the course of commercial activity in Canada (with a few exceptions) must follow new mandatory data breach record-keeping, reporting and notification rules – or face significant non-compliance consequences.