OSCR is committed to protecting and safeguarding the privacy and security of the personal information provided to us by our clients. Our policy complies with the Personal Information Protection and Electronic Documents Act, the Personal Health Information Protection Act and the ten internationally accepted privacy principles.
Personal information is collected by way of forms designed to be specific to the need for collection, and is held in strict confidence and securely protected, whether in paper or electronic format, and shared as required within ‘circle of care’ only. Personal Information is used by staff in the planning and provision of care of and service for the specific client. The information is stored securely, and all staff sign confidentiality agreements and are trained in privacy requirements and standards.
A client has the right to provide or withhold consent for the collection, use or disclosure of their personal information. A client may access his/her information upon request to ensure accuracy, and to have incorrect information amended. OSCR has a Privacy Officer, who oversees OSCR’s compliance with the principles. This individual’s name and contact information is available upon request.
OSCR is in compliance with the following ten principles:
Accountability: OSCR is responsible for personal information under its control and has designated a person who is accountable for compliance.
Identifying Purposes: The purpose for collection must be identified at the time of, or prior to, collection.
Consent: The client’s knowledge and consent to our collection and use of personal information is required. This is explained to the client at move in, and the client’s signature will have been obtained.
Limited Collection: Collection of personal information is limited to that which is necessary for the purposes identified.
Limit Use, Disclosure, Retention: Personal information is not used for purposes other than those for which it was collected, except with consent.
Accuracy: Personal information shall be as accurate, complete and up-to-date as is necessary for the purposes for which it is to be used.
Safeguards: Personal information is protected by security safeguards appropriate to the sensitivity of the information.
Openness: Specific information about policies and procedures relating to OSCR's management of personal information is available to you. Contact the Privacy Officer.
Individual Access: The client may request information about the existence, use and disclosure of the personal information, and may access it. The client may challenge the completeness or accuracy of the information, and have it amended as appropriate.
Challenging Compliance: The client may address a challenge concerning compliance with the above principles to the Privacy Officer.
OSCR's Privacy Officer:
Sebastian I. Arasanz
Director of Client Services
905-827-4139, ext. 154