Personal information is defined as information about an identifiable individual, either alone or when combined with other information. Personal information includes personal health information defined as information concerning the physical or mental health of an individual.
The Company enables regulated and allied health care professionals (“Authorized Clinicians”) to provide health care services to your child. This includes gathering, storing, and processing information related to the observation, examination, assessment, care, service, or procedure that is provided by an Authorized Clinician to you or your child to diagnose, treat, or maintain the child’s wellbeing and overall health (the “Service” or “Services”).
In providing these Services, the Company manages personal information, including personal health information, on behalf of Authorized Clinicians. The Company retains custody and control of the personal information as an information custodian whereas the information is stored by our third-party service providers including our electronic medical records (“EMR”) provider. Authorized Clinicians may be subject to federal and/or provincial privacy laws. To clarify, we collect personal information through our website. We are the custodian for personal health information provided by you to Authorized Clinicians in our EMR.
Collection of Personal Information and Personal Health Information
While using our Service, you may be asked to provide the following types of personal information. The personal information is collected and stored on the Company’s systems or on the servers of the Company’s service providers. This personal information may include personal health information that is collected by Authorized Clinicians in order to provide you with Services.
We describe below the categories and types of personal information collected. The list below is comprehensive but not exhaustive. We may collect additional information that is not specifically listed here.
The Company collects the following types of data:
1. Personal Information – This includes, but is not limited to, your first and last name, your child’s full name, date of birth, gender, contact information, health card number. In addition, we collect information while you browse our website, such as your IP address, browser type and device type. Finally, if you pay for Service using a credit card, we collect the last four digits of your credit card number. We rely on a third-party payment processor to collect and store your payment information.
The Company may also use your personal information to better understand your preferences and recommend Services that may be relevant to you or your child.
2. Personal Health Information – This includes information about your family history and your child’s health. This information includes, but is not limited to, medical history, ailment information, family medical history, and other healthcare providers within your circle of care or as you direct (e.g. family physician).
This information is used to provide you with Services. Moreover, as Authorized Clinicians use this data to provide Services, this information may be subject to policies and regulations governing Authorized Clinicians and their staff, including internal Company policies as well as governing regulations from provincial and federal licensing and certification bodies.
Sharing Personal Information
Our Company will not share your personal information for any purpose to any external parties except as specified in this policy, including:
Sharing with our service providers: we employ third-party service providers (e.g. EMR, back-end data analysis, website hosting, payment processing and support) in Canada and internationally, to facilitate or provide certain services on our behalf. These third-party service providers have access to your personal information or personal health information only to perform these tasks on our behalf and are contractually bound not to disclose or use it for any other purpose.
Personalized content and advertising: we may use personal information such as browsing data to deliver customized content within the Service. If we share this browsing data with third parties, we will de-identify and aggregate the data prior to sharing. We will use personal information for advertising only when users opt in and consent to marketing activities. This personal information will never be shared outside of the platform.
Business transfers: we may share or transfer your personal information in connection with, or during negotiations of, any merger, sale of Company assets, financing, or acquisition of all or a portion of our business to another company. We will provide notice before your personal information is transferred.
As permitted or required by law: under certain circumstances, the Company may be required by law to disclose personal information in connection with a law enforcement investigation, a legal or regulatory proceeding or in response to valid requests by public authorities (e.g., a court or a government agency).
For continuity of care: we may share personal information among healthcare providers, including your healthcare team, who assist in the provision of healthcare to your child.
De-identified or Aggregated Data
Our Company may collect or share de-identified or aggregated data generated from users who interact with our Service for analytical purposes and/or to improve user experience on our website (www.kixcare.com).
De-identified or aggregated data may be derived from your personal information, including personal health information, but are not considered personal information at law as this data does not directly or indirectly reveal your identity. However, if we combine or connect the data with your personal information to the extent that you can be directly or indirectly identified, we treat the combined data as personal information which will be used in accordance with this policy.
Our Company may communicate with you regarding Company information, changes to our service offerings, details of upcoming events or activities. Any marketing communications is on an opt-in basis.
Should you decide that you no longer wish to receive marketing communications, you may unsubscribe from our marketing communications by clicking the “unsubscribe” link located on the bottom of our e-mails, updating your communication preferences, or by contacting us email@example.com with the subject line Attention: Privacy . However, we may still contact you for administrative and technical purposes. Withdrawing consent will not apply to actions we have already taken based on your prior consent.
Retention of Personal Information
As noted above, our Company may rely on external service providers who are located in Canada or internationally. Some personal information collected by the Company may therefore be retained in countries other than Canada where privacy laws may offer different levels of protection, and personal information may be subject to access by and disclosure to law enforcement agencies in those jurisdictions. Personal health information stored by our HIPAA and PIPEDA compliant EMR vendors are stored on servers located in Canada.
Safeguarding Your Personal Information
The security of your personal information is important to us. We are committed to implementing security safeguards that are appropriate to the sensitivity of the personal information we hold. As part of the Company’s commitment to privacy, we take appropriate and reasonable technical, physical and administrative security measures to safeguard your personal information from such risks as unauthorized access, collection, use, disclosure, copying, modification, disposal or destruction.
You can keep your personal information secure by safeguarding your account details including password information. We encourage you to take active measures to protect your account, including by choosing a unique and strong password.
Please note that no method of data transmission over the internet or otherwise, or method of electronic storage, can be guaranteed to be completely secure. As a result, while we strive to protect your personal information, we cannot warrant the security of any information you transmit to us, and you do so at your own risk.
If you have a security related concern, please contact us at firstname.lastname@example.org. We will work closely with you to ensure a quick and personal response to your concerns.
Correcting or Accessing Your Personal Information
We rely on you to ensure that the personal information you enter into the Service is as accurate, complete and up to date as necessary for the purposes for which it is intended to be used. You may review and update your personal information by accessing your account settings located within your user profile on our patient portal at https://kixcare.inputhealth.com/.
You have a right to access and correct your personal information held by the Company. You also have a right to know if your personal information has been shared with any third parties. To access or correct personal information we have about you, please contact us. The Company reserves the right, as permitted by applicable federal and provincial privacy legislation, to charge a reasonable fee for copying the requested information. Unless required by law, we may reject requests that are unreasonably repetitive, require disproportionate technical effort, risk the privacy of others, or for other legal basis. We will provide you an explanation for the reason for any such denial of access.
Protecting the personal information and privacy of children is paramount. Our Services are intended for use by persons 14 years of age and older. The parent or legal guardian of a child may register an account on our website on behalf of a child to be used by the parent or legal guardian or by the child. Please do not use the Website or Services at any time or for any reason if you are under the age of 14 years, without the consent of a parent or legal guardian. By using the Website or Services, you affirm that you are 14 years old or older.
If you have any questions or a complaint about our privacy practices, please contact us in writing at email@example.com. If our representative is unable to resolve the concern, or if there is a further complaint, you have the option to contact your respective provincial privacy commissioner or the Privacy Commissioner of Canada at (www.privcom.gc.ca) or at 112 Kent Street, Ottawa, ON, K1A 1H3, Toll Free: 1-800-282-1376, Fax: (613) 947-6850.