Privacy Policy

Effective Date: February 19, 2025

INTRODUCTION

This Privacy Policy (the “Policy”) applies to the website www.nightingaleclinic.ca (the “Website”) and the services provided by Nightingale Proactive Health Management Inc. (“Nightingale Clinic”, “we” “us” or “our”). We respect your privacy and personal health information and are committed to their protection.

Please read this Policy carefully. It explains how we collect, use, handle and disclose your personal information and personal health information. 

This Policy describes our approach to privacy and how we treat your personal information and personal health information that we collect, use and store when you: (i) visit our Website; or (ii) visit and receive care either in person, by phone or by virtual visit. 

We only use your personal information in accordance with this Policy and applicable federal and provincial privacy laws. We ensure that the personal information that we collect about you is adequate, relevant, not excessive and used for limited purposes. 

COLLECTION

Information you provide directly to us: We may collect and use your personal information, including your personal health information to enable Nightingale Clinic to provide you with health care services when you: (i) complete a free initial phone call with us; (ii) create an account to access appointment availability; (iii) visit our clinic or receive virtual/telephone care; and (iv) follow up phone call, reporting of lab/medical results. 

Information collected may include contact information, username and password, payment information, and personal health information including medical or surgical history, current or past therapies, medications, test results, and specialist consults. In addition to your personal health information, we collect information such as your name, gender, date of birth, general health concerns, personal and family medical history, health card number, address and phone number, email address, and pharmacy contact for the purposes of planning and delivering health care services to you. This additional information can assist Nightingale Clinic in providing you with health care services. 

Information we collect automatically: Users should be aware that certain non-personal information and data may be automatically collected by us through “cookies”. These allow our Website to track that browser’s movement through the Website over several sessions. We use cookies only to track usage behaviour that will allow content improvements and will not use them to identify users or to track usage of the Internet other than on the Website. If you do not want a cookie placed on your computer by us, you may disable cookies altogether by modifying the “user preferences” of your chosen browser. Note that it is possible that some aspects of the Website may be unavailable to you if you choose this option.

Information we obtain from your healthcare providers and other sources: In connection with services that involve medical treatment, we may collect medical records from your past, current, and future healthcare providers. This may include information about your diagnosis, previous treatments, general health, laboratory and pathology test results and reports, social histories, any family history of illness, and records about phone calls and emails related to your health. Accessing health care information from other providers will require direct consent from you. 

HOW DO WE USE PERSONAL INFORMATION

We may use your personal information to:

·         contact you;

·         manage our relationship with you and provide you with the information you request;

·         fulfill your requests for products, services and information;

·         process insurance information or other payment information;

·         send you information about additional clinical services or general wellness from us or on behalf of our affiliates;

·         prevent potentially prohibited or illegal activities and otherwise in accordance with our Website Terms and Conditions;

·         maintain appropriate records for internal administrative purposes or as required by law; and

·         for any other purposes disclosed to you at the time we collect your information or pursuant to your consent.

STORAGE AND LOCATION OF PERSONAL INFORMATION

We use reasonable and appropriate physical, administrative and technical measures designed to help you secure your personal information against accidental or unlawful loss, access or disclosure. Only staff and service providers who have a legitimate purpose for accessing the personal information collected by us are authorized to do so.

All personal information we collect on our Website is collected via secured connections and stored on secure servers in Canada; however, personal information processed by our third-party service providers may be done outside of Canada. While outside of Canada, personal information is subject to that jurisdiction’s laws, which may permit governmental authorities the right to access your personal information.

Your personal health information is stored in electronic medical records (“EMR”) and only accessible to Nightingale Clinic health care providers directly involved in your care. We use our EMR provider, Jane Software Inc. to collect and store your personal health information as well as book appointments. Our EMR provider applies security measures to safeguard your personal health information, including but not limited to:

·       firewall barriers, SSL/TLS encryption techniques, and authentication procedures, to help protect personal information from accidental loss, theft, misuse, and unauthorized access, disclosure, alteration, and destruction;

·         using industry-standard security controls such as encryption and an SSL (Secured Sockets Layers) certificate to ensure information is transmitted over a secured connection between your browser and our web server; and

·         using data centres with appropriate security and compliance certifications, such as ISO-27001, SOC 2, among others.

For more information on our third-party service providers and how your personal health information is protected, contact us at contact@nightingaleclinic.ca. Even though we take all necessary steps to protect your personal information, security breaches cannot be eliminated and we cannot guarantee no breach will ever occur. 

We take reasonable steps to ensure that any personal information in our custody is accurate and up to date but we mostly rely on you to notify us of any changes to personal information you provide us.

We retain personal information for as long as required to provide the services for which it was collected, otherwise, in accordance with applicable legal and regulatory requirements.

SHARING OF PERSONAL INFORMATION

We do not sell, rent or disclose your personal information to third parties without your direct consent unless permitted by law. 

We may share your personal information, including your personal health information with other health care providers (other physician/nurse practitioners or allied health care providers in your circle of care, pharmacy, laboratory, medical imaging centre and facilities) for the purpose of supporting your continuity of care.  Nightingale Clinic may use Connecting Ontario Clinical Viewer, the Ontario Laboratory Information System, and OTN e-consult platform.

We may share your personal information with service providers to operate the Website. This includes potentially sharing your personal information for: (i) providing requested services or information; (ii) operating and optimizing the Website; or (iii) customer service.

Exceptionally and when required by law, we may collect, use or disclose personal information without your consent to respond to court orders, legal processes, law enforcement requests, legal claims or government inquiries, and to protect and defend the rights, interests, health, safety and security of Nightingale Clinic, our affiliates, patients, users, or the public. If we merge with another business, we will inform you of any impact on your personal information. 

VIRTUAL CARE SERVICES

Nightingale Clinic is happy to offer virtual care services to provide non-urgent, non-emergent health care services remotely, either through real-time video or during an initial 15-minute telephone consultation (during which we discuss our services). 

If you choose to use virtual services, Nightingale Clinic may request that you verify your name and birth date by showing our healthcare providers your government-issued photo ID at the start of your virtual care session. Virtual care sessions are not recorded. All relevant information collected will be stored in your EMR. 

You will be physically located in the province of Ontario when engaging in any virtual medical visits. 

Nightingale Clinic will use reasonable means to protect the security and confidentiality of information sent and received using Nightingale Clinic services.

Despite reasonable efforts to protect the privacy and security of electronic communication, it is not possible to completely secure the information. There is a risk that your health information may be intercepted or unintentionally disclosed. To help reduce this risk, please ensure you are in a private setting, on your personal device. Avoid using third-party devices to engage in virtual care services. 

Electronic communication is not an appropriate substitute for in-person or over-the-telephone communication or clinical examinations, where appropriate, or for attending the Emergency Department when needed. You are responsible for following up on the Nurse Practitioner’s electronic communication and for scheduling appointments if warranted.

YOUR CHOICES

If you provide consent to the collection, use or disclosure of personal information, you can withdraw your consent and request that we delete your personal information at any time. We will delete such information unless we are required to maintain information in accordance with applicable law.

In addition, you may have the following rights over your personal health information:

·         updating or withdrawing your consent to the use or disclosure of personal information;

·         requesting access to your personal information, including your personal health information;

·         requesting restrictions on our use or disclosure of your personal information;

·         objecting to or making a complaint to our use or disclosure of your personal information;

·         requesting that we edit or correct, but not remove, certain information (like an e-mail address);

·         requesting that we transfer to another organization the personal information you have provided us; and

·         requesting deletion of the personal information we hold about you, where permitted.

Contact us at: contact@nightingaleclinic.ca to exercise any of these rights.

CHANGES TO THIS POLICY

We may update this Privacy Policy from time to time. When we update the Privacy Policy, we will revise the “Effective Date” date above and post the new Privacy Policy. We recommend that you review the Privacy Policy each time you visit the Website to stay informed of our privacy practices.

THIRD-PARTY SITES

Our Website may lead you to third-party websites, including websites advertising other products or services. Those organizations are separate and distinct from Nightingale Clinic and have their own separate privacy policies. We are not responsible in any way for how any third party collects, uses or discloses your personal information, so it is important to familiarize yourself with the privacy policies of these websites before providing your personal information to them.

QUESTIONS

If you have any questions about this Policy or about how your personal health information is managed by Nightingale Clinic, if you have any complaints or concerns about this Policy, or if you have reason to believe that we may have failed to adhere to it, please contact us by sending an email to: contact@nightingaleclinic.ca. If after contacting us you are still not satisfied, you have the right to file a complaint with your local privacy authority.