NOTICE OF PRIVACY PRACTICES - PIPEDA
THIS NOTICE DESCRIBES HOW MEDICAL INFORMATION ABOUT YOU MAY BE USED AND DISCLOSED AND HOW YOU CAN GET ACCESS TO THIS INFORMATION. PLEASE REVIEW IT CAREFULLY.
As of January 1, 2004, all Canadian businesses are required to comply with the privacy principles set out by PIPEDA. The Act covers both traditional, paper-based and on-line business. GMMI works with and on behalf of Canadian businesses and complies with PIPEDA law as it pertains to medical information. PIPEDA sets out ten central privacy principles, namely: Accountability Identifying Purpose Consent Limiting Collection Limiting Use, Disclosure, and Retention Accuracy Safeguards Openness Individual Access and Challenging Compliance. The Personal Information Protection and Electronic Documents Act (PIPEDA) protects personal information in the hands of private sector organizations and provides guidelines for the collection, use and disclosure of that information in the course of commercial activity. The Act, based on ten privacy principles developed by the Canadian Standards Association, is overseen by the Privacy Commissioner of Canada and the Federal Court. PIPEDA defines personal information as "information about an identifiable individual" that includes any factual or subjective information, recorded or not, in any form. Under PIPEDA personal information does not include the name, business title, business address, or business telephone of any employee, i.e. information on a business card. The legislation also covers sensitive personal information, which may include health or medical history, racial or ethnic origin, political opinions, religious beliefs, trade union membership, financial information and sexual preferences.