NOTICE OF PRIVACY PRACTICES
Last updated: February 25th, 2019
b. "InputHealth Software" or "Software" or "Service" mean any software, software application, mobile software applications, InputHealth Website, or other service provided by InputHealth which acts as, but is not limited to, messaging, content collections & deliveries, or marketing systems.
c. "You," "Your," and "User" mean and refer to all individuals and/or entities who are accessing or using the InputHealth Software and InputHealth Websites for any reason.
d. "HIC" or "Health Information Custodian" is in reference to an individual or organization that has legal access, custody and control of your personal health information, such as your doctor, nurse, medical clinic or other healthcare provider.
Your Privacy is not for Sale
This Policy applies to the InputHealth Software, Service and InputHealth Websites. This Policy regulates the processing of information relating to you.
The types of information we collect and share include:
- User demographics i.e last name, first name, address, Date or Birth, Phone Number, Email
- Associations with your healthcare providers and medical and healthcare related organizations
- Health records created either by you or by one of your providers
- Communications between you and your providers which may include private or health-related information provided by either party
- Appointments you are tracking, which or may not include a healthcare provider or medical records
InputHealth does not and will not sell or rent this information to anyone without your explicit permission.
To facilitate your use of the Service, InputHealth may automatically collect certain types of information when you access or use the Service. This includes, but is not limited to, Your Internet Protocol (IP) address, location, browser, access times, and referring website addresses. This information is used to analyze the use of resources, preventing fraud, troubleshooting, and also for improving our services.
In order to collect this data, InputHealth may utilize automated tools and files such as "cookies." These automated tools and files may reside on our servers or on your computer or device. If you restrict our ability to use automated tools and files, your ability to access and use all or part of the Service may be limited or disabled completely.
InputHealth provides patients and health service providers with the InputHealth Service to manage appointments, personal health records, communications, and other related activities. Other than information gathered through our website at www.inputhealth.com, InputHealth acts as a service provider for health service providers and does not own or control the information that is submitted to us through the InputHealth Service. The information that is submitted through the InputHealth Service will be held subject to the requirements specified by our health service provider clients and applicable law, such as the Health Insurance Portability and Accountability Act (HIPAA), Personal Information Protection Act ("PIPA"), Personal Information and Electronics Document Act (PIPEDA), or any laws that may apply in specific geographic regions.
Use of Information
InputHealth uses your personally identifiable information primarily to provide you with the Service and to provide customized content on the Service that is of interest to you. For example information provided by you will be used in the following ways:
- To provide you with access to your personal health record
- To provide you with management of your personal information
- To enable you to complete health questionnaires prior to your visit with a health care provider
- To facilitate communications with your health care providers
- In scheduling appointments with your health care providers
Information provided by you is also used to verify your authority to access the Service and to contact you when reasonably necessary. InputHealth may also use any information you have provided as reasonably necessary to administer or provide customer support for the Service. You may opt-out of receiving some or all non-Service related communications by updating your profile on the Service. Also, your full name and email address may be used when you use the Website to send a message to another user. Additionally, we use your email address to contact you on behalf of other users on the site (such as when another user sends you a message).
Controlling Your Personal Information
InputHealth may make available to users chat rooms, forums, message boards, and other interactive features. You should be aware that when you voluntarily disclose personally identifiable information (e.g. user name, e-mail address) via forums, postings, profiles or other public areas of the Website, that information, along with any substantive information disclosed in your communication, can be collected, correlated and used by third parties and may result in unsolicited messages from other posters or third parties. Such activities are beyond the control of InputHealth. Please do not post any personal information on the public areas of the Service that you expect to keep private.
We never sell your personal and medical information to anyone under any circumstances. We only share your personal information with our agents, representatives, trusted service providers and contractors that are offering certain products or services in connection with the usage of the service. We may need to disclose user information in certain exceptional circumstances, such as to protect our legal rights, to address actual or threatened illegal or harmful conduct, or as required by law or legal process (e.g., a search warrant, subpoena or court order), in which case your health information custodian will be asked for consent if legally required. We may also disclosure your information to third parties in circumstances where you have given express permission; for instance, if you send an email to a third party using the Service. We may also share aggregated demographic and statistical information with our partners. This is not linked to any personal information that can identify any individual person.
We use a combination of firewall barriers, encryption techniques and authentication procedures, among others, to maintain the security of your online session and to protect InputHealth accounts and systems from unauthorized access. Communications is encrypted using the Secure Socket Layer (SSL) system.
Our databases are protected from general employee access both physically and logically. We encrypt your Service password so that your password cannot be recovered, even by us. All backup drives and tapes also are encrypted.
Access To Your Data
The InputHealth service is designed to provide users with a place to collect, store, share and manage their information. InputHealth believes in the right of individuals to access their health information, and we maintain the InputHealth service in a manner that provides you with full access to your information.
Should you wish to make an injury about the state of your health data, you will need to contact your health information custodian (HIC) - i.e. your doctor or other healthcare provider who is using InputHealth.
Modifying Your Data
In addition access, we believe that users should have the ability to modify information in their account. Using the InputHealth service, you may update or delete health information that you have provided to us. Note that if you provide information to third parties using the InputHealth service, InputHealth cannot control the activities of those parties. For instance if you share your health information with your physician using the InputHealth service, InputHealth can give you the ability to modify or delete information in your account on the InputHealth service, but can not control how that data is maintained by your physician.
If you feel that there is incorrect information in your InputHealth account, you will need to contact your physician or other health information custodian to make the specified changes.
You may also close your account at any time. You may do this by contacting us using the contact information specified below and requesting that your account be closed. Once you close your account, you will no longer be able to access the Service.
You May Request an Accounting
We take disclosure of your health information seriously and have implemented measures to create an accounting of certain instances in which your health information is accessed through our system. Note that this accounting does not include disclosures that you have initiated, for instance, messages that you send to other users of the InputHealth service. If you would like an accounting of access and disclosure of your information, you may request one by writing to our Privacy Officer.
Disposal of your Health Records
InputHealth only retains your personal health information for as long as it is required by the laws in effect in the jurisdiction where you healthcare provider is administering care.
Should it be necessary for legal purposes to dispose of your personal health information, the healthcare provider can contact us (as below) to request secure and complete disposal of your health information.
Do not share your InputHealth password with anyone. Other than when you log on to the Website, we will never ask you for your password. Your personal information is protected by the password you provide when you create your InputHealth account. Please keep this password confidential. The confidentiality of your password is yours to protect. You may change your password at any time by clicking on the "Change Password" in your profile page.
Privacy Concerns or Complaints
If you have concerns about how your health information custodian / healthcare provider is handling your personal health information, or if you feel there may have been a breach in privacy of your personal health information, you must contact the appropriate individual within your healthcare providers clinic, such as their privacy officer or clinic manager.
For all other questions or concerns about our privacy practices, please feel free to contact us at:
InputHealth Systems Inc.
Attention: Privacy Officer
#610-207 West Hastings Street. Vancouver, BC V6B 1H7