Privacy of personal information is an important principle to us at the Design Your Life Centre. We are committed to collecting, using and disclosing personal information responsibly and only to the extent necessary for the services we provide.
Our policy is made under the Personal Information Protection and Electronic Documents Act. It is also determined by and complies with The Ontario Personal Information Act. Our policy to protect your privacy is more stringent than the legislation required because of our Psychologists’ Ethical Code.
We strive to be open and transparent regarding how we handle personal information. This document describes our privacy policies.
What is Personal Information?
Personal information is information about an identifiable individual. It includes information that relates to:
- personal characteristics (e.g., gender, age, income, home address or phone number, ethnic background, family status)
- health (e.g., health history, health conditions, health services received by them)
- activities and views (e.g., occupation/profession, ideas, concerns)
Personal information is different from business information (e.g., an individual’s business address and telephone number). This is not protected by privacy legislation.
PURPOSES FOR COLLECTING PERSONAL INFORMATION
We collect, use and disclose personal information only to provide psychological services to clients. For example, we collect information about a client’s health history, including their family history, physical condition and function and social situation in order to help assess what their health needs are, to advise them of their options and then to provide the psychological services they choose to receive.
Another important reason for collecting personal information is to obtain a baseline of health and social information so that we can monitor treatment progress and identify changes that occur over time.
In some situations, we collect personal information to conduct an assessment to provide a professional opinion about an individual’s psychological functioning. With the client’s informed and written consent, that opinion would be reported to the appropriate person or agency (e.g., to a referring fertility clinic, or an insurance company).
It would be rare for us to collect such information without the client’s expressed consent. However, this might occur in an emergency (e.g., the client is unconscious) or where I believe the client would consent if asked and it is impractical to obtain consent (e.g., a family member passing a message on from our client and we have no reason to believe that the message is not genuine).
For Members of the General Public
For members of the general public, our primary purpose for collecting personal information (e.g., contact phone numbers, email addresses) is to make them aware of the range of psychological services we provide.
Like other health care practices, we must also collect, use, and disclose information for several other reasons. The most common examples include the following:
- To invoice clients for unpaid services, to process credit card payments, or to collect unpaid accounts.
- Psychologists in autonomous practice are regulated by the College of Psychologists of Ontario (CPO), which by law may inspect our records and interview us as part of its regulatory activities in the public interest (the CPO has its own strict privacy obligations).
- The cost of some services we provide to clients is sometimes paid for by third parties (e.g., insurance companies). These third-party payers often have your consent or legislative authority to direct us to collect and disclose to them information that demonstrates client entitlement to funding.
PROTECTING PERSONAL INFORMATION
We understand the importance of protecting personal information. We have therefore taken the following steps:
- Paper information is either under supervision or secured in a locked and restricted area.
- Electronic hardware is either under supervision or secured in a locked and restricted area at all times. Encryption and passwords are used on computers.
- Paper information is transmitted through sealed, addressed envelopes or boxes by reputable couriers or Canada Post.
- If Dr. Stacy were to become incapacitated or die, your records would be placed in the care of another psychologist for protection, not examination. If you were to see another psychologist, your records could be sent to her or him at your written request.
CONFIDENTIALITY & LIMITS TO THE PROTECTION OF PERSONAL INFORMATION
Everything that you share with us during our sessions is confidential. No information we obtain about you can be released to anyone without your expressed written consent. However, there are some limits to confidentiality that are true for all health care providers in Ontario. These few exceptions are designed to ensure your safety and the safety of the general public. They are as follows:
- If you give us reason to believe that you are at risk of harming yourself or someone else, We have a duty to share whatever information is necessary to ensure that you and/or others are safe
- If you give us reason to believe that a child is being abused, we have a duty to report that information to the Children’s Aid Society
- If you tell us that you have been sexually abused by a health professional, we have a duty to report that information to the relevant regulating organization for that professional.
- If our records are subpoenaed by the court.
- As part of our ongoing professional development, we may consult with other health and mental health professionals about a case. During a consultation, no identifying information about patients is revealed. The other health professionals are also legally bound to keep the information confidential. All consultations will be documented in the clinical file.
We will use reasonable means to protect the security and confidentiality of email information sent and received. However, because of the risks outlined below, we cannot guarantee the security and confidentiality of email communication.
Transmitting information via email poses several risks of which clients should be aware. Clients should not agree to communicate with us via email without understanding and accepting these risks. These risks include, but are not limited to the following:
The privacy and security of email communication cannot be guaranteed
- Employers and online services may have a legal right to inspect emails that pass through their system
- Email is easier to falsify than hand written or signed hard copies. In addition, it is impossible to verify the true identity of the sender or to ensure that only the recipient can read the email once it is sent.
- Emails can introduce viruses into a computer system and could potentially damage or disrupt the computer
- Email can be forwarded, intercepted, circulated, stored or even changed without the knowledge or permission of the sender or recipients
- Email senders ca easily misaddress an email resulting in it being sent to many unintended and unknown recipients
- Email is indelible. Even when deleted by both sender and recipient, back up copies may exist on a computer or I cyberspace
- Use of email to discuss sensitive information can increase the risk of such information being disclosed to third parties
- Email can be used as evidence in court
Consent to the use of email includes agreement with the following conditions:
- Any emails concerning your treatment are part of your clinical record
- If an email you send to us requires a response and you have not received a response in a reasonable time frame, it is your responsibility to follow up to determine whether the intended recipient received the email and when you can expect a response
- We are not responsible for information loss due to technical failures associated with a client’s email software or internet service provider.
Instructions for communication by email:
- Avoid using an employer’s or other third party’s computer
- Take reasonable precautions to preserve confidentiality
- Withdraw consent only by email or written communication to Stacy Thomas, Ph.D., C.Psych.
RETENTION AND DESTRUCTION OF PERSONAL INFORMATION
We retain personal information for some time to ensure we can answer any questions clients might have about the services provided and for our own accountability to external regulatory bodies. We retain client information for a minimum of 10 years after the last contact so we can reference the records from previous assessment or treatment services provided for clients who seek services on an ongoing basis. The College of Psychologists of Ontario also requires us to retain client records for ten years.
We destroy electronic information by deleting it and, when the hardware is replaced or discarded, we ensure that the hard drive is physically destroyed. All paper information is destroyed through shredding.
You Can Look at Your Information
With only a few exceptions, you have the right to see what personal information we hold about you. All you have to do is ask. We will also try to help you understand any information you do not understand (e.g., short forms, technical language, etc.). We will ask you to confirm your identity before providing you with this access. We reserve the right to charge a nominal fee for such requests and we may ask you to put your request in writing. If we cannot give you access, I will tell you the reason within 30 days of receiving your request.
If you believe there is a mistake in your information, you have the right to ask for it to be corrected. This applies to factual information and not to any professional opinions we may have formed. We may ask you to provide documentation proving that our files are wrong. Where we agree that we made a mistake, we will make the correction and, where appropriate, notify anyone to whom we sent this information. If we do not agree that we have made a mistake, we will agree to include in your file a brief statement from you on the point and, as appropriate, we will forward that statement to anyone else who received the earlier information.
Do You Have a Concern?
If you wish to make a formal complaint about our privacy practices, you may make it in writing to Dr. Stacy Thomas and she will acknowledge receipt of your complaint, investigate it promptly and ensure that you are provided with a formal written decision with reasons.
If you have a concern about the professionalism or competence of anyone at The Design Your Life Centre, we would ask you to discuss those concerns with Dr. Stacy Thomas and your treating practitioner if not being provided services by Dr. Stacy Thomas directly. If we cannot satisfy your concerns, you are entitled to complain to Dr. Stacy’s regulatory body, and the regulatory body of your treating therapist:
The College of Psychologists of Ontario
110 Eglinton Avenue West, Suite 500
Toronto, Ontario M4R 1A3
Phone: (416) 961-8817 | (800) 489-8388 | Fax (416) 961-2635
The College of Registered Psychotherapists of Ontario
375 University Avenue, Suite 803
Toronto, ON M5G 2J5
Phone: 416-479-4330 Toll-free: 1-844-712-1364 Fax: 416-639-2168
The College of Occupational Therapists of Ontario
20 Bay Street, Suite 900, PO Box 78
Toronto, ON, M5J 2N8
Phone: 416.214.1177 Toll-Free: 1.800.890.6570 Fax: 416.214.1173
For more general inquiries, the Information and Privacy Commissioner of Ontario oversees the administration of the privacy legislation and acts as a kind of ombudsman for privacy disputes. They can be reached at:
Information and Privacy Commissioner of Ontario
2 Bloor Street East, Suite 1400
Toronto, Ontario M4W 1A8
Phone (416) 326-3333 | 800-387-0073 | Fax (416) 325-9195 | TTY (416) 325-7539