Privacy Policy
What is Personal Health Information?
Personal health information is data that can be used to identify a person and details of their healthcare. This may include contact information (e.g., name, address, telephone number, e-mail address), personal characteristics (e.g., age, gender, cultural/ethnic background), and health details (e.g., presenting issues, health history, medical/mental health conditions, treatments being received).
Collection and Use of Personal Health Information:
In order to provide healthcare services, Healing Hearts and Breaking Cycles will collect some personal health information about you. We may also ask you to complete questionnaires or other self-report tests to enable a better understanding of your health-related function and treatment needs.
The primary purpose of collecting this information is so we may:
Evaluate your health-related needs;
Recommend appropriate treatment options; and
Provide therapy and related healthcare.
Third party payers, when applicable, may request specific information about your healthcare:
Extended-health benefits insurers, for example, often have your consent for us to release information about session dates, duration and the clinical provider’s information (name, title, registration number); and
Auto insurers, WSIB, Long-Term Disability insurers and legal representatives may request information related to your health conditions, treatment needs, treatment progress and disability in order to make determinations of your entitlement to funding.
Electronic Communication of Personal Health Information (“E-mail”):
Healing Hearts and Breaking Cycles offers e-mail communication as a method of contact between yourself and our clinic. We use e-mail to provide appointment confirmations and reminders, and to send invoices for services rendered. We may also use e-mail to communicate with you about appointment bookings and cancellations if we cannot reach you by telephone (or if you request we use e-mail as a primary method of contact).
E-mail is convenient and efficient; however, communicating by e-mail also encompasses risks that should also be considered.
E-mail is not recognized as a secure form of communication. Risks of transmitting your information by e-mail include, but are not limited to, the following:
The privacy and security of e-mail communication cannot be guaranteed;
E-mail is easier to falsify than phone, fax or mail. It is also impossible to verify the true identity of the sender, or to ensure that only the recipient can read the e-mail once it has been sent;
E-mail can introduce viruses into a computer system, and potentially damage or disrupt the computer;
E-mail can be forwarded, intercepted, circulated, stored, or even changed without the knowledge or permission of the sender or recipient. E-mail senders can easily misaddress an e-mail, resulting in it being sent to unintended and unknown recipients; and
E-mail creates a permanent record. Even after the sender and recipient have deleted their copies of the e-mail, back-up copies may exist on a computer or in cyberspace.
We will use reasonable means to protect the security and confidentiality of e-mail information sent and received. However, because of the risks outlined above, we cannot guarantee the security and confidentiality of e-mail communication.
Consent to the use of e-mail indicates your agreement with the following conditions:
E-mails from you containing clinically relevant information may be printed in full and made part of your clinical record. Because these would become part of your clinical record, other individuals authorized to access the clinical record will have access to those e-mails.
We will make reasonable efforts to read and respond to e-mails promptly. However, we cannot guarantee that any particular e-mail will be read and responded to within any particular period of time. Therefore, e-mail should not be used for emergencies or other time-sensitive matters.
E-mail communication is not an appropriate substitute for treatment. You are responsible for following up with us to schedule appointments.
If your e-mail requests a response from us and you have not received a response within a reasonable time period, it is your responsibility to follow up to confirm we did indeed receive your e-mail.
E-mail should not be used to discuss sensitive personal health information, such as that related to mental health, disability or substance use. Therefore, we will not discuss such matters over e-mail.
E-mail communication is voluntary. Please advise us if you do not wish to engage in e-mail communication, and we will remove your e-mail address from our system.
Tele-Health Services:
Virtual care is offered through a secure and encrypted videoconferencing platform, which meets the State of Texas privacy laws and is HIPAA compliant. Virtual care requires the use of a webcam or smartphone, and a link to the virtual session will be provided by e-mail prior to the session. We highly recommend you test your video/audio settings the day before your session,. In the event of technical problems during your session, a back-up plan (e.g., a phone number where you can be reached) will be used to restart the session or to reschedule it. We may elect to use a different videoconferencing platform; the benefits/risks of that platform will be discussed with you prior to beginning virtual sessions.
The laws and professional standards that apply to regular mental health services apply to virtual and telephone-based care.
There are exceptions to client confidentiality policies that exist for regular therapy; these also apply to virtual and telephone-based services. The exceptions are provided in the “Disclosure of Personal Health Information” section below.
You have the right to withdraw your consent at any time. It will not affect your right to further treatment.
Your Clinician has the right, at any time, to determine if virtual and/or telephone-based sessions are not appropriate for your care. Should this be determined, your Clinician will suggest alternative ways to continue your therapy.
Despite best efforts to ensure high standards of technology, there is always a risk that services could be disrupted or distorted by unforeseen technical problems.
It is important to be in a quiet, private space that is free of distractions during the session.
It is important to use a secure internet connection rather than public/free Wi-Fi.
For child/adolescent clients, permission of your parent/legal guardian (and their contact information) is required to engage in tele-sessions.
Access to Your Personal Health Information & Requests for Correction:
With a few exceptions, you have the right to access or amend your personal health information. This means that you may request to read clinical notes in your file, ask for corrections to be made to factual information, and for a copy of your health information.
In these cases, the therapist will review the clinical notes with you and can help you understand any information that is not clear (e.g., short-forms, technical terms, etc.). Copies of your file will take time to provide due to the busy nature of our clinic – we will provide an estimate of the timeframe and cost when your request is made.
If we cannot give you access, we will advise you in writing within 30 days if possible, and will outline the reason, as best we can, as to why we cannot give you access.
Storage and Destruction of Personal Health Information:
A record containing your personal health information and information about your therapy sessions and other materially relevant interactions are maintained in a secured place while you are engaged in FBH’s services.
We are required to retain your personal health information for a period of 7 years after our last contact with you (for adults) or 10 years after you turn 18 years of age (for children), whichever is later. Any personal health information that is stored electronically is protected by appropriate security measures (e.g., PHIPA-compliant software that includes bank-level encryption). After 7 years, your personal information is destroyed in a secure manner that protects your privacy.