Last updated: July 18, 2022
WHOLE BODY MRI INC. (“WHOLE BODY” or “we” or “our” or “us”) respects your privacy and is committed to maintaining the privacy and security of your personal information in accordance with applicable privacy legislation, including the Personal Information Protection and Electronic Documents Act amended by the Digital Privacy Act and the Personal Health Information Protection Act.
2. Collecting Information
WHOLE BODY is committed to protecting your privacy. We collect your Information only by lawful and fair means and not in an unreasonable or obtrusive way.
(a) Information you provide:
We may collect information about you, including your name, email address, postal address, phone number, and other information you provide us when interacting with WHOLE BODY including without limitation, when you:
- book an appointment for a Service;
- use a Service;
- pay for a Service;
- where available, provide registration information and/or create an account on our website;
- provide us with feedback;
- request information from us; or
- contact us.
By submitting Information to us, you agree that we may use or disclose such Information in accordance with this Policy and as permitted or required by law. We do not, however, sell your Information to others.
(b) Automatically-Collected Information
When you browse our website, it may automatically record information about your actions on our website. We may also use third parties such as Google Analytics to help understand our website’s traffic and such third parties may collect information about your actions on our website. WHOLE BODY is not responsible for any information collected by such third parties.
3. Use and Disclosure of Your Information
(a) We may use and disclose your Information for various purposes including the following:
- to identify you;
- to ensure accuracy of information so that we may deliver quality Services to you;
- to assess your health needs;
- provide you with Services you have requested;
- to communicate with you, including to book and confirm appointments, receive your feedback and respond to your requests for information;
- to communicate with your healthcare provider where required;
- to follow-up for testing, treatment and care;
- to protect the security and integrity of our operations;
- to perform research, health surveillance statistical analysis about use of our Website and the Services (anonymous and/or numerical identification only);
- to satisfy applicable legal and regulatory requirements including those of the Ministry of Health and Long Term Care, Canadian Nuclear Safety Commission, and the College of Physicians and Surgeons of Ontario (“CPSO”) or others as required under the Independent Health Facilities Act or the Healing Arts Radiation Protection Act (or successor legislation) in a timely fashion when required, and to comply with any other agreements/undertakings entered into with CPSO or the Ministry of Health and Long Term Care;
- to enable our insurance carrier to assess liability and quantify damages, if any;
- to prepare materials for the Health Professions Appeal and Review Board
- to detect and prevent fraud;
- to refer you to a physician, where applicable;
- for administrative/management activities such as planning resources, reporting or evaluation;
- to complete and submit claims for payment to Ontario Health Insurance Plans and to other third parties (such as private health insurance plans) in order to be paid for the Services rendered;
- to collect unpaid accounts and process payments for the Services; and
- to achieve any other purposes as may from time to time be permitted by law.
(c) Except where collection, use or disclosure of Information may be justified or permitted or where we are obliged to disclose such information without consent, we will not use or disclose your Personal Information for purposes other than those for which it was collected as set out above. Such circumstances where disclosure is justified, permitted or required (subject to additional restrictions with respect to Personal Health Information) include situations where:
- the information is publicly available;
- it is impossible or impractical to seek consent;
- it is required to do so to respond to subpoenas, court orders or other legal process, or to establish or exercise our legal rights or defend against legal claims;
- we are required by law or by order of a court or tribunal;
- we believe, upon reasonable grounds, that there is an imminent risk of death or serious bodily; and
- harm to an identifiable person or group.
4. Consent to Collection, Use and Disclosure
Subject to legal, regulatory and contractual requirements, you may refuse to consent to our collection, use or disclosure of Information, or you may withdraw your consent to our further collection, use or disclosure of your Information at any time by sending written notice to us at the email address listed below under “Requests for Access and Complaints”. If you choose not to provide Information or to withdraw your consent, you may not be able to use certain features of our website and it may limit our ability to provide you with the requested Services.
We will act on your instructions as quickly as reasonably possible, but there may be certain uses of your Information that we may not be able to stop immediately. Also, our response to your request may be restricted in certain cases. For example, if you make a request to delete information and we are permitted by law or have compelling legitimate interests to keep, we will not delete such information.
5. Access to, and Accuracy of, Personal Information
You have the right to request access to your Information which we have on record by sending an email to the email address listed below under “Requests for Access and Complaints”. Upon our receipt of an email request from you for access to your Information, and subject to any applicable exemptions, if such Information is in our possession, we will give you access to that Information and the opportunity to correct or update the Information. Detailed requests which require archive or retrieval costs may be subject to your payment of costs and expenses incurred by us in retrieving same. Subject to the requirements of PHIPA, access to Information may be denied when:
- denial of access is required or authorized by law;
- information relates to existing or anticipated legal proceedings against you;
- granting access would have an unreasonable impact on another person’s privacy; or
- the request is frivolous or vexatious.
If we deny your request for access to, or refuse a request to correct Information, we will explain why. For any requests for correction of your Personal Health Information, we will respond to you within the timeframe required by PHIPA.
6. Safeguarding Personal Information
The security of your Information is one of our top priorities. In that regard, we have implemented appropriate administrative, technical and physical security procedures to help protect Information. These safeguards may vary based on the sensitivity of the Information that we collect and store. We will take reasonable steps based on the circumstances to ensure that Personal Health Information in our control is protected from theft, loss and unauthorized use or disclosure. We will endeavour to notify you if your Personal Health Information is stolen, loss or accessed by an unauthorized person.
While we do our very best to protect your Information, we cannot guarantee the security or confidentiality of the Information transmitted. As a result, we cannot ensure or warrant the security of any information you transmit to us via our website or otherwise. Any transmission is at your own risk.
We are committed to providing you with understandable and readily available information on our policies and practices related to management of your Information.
8. Third-Party Links
Our Website may contain links to other websites and certain features of our Website may be provided by third party suppliers. When you use these links or features, you are subject to the privacy and security policy of those third parties. We are not responsible for the content or practices of such third parties. The inclusion of a link to a third-party website on our Website should not be construed as our endorsement of such website.
9. Retention of Information
11. Requests for Access and Complaints
If you have additional questions, or wish to access, update or correct inaccuracies in your Information, email us at firstname.lastname@example.org and ask to be put in touch with WHOLE BODY’s Chief Privacy Officer, Dr. Nirav Patel.