© 2024 Healtheon. All rights reserved.
STAY CONNECTED
Receive updates and insights directly from Healtheon.
CONTACT: info@healtheon.ca
© 2024 Healtheon. All rights reserved.
STAY CONNECTED
Receive updates and insights directly from Healtheon.
EMAIL:
info@healtheon.ca
© 2024 Healtheon.
All rights reserved.
STAY CONNECTED
Receive updates and insights directly from Healtheon.
EMAIL:
info@healtheon.ca
© 2024 Healtheon.
All rights reserved.
Privacy Policy
Privacy Policy
1. Introduction
This privacy policy explains the privacy practices of Healtheon. Our privacy policy may be amended from time to time, so we encourage you to periodically check our web site at www.HealtheonCanada.com/privacy-policy/ for the current version. Printed copies of our current privacy policy are also available by contacting our Chief Privacy Officer.
2. Our Commitment to Your Privacy
The relationship between you and Healtheon is based on trust. We value the trust you have placed in us and are taking all appropriate measures to safeguard your personal information and maintain your confidence. Healtheon has established this privacy policy to ensure that your personal information is protected and that all our practices and procedures comply with relevant personal information protection and privacy legislation. Accordingly, we adhere to the privacy principles set out below, which are based on the principles set out in Schedule 1 of the Personal Information Protection and Electronic Documents Act (Canada). As used in our privacy policy the term ‘personal information’ means information about an identifiable individual, but does not include the name, title or business address or telephone number of an employee of an organization.
3. Accountability
Healtheon is responsible for all personal information under our control.
Accountability for our compliance with this privacy policy rests with our Chief Privacy Officer, even though other individuals within Healtheon may have responsibility for the day to day collection and processing of personal information.
Contact information for our Chief Privacy Officer is set out below:
Chief Privacy Officer
Healtheon.
1006 Avenue Road
Suite 100
Toronto, Ontario
M5P 2K8
E-mail: info@Healtheon.ca
Healtheon is responsible for personal information in our possession or custody, including information that has been transferred to third parties for processing. We use contractual and other means to ensure that third parties to whom we disclose personal information for processing provide a comparable level of protection with respect to personal information in their possession or control.
4. Identifying Purposes
We will clearly identify and document the purposes for which we collect, use or disclose personal information at or before the time of collection. As part of our business operations, we may collect and use certain personal information strictly for the following purposes:
To deliver our services (e.g. Healtheon’s uninsured services plan)
To respond to service inquiries
For billing purposes
In addition, in the unlikely event that Healtheon sells all or substantially all of its assets, collected personal information will, of course, be one of the transferred assets.
Although Healtheon will use information collected to create statistics about Healtheon, such statistics will not contain any information that can personally identify individuals.
The specific uses of personal information in connection with the foregoing purposes will be limited to what a reasonable person would consider appropriate in the circumstances.
If we plan to use personal information we have collected for a purpose not previously identified, we will identify and document the purpose before such additional use. We will state the identified purposes in such a manner that you can reasonably understand how your personal information will be used or disclosed.
5. Obtaining Consent
We will collect, use and disclose personal information only with the knowledge and consent of the individual, except where inappropriate.
We will use reasonable efforts to seek your express consent for the collection, use or disclosure of your personal information at the time of collection. In some circumstances, such as where we want to use personal information for a purpose that was not previously identified, we may have to seek your consent after your personal information has been collected but before our use for that purpose.
We will not, as a condition of supplying our services to you, require you to consent to the collection, use or disclosure of personal information beyond that which is absolutely necessary.
In certain limited circumstances, as permitted or required by law, we may collect, use or disclose personal information without the knowledge or consent of the individual. Although the following list is not exhaustive, these circumstance include: (i) personal information which is publicly available as defined by regulation; (ii) circumstances where collection or use is clearly in the interests of the individual and consent cannot be obtained in a timely fashion; (iii) to investigate a breach of an agreement or a contravention of a law; (iv) to act in respect of an emergency that threatens the life, health or security of an individual; (v) for debt collection; or (vi) to comply with a subpoena, warrant or court order.
You may withdraw your consent with respect to a particular use or disclosure of your personal information at any time (subject to legal or contractual restrictions) by sending written instructions to our Chief Privacy Officer at the address set out above.
6. Limiting Collection
We will limit the amount and type of personal information collected to that which is necessary for our identified purposes and we will only collect personal information by fair and lawful means. We collect the following types of personal information from our clients:
Name
Address
Home telephone number
Work telephone number
Mobile telephone number
Credit card particulars
Bank information
7. Limiting Use, Disclosure and Retention
Healtheon does not use or disclose clients’ personal information to a third party for purposes other than those for which it is collected, except with the express consent of the individual or as required by law.
Healtheon will retain personal information only for as long as is necessary for the fulfillment of those purposes, subject to legal requirements. Currently, our policy is to maintain personal information provided by our clients for as long as the client uses our services, plus a period of 2 years from the most recent acquisition of information. After such period, our records are amended so that names are removed and the information can no longer be identified with an individual.
8. Accuracy
We will use our best efforts to ensure that personal information under our control that is used on an ongoing basis, including information that we disclose to third parties in accordance with this privacy policy, is as accurate, complete, and up-to-date as is necessary for the purposes for which it is to be used. In order to assist us in that regard, we urge you to provide us with updates regarding such information and to inform us of any errors affecting your personal information that we hold on your behalf.
9. Safeguards
We protect personal information with safeguards appropriate to the sensitivity of the information. We employ appropriate safeguards to protect personal information against loss or theft, as well as unauthorized access, disclosure, copying, use or modification, regardless of the format in which the information is held. We make our employees and business partners aware of the importance of maintaining the confidentiality of personal information, and we will exercise appropriate care in the disposal or destruction of personal information to prevent unauthorized parties from gaining access to the information.
Our methods of protection include physical measures (for example, locked filing cabinets and restricted access to offices), organization measures (for example, limiting access on a ‘need to know’ basis), and technological measures (for example, the use of passwords and encryption, firewalls, backups).
10. Openness
We will make specific information about our policies readily available, except to the extent that it is confidential commercial information.
The information we will make available will include: (i) how to gain access to your personal information; (ii) the type of personal information held by us, including a general account of its use; (iii) general information concerning our privacy policy; (iv) what personal information is made available to third parties; and (v) how to contact our Chief Privacy Officer.
Copies of the current version of our privacy policy are available in our offices and by contacting our Chief Privacy Officer. Our privacy policy can also be viewed at our website at www.HealtheonCanada.com/privacy-policy/
11. Access
Upon written request addressed to our Chief Privacy Officer, we will inform an individual of the existence, use and disclosure of his or her personal information and we will give the individual access to that personal information. An individual can challenge the accuracy and completeness of his or her personal information under our control and have it amended as appropriate.
We will respond to an individual’s written request within a reasonable time (generally within 30 days) and we will assist any individual who informs us that they need assisting in preparing a request. We may require an individual to provide sufficient information to permit us to provide an account of the existence, use and disclosure of personal information. While our response will typically be provided at no cost to the individual, depending on the nature of the request and the amount of information involved, we reserve the right to impose a reasonable cost. In these circumstances, we will inform the individual of the approximate cost to provide the response and proceed upon payment by the individual of the cost. Requested information will be provided or made available in a form that is understandable. Where possible, we will indicate the source of the information.
If you feel that the personal information we hold is inaccurate or incomplete you are invited to advise our Chief Privacy Officer of such inaccuracies and ask that we amend the personal information. Any such request must be in writing.
In providing an account of third parties to which we may have disclosed personal information about an individual, we will attempt to be as specific as possible. When it is not possible to provide a list of the organizations to which we have actually disclosed personal information, we will provide a list of organizations to which we may have disclosed the personal information.
If an individual successfully demonstrates an inaccuracy or incompleteness of his or her personal information under our control, we will amend the personal information as appropriate. If a challenge is not resolved to the satisfaction of the individual, we will record the substance of the unresolved challenge. Where appropriate, the amended information or the existence of the unresolved challenge, as the case may be, will be transmitted to third parties having access to the information in question.
In certain situations, we may refuse a request or not be able to provide access to all the personal information we hold about an individual. Exceptions to the access requirement will be limited and specific, as permitted or required by law. Where permitted, the reasons for denying access will be provided to the individual upon request. Although the following list is not exhaustive, exceptions may include: (i) information that contains references to other individuals or contains confidential commercial information, where such information cannot be severed from the record; (ii) information collected in the course of investigating a breach of an agreement or in the course of a formal dispute resolution process; and (iii) information that is subject to solicitor-client privilege.
12. Challenging Compliance
If you are not completely satisfied with our privacy policy wish to submit comments or concerns regarding our privacy practices, we invite you to contact our Chief Privacy Officer. We will thoroughly investigate all written complaints addressed to our Chief Privacy Officer. If we find a written complaint to be justified, we will take all appropriate measures, including, if necessary, amending our policies and practices.
If for any reason you are not satisfied with the results of our investigation of and responses to your complaint, you may file a complaint with the Office of the Federal Privacy Commissioner:
Federal Privacy Commissioner
112 Kent Street,
Ottawa, Ontario,
K1A 1H3,
Telephone: 1-800-282-1376.
1. Introduction
This privacy policy explains the privacy practices of Healtheon. Our privacy policy may be amended from time to time, so we encourage you to periodically check our web site at www.HealtheonCanada.com/privacy-policy/ for the current version. Printed copies of our current privacy policy are also available by contacting our Chief Privacy Officer.
2. Our Commitment to Your Privacy
The relationship between you and Healtheon is based on trust. We value the trust you have placed in us and are taking all appropriate measures to safeguard your personal information and maintain your confidence. Healtheon has established this privacy policy to ensure that your personal information is protected and that all our practices and procedures comply with relevant personal information protection and privacy legislation. Accordingly, we adhere to the privacy principles set out below, which are based on the principles set out in Schedule 1 of the Personal Information Protection and Electronic Documents Act (Canada). As used in our privacy policy the term ‘personal information’ means information about an identifiable individual, but does not include the name, title or business address or telephone number of an employee of an organization.
3. Accountability
Healtheon is responsible for all personal information under our control.
Accountability for our compliance with this privacy policy rests with our Chief Privacy Officer, even though other individuals within Healtheon may have responsibility for the day to day collection and processing of personal information.
Contact information for our Chief Privacy Officer is set out below:
Chief Privacy Officer
Healtheon.
1006 Avenue Road
Suite 100
Toronto, Ontario
M5P 2K8
E-mail: info@Healtheon.ca
Healtheon is responsible for personal information in our possession or custody, including information that has been transferred to third parties for processing. We use contractual and other means to ensure that third parties to whom we disclose personal information for processing provide a comparable level of protection with respect to personal information in their possession or control.
4. Identifying Purposes
We will clearly identify and document the purposes for which we collect, use or disclose personal information at or before the time of collection. As part of our business operations, we may collect and use certain personal information strictly for the following purposes:
To deliver our services (e.g. Healtheon’s uninsured services plan)
To respond to service inquiries
For billing purposes
In addition, in the unlikely event that Healtheon sells all or substantially all of its assets, collected personal information will, of course, be one of the transferred assets.
Although Healtheon will use information collected to create statistics about Healtheon, such statistics will not contain any information that can personally identify individuals.
The specific uses of personal information in connection with the foregoing purposes will be limited to what a reasonable person would consider appropriate in the circumstances.
If we plan to use personal information we have collected for a purpose not previously identified, we will identify and document the purpose before such additional use. We will state the identified purposes in such a manner that you can reasonably understand how your personal information will be used or disclosed.
5. Obtaining Consent
We will collect, use and disclose personal information only with the knowledge and consent of the individual, except where inappropriate.
We will use reasonable efforts to seek your express consent for the collection, use or disclosure of your personal information at the time of collection. In some circumstances, such as where we want to use personal information for a purpose that was not previously identified, we may have to seek your consent after your personal information has been collected but before our use for that purpose.
We will not, as a condition of supplying our services to you, require you to consent to the collection, use or disclosure of personal information beyond that which is absolutely necessary.
In certain limited circumstances, as permitted or required by law, we may collect, use or disclose personal information without the knowledge or consent of the individual. Although the following list is not exhaustive, these circumstance include: (i) personal information which is publicly available as defined by regulation; (ii) circumstances where collection or use is clearly in the interests of the individual and consent cannot be obtained in a timely fashion; (iii) to investigate a breach of an agreement or a contravention of a law; (iv) to act in respect of an emergency that threatens the life, health or security of an individual; (v) for debt collection; or (vi) to comply with a subpoena, warrant or court order.
You may withdraw your consent with respect to a particular use or disclosure of your personal information at any time (subject to legal or contractual restrictions) by sending written instructions to our Chief Privacy Officer at the address set out above.
6. Limiting Collection
We will limit the amount and type of personal information collected to that which is necessary for our identified purposes and we will only collect personal information by fair and lawful means. We collect the following types of personal information from our clients:
Name
Address
Home telephone number
Work telephone number
Mobile telephone number
Credit card particulars
Bank information
7. Limiting Use, Disclosure and Retention
Healtheon does not use or disclose clients’ personal information to a third party for purposes other than those for which it is collected, except with the express consent of the individual or as required by law.
Healtheon will retain personal information only for as long as is necessary for the fulfillment of those purposes, subject to legal requirements. Currently, our policy is to maintain personal information provided by our clients for as long as the client uses our services, plus a period of 2 years from the most recent acquisition of information. After such period, our records are amended so that names are removed and the information can no longer be identified with an individual.
8. Accuracy
We will use our best efforts to ensure that personal information under our control that is used on an ongoing basis, including information that we disclose to third parties in accordance with this privacy policy, is as accurate, complete, and up-to-date as is necessary for the purposes for which it is to be used. In order to assist us in that regard, we urge you to provide us with updates regarding such information and to inform us of any errors affecting your personal information that we hold on your behalf.
9. Safeguards
We protect personal information with safeguards appropriate to the sensitivity of the information. We employ appropriate safeguards to protect personal information against loss or theft, as well as unauthorized access, disclosure, copying, use or modification, regardless of the format in which the information is held. We make our employees and business partners aware of the importance of maintaining the confidentiality of personal information, and we will exercise appropriate care in the disposal or destruction of personal information to prevent unauthorized parties from gaining access to the information.
Our methods of protection include physical measures (for example, locked filing cabinets and restricted access to offices), organization measures (for example, limiting access on a ‘need to know’ basis), and technological measures (for example, the use of passwords and encryption, firewalls, backups).
10. Openness
We will make specific information about our policies readily available, except to the extent that it is confidential commercial information.
The information we will make available will include: (i) how to gain access to your personal information; (ii) the type of personal information held by us, including a general account of its use; (iii) general information concerning our privacy policy; (iv) what personal information is made available to third parties; and (v) how to contact our Chief Privacy Officer.
Copies of the current version of our privacy policy are available in our offices and by contacting our Chief Privacy Officer. Our privacy policy can also be viewed at our website at www.HealtheonCanada.com/privacy-policy/
11. Access
Upon written request addressed to our Chief Privacy Officer, we will inform an individual of the existence, use and disclosure of his or her personal information and we will give the individual access to that personal information. An individual can challenge the accuracy and completeness of his or her personal information under our control and have it amended as appropriate.
We will respond to an individual’s written request within a reasonable time (generally within 30 days) and we will assist any individual who informs us that they need assisting in preparing a request. We may require an individual to provide sufficient information to permit us to provide an account of the existence, use and disclosure of personal information. While our response will typically be provided at no cost to the individual, depending on the nature of the request and the amount of information involved, we reserve the right to impose a reasonable cost. In these circumstances, we will inform the individual of the approximate cost to provide the response and proceed upon payment by the individual of the cost. Requested information will be provided or made available in a form that is understandable. Where possible, we will indicate the source of the information.
If you feel that the personal information we hold is inaccurate or incomplete you are invited to advise our Chief Privacy Officer of such inaccuracies and ask that we amend the personal information. Any such request must be in writing.
In providing an account of third parties to which we may have disclosed personal information about an individual, we will attempt to be as specific as possible. When it is not possible to provide a list of the organizations to which we have actually disclosed personal information, we will provide a list of organizations to which we may have disclosed the personal information.
If an individual successfully demonstrates an inaccuracy or incompleteness of his or her personal information under our control, we will amend the personal information as appropriate. If a challenge is not resolved to the satisfaction of the individual, we will record the substance of the unresolved challenge. Where appropriate, the amended information or the existence of the unresolved challenge, as the case may be, will be transmitted to third parties having access to the information in question.
In certain situations, we may refuse a request or not be able to provide access to all the personal information we hold about an individual. Exceptions to the access requirement will be limited and specific, as permitted or required by law. Where permitted, the reasons for denying access will be provided to the individual upon request. Although the following list is not exhaustive, exceptions may include: (i) information that contains references to other individuals or contains confidential commercial information, where such information cannot be severed from the record; (ii) information collected in the course of investigating a breach of an agreement or in the course of a formal dispute resolution process; and (iii) information that is subject to solicitor-client privilege.
12. Challenging Compliance
If you are not completely satisfied with our privacy policy wish to submit comments or concerns regarding our privacy practices, we invite you to contact our Chief Privacy Officer. We will thoroughly investigate all written complaints addressed to our Chief Privacy Officer. If we find a written complaint to be justified, we will take all appropriate measures, including, if necessary, amending our policies and practices.
If for any reason you are not satisfied with the results of our investigation of and responses to your complaint, you may file a complaint with the Office of the Federal Privacy Commissioner:
Federal Privacy Commissioner
112 Kent Street,
Ottawa, Ontario,
K1A 1H3,
Telephone: 1-800-282-1376.