top of page

Privacy Policy

This document governs the website, clinical and administrative services provided by Gleath Sports Injuries & Orthopedic Centre. 

​

OVERVIEW

This privacy policy applies to your information that we collect and receive on and through gleathclinics.com; it does not apply to practices of businesses that we do not own or control or people we do not employ.

By using our website, you agree to the terms of this privacy policy. Please read the following privacy policy to understand how your personal information will be treated as you use this site and its services. The following discloses our information gathering and dissemination practices.

​

WE MAY COLLECT THE FOLLOWING INFORMATION

Personal data of the user such as, but not limited to, your name, your email id and gender ; The user's e-mail and contact information; The User's tracking information such as, but not limited to Google advertising ID. 

​

OUR USE OF YOUR INFORMATION

The information provided by you shall be used to contact you when necessary. We use your tracking information to identify you and to gather broad demographic information. 

​

PROTECTION OF PERSONAL INFORMATION

Gleathclinics.com has adopted a protection of personal information policy which aims to protect your private life, in accordance with the applicable laws to this effect, gleathclinics.com has taken and applies appropriate security measures while using this site, including the encoding of certain data. However, public communication networks such as the internet are open systems with links shared by many users. You recognize that gleathclinics.com does not guarantee that some personal information won't be intercepted and manipulated by third parties. For the purpose of operating this site, gleathclinics.com may collect some information, including personal information. This information will never be the object of a communication, transfer, sale, assignment or any other commercial transaction with third parties without your authorization. This information may however be transferred between various internal departments or with distributors adhering to a protection of personal information policy, for the purpose of administration and management.

No gleathclinics.com representative is authorized to obtain personal or credit information from you over the phone. If this is the case, we ask you to contact us immediately in order for us to proceed with an internal investigation.

​

CONTROLLING YOUR PERSONAL INFORMATION

We will not sell, distribute or lease your personal information to third parties unless we have your permission or are required to do so, by law. We may use your personal information to send you promotional information about third parties which we think you may find interesting if you tell us that you wish this to happen. 

​

WEBSITE TERMS

By using this website, you hereby agree to be bound by the terms of use / service, privacy policy, and other policies as set forth on the website www.gleathclinics.com. It is hereby further specified that all the terms and policies on the website shall be coterminous to these terms.

​

Protecting Personal Information

1. Openness and transparency

1.1  We value patient privacy and act to ensure that it is protected.

1.2  This policy was written to capture our current practices as well as to respond to federal and provincial requirements for the protection of personal information.

1.3  This policy describes how this office collects, protects and discloses the personal information of patients and the rights of patients with respect to their personal information.

1.4  We are available to answer any patient questions regarding our privacy practices.

2. Accountability

2.1       The physician is ultimately accountable for the protection of the health records.

2.2       Patient information is sensitive by nature. Employees and all others in this office who assist with or provide care are required to be aware of and adhere to the protections described in this policy for the appropriate use and disclosure of personal information.

2.3       All persons in this office who have access to personal information must adhere to the following information management practices:

  • Access is on a need to know basis

  • Access is restricted to authorized users

  • Contractual privacy clauses/agreements with third parties including cleaning, security personnel, building maintenance personnel and network technicians .

2.4       This office employs strict privacy protections to ensure that

  • We protect the confidentiality of any personal information we access in the course of providing patient care.

  • We collect, use and disclose personal information only for the purposes of providing care and treatment or the administration of that care, or for other purposes expressly consented to by the patient.

  • We adhere to the privacy and security policies and procedures of this office.

  • We educate and train staff on the importance of protecting personal information.

Collection, Use and Disclosure of Personal Information

3. Collection of personal information

3.1 We collect the following personal information

  • Identification and contact information including name and date of birth

  • Billing information including provincial/territorial health insurance plan and private medical insurance details

  • Health information which may include medical history and presenting symptoms

3.2 Limits on collection

We will only collect the information that is required to provide care, administrate the care that is provided and communicate with patients. We will not collect any other information or allow information to be used for other purposes, without the patient's express consent - except where authorized to do so by law. These limits on collection ensure that we do not collect unnecessary information.

4. Use of personal information

4.1 Personal information collected from patients is used by this office for the purposes of

  • Identification and contact - Emergency contact

  • Provision and continuity of care: Historical record and Health promotion and prevention

  • Administrate the care that is provided: Prioritization of appointment scheduling and billing the provincial health plan

  • Professional requirements: Risk or error management and Quality assurance (peer review)

  • Research studies and trials

5. Disclosure of personal information

5.1 Implied consent (Disclosures to other providers)

  • Unless otherwise indicated, we assume that patients have consented to the use of their information for the purposes of providing them with care, including sharing the information with other health providers involved in their care. By virtue of seeking care from us, the patient's consent is implied for the provision of that care.

  • Relevant health information is shared with other providers involved in the patient's care, including, but not limited to, other physicians involved in providing care.

5.2 Without consent (Disclosures mandated or authorized by law).  There are limited situations where the physician is legally required to disclose personal information without the patient's consent. Examples of these situations include, but are not limited to,

  • billing provincial health plans

  • reporting specific diseases

  • reporting abuse (child, elder, spouse, etc)

  • reporting fitness (to drive, fly, etc)

  • by court order (when subpoenaed in a court case)

  • in regulatory investigations

  • for quality assessment (peer review)

  • for risk and error management, e.g., medical-legal advice

5.3 Express Consent (Disclosures to all other third parties)

  • The patient's express consent, oral or written, is required before we will disclose personal information to third parties for any purpose other than to provide care or unless authorized to do so by law.

  • Examples of situations that involve disclosures to third parties include, but are not limited to third party medical examinations and provision of charts or chart summaries to insurance companies or lawyers

  • 5.4 Withdrawal of consent

  • Patients have the option to withdraw consent to have their information shared with other health providers at any time.

  • Patients also have the option to withdraw consent to have their information shared with third parties.

  • If a patient chooses to withdraw their consent, the physician will discuss any significant consequences that might result with respect to their care and treatment.

Office Safeguards

6. Security measures

6.1 Safeguards are in place to protect the security of patient information.

6.2 These safeguards include a combination of physical, technological and administrative security measures.

6.2.1 We use the following physical safeguards

  • limited access to office: monitored alarm system and deadbolt entry lock or key pad entry system

  • limited access to records: need to know basis and locked cabinets

  • office layout/features: front desk privacy screens and soundproofing to ensure confidentiality

6.2.2 We use the following technological safeguards

  • protected computer access for patient health information including passwords and user authentication

  • system protection including firewall software and virus scanning software

  • protected external electronic communications with separate Internet access

  • secure electronic record disposal: we safely dispose of computer hard drives and destroy all other removable media

  • wireless connections that are separated from internet connections carrying patient data

6.2.3 We use the following administrative safeguards

  • office information management practices: access is on a need to know basis and is restricted to authorized users

  • contractual privacy clauses/agreements with third parties including cleaning, security personnel, building maintenance personnel and network technicians.

  • Staff signed confidentiality agreements as part of their employment contract, and this confidentiality agreement or clause extends beyond the term of employment.

7. Communications policy

7.1 We are sensitive to the privacy of personal information and this is reflected in how we communicate with our patients, others involved in their care and all third parties.

7.2 We protect personal information regardless of the format.

7.3 We use specific procedures to communicate personal information by

7.3.1 Telephone

  • Patient preference with regards to phone messages will be taken into consideration

  • Unless authorized, we only leave our name and phone number on message for patients

7.3.2 Email

  • We do not use email for confidential messages, except if consented by the patient. We assume that when patients initiate a confidential message by email, they have given implied consent for us to reply by email

    • Firewall and virus scanning software is in place to mitigate against unauthorized modification, loss, access or disclosure

7.3.3 Post/Courier

  • Letters are sent in a sealed envelope marked confidential

8. Record retention

8.1 We retain patient records as required by law and professional regulations

8.2 We use secure offsite record storage.

9. Procedures for secure disposal/destruction of personal information

9.1 When information is no longer required, it is destroyed according to set procedures that govern the storage and destruction of personal.

  • We use paper shredding to destroy paper records

  • We physically destroy computer hard drives

  • We shred electronic media storage

9.2 Disposal log

Before the secure disposal of a health record, we maintain a log with the patient's name, the time period covered by the destroyed record, the method of destruction and the person responsible for supervising the destruction.

Patient Rights

10. Access to information

10.1 Patients have the right to access their record in a timely manner.

10.2 If a patient requests a copy of their records, one will be provided at a reasonable cost.

10.3 Access shall only be provided upon approval of the physician.

10.4 If the patient wishes to view the original record, one of our staff must be present to maintain the integrity of the record, and a reasonable fee may be charged for this access.

10.5 Patients can submit access requests verbally or in writing

10.6 This office follows specific procedures to respond to access requests

  • we acknowledge receipt of request

  • we respond within a timely fashion not exceeding 30 days

11. Limitations on access

11.1 In extremely limited circumstances the patient may be denied access to their records, but only if providing access would create a risk to that patient or to another person.

11.1.1 For example, when the information could reasonably be expected to seriously endanger the mental or physical health or safety of the individual making the request or another person.

11.1.2 If the disclosure would reveal personal information about another person who has not consented to the disclosure. In this case, we will do our best to separate out this information and disclose only what is appropriate.

12. Accuracy of information

12.1 We make every effort to ensure that all patient information is recorded accurately.

12.2 If an inaccuracy is noted, the patient can request changes in their own record, and this request is documented by an annotation in the record.

12.3 No notation shall be made without the approval or authorization of the physician.

13. Privacy Complaints

13.1 It is important to us that our privacy policies and practices address patient concerns and respond to patient needs.

13.2 A patient who believes that this office has not responded to their access request or handled their personal information in a reasonable manner is encouraged to address their concerns first with their doctor.

13.2.1 Patient complaints can be made verbally or in writing

13.2.2 This office follows specific procedures for responding to patient complaints

  • Our complaints process is readily accessible, transparent and simple to use

  • Patients are informed of relevant complaint mechanisms

​

​

​

bottom of page