Interdev is a leading Electronic Patient Care Reporting (ePCR) software company. We respect privacy and we are committed to protecting personal health information. Interdev as a Health Information Network Provider (HINP) is abided by the requirements of the Ontario Personal Health Information Protection Act (PHIPA) 2004.
PHIPA defines “Health Information Network Provider” or “Provider” as a person who provides services to two or more health information custodians where the services are provided primarily to custodians to enable the custodians to use electronic means to disclose personal health information to one another, whether or not the person is an agent of any of the custodians. O. Reg. 329/04, s. 6 (2).
As a corporate Citizen Interdev Technologies Inc. also adheres to the Personal Information Protection and Electronic Documents Act (PIPEDA) relating to personal information collected, used and disclosed by our organization.
WHAT IS PERSONAL HEALTH INFORMATION?
Personal Health Information (PHI) – Means information concerning: the physical or mental health of an individual; any health service provided to an individual; a donation by an individual of any body part or any bodily substance or information derived from the testing or examination of any body part or bodily substance; or information that is collected in the course of, or incidentally to, providing health services to an individual. This information can be in any form whether oral, paper based or electronic.
LEGAL AUTHORITY TO COLLECT, USE AND DISCLOSE PHI
A) Collection of PHI:
PHIPA defines collection as “collect”, in relation to personal health information, means to gather, acquire, receive or obtain the information by any means from any source, and “collection” has a corresponding meaning; (“recueillir”, “collecte”).
In the case of all Interdev Technologies software applications the emergency medical services (EMS) or other healthcare organizations are the Health Information Custodians (HICs) and therefore have the legal authority for collection of PHI. Interdev as a Health Information Network Provider does not directly collect any PHI.
B) Use of PHI:
Use under PHIPA is defined as “use”, in relation to personal health information in the custody or under the control of a health information custodian or a person, means to handle or deal with the information, subject to subsection 6 (1), but does not include to disclose the information, and “use”, as a noun, has a corresponding meaning. (“utiliser”, “utilisation”) 2004, c. 3, Sched. A, s. 2; 2006, c. 4, s. 51 (1).
In the case of iMEDIC EMS the paramedics use PHI to provide healthcare services directly to patients. Interdev Technologies provides services to a variety of health care providers including ambulance services to enable them to provide health care to the public. Our services including software and hardware provisioning, data storage, network services, computer maintenance, and user support.
C) Disclosure of PHI:
Disclosure under PHIPA is defined as “disclose”, in relation to personal health information in the custody or under the control of a health information custodian or a person, means to make the information available or to release it to another health information custodian or to another person, but does not include to use the information, and “disclosure” has a corresponding meaning; (“divulguer”, “divulgation”).
Interdev Technologies is not a health information custodian and therefore does not disclose the information of their clients at any time. This discloser is permitted as per section 38 of PHIPA which permits a disclosure of PHI to take place for the purposes of providing healthcare and if there were no consent directives from the patient or the substitute decision maker preventing such disclosure. Interdev’s role is to facilitate one HIC to disclose PHI to another HIC for the purpose of providing healthcare in a primary format.
REQUESTS FOR RELEASE OF INFORMATION
Interdev Technologies is not a health information custodian and therefore does not provide release of personal health information to patient’s or to third parties. Interdev does not sell any personal health information to third parties.
There are administrative, physical and technical safeguards implemented in all areas of the Interdev solutions including network security, application security, file security and encryption, logging and monitoring.
Without a secure work environment, our product security means nothing, so we conduct staff training periodically and also conduct audits. This ensures that our staffs are appropriately trained, that security procedures are being followed, and that our network remains secure.
Ontario Office of Information and Privacy Commissioner
Personal Health Information and Protection Act, 2004
Our Chief Privacy Officer is accountable for Interdev’s compliance with the principles and policies described here. If you have any questions, concerns or complaints about the privacy policies stated here, you can:
Call us at 1-416-739-1333
Email us at [email protected]
Write us at Attention:
Chief Privacy Officer
43 Goldthorne Ave., 2nd Floor
Toronto, ON, M8Z 5S7
Interdev reserves the right to amend this Privacy Statement along with any related provisions from time to time.