Protection of Personal Information
PROTECTION OF PERSONAL INFORMATION
PROTECTION OF PERSONAL INFORMATION
Dr. Daniel Tanguay’s Clinic is committed to ensuring the protection of all personal information collected and used in its activities.
Objectives of Information Collection
Our personal information protection policy outlines the standards for collecting, using, disclosing, and preserving your personal information. It also explains the measures we take to protect your personal information and your right to access this data.
Personal information is defined as any data or combination of data related to an individual that can identify them. However, information such as a person’s name and professional contact details, including title, address, phone number, and professional email, is not considered personal information. It is imperative to protect personal information, regardless of its medium or format, whether written, graphical, audio, visual, computerized, or otherwise.
When collecting information about you, we first seek your written consent for collection, use, or disclosure for the specified purpose. We will request your consent for each new use, disclosure, or collection of personal information or in case of changes to the initial purposes of collection. Our company is committed to using the provided information only for the purposes for which it was collected and retaining it for the period necessary to fulfill the requested service. However, we may collect, use, or disclose this information without your consent when permitted or required by law. In specific circumstances, we may collect, use, or disclose personal information without notifying you or obtaining your consent. This may occur for legal, medical, or security reasons, when obtaining your consent is impossible or unlikely, or when the information is necessary for investigating a potential contract violation, preventing or detecting fraud, or enforcing the law.
Limits on Collection, Use, and Disclosure of Personal Information
Information is generally collected to confirm a person’s identity, create an employee record, or comply with legal requirements (e.g., for tax purposes). We restrict the collection, use, and disclosure of your personal information to the purposes we have disclosed to you. Access to your personal information is only authorized for specific individuals and only within the scope of their assigned tasks.
We retain your personal information for as long as necessary to achieve the purposes for which it was collected. We are required to destroy this information in accordance with the law and our record retention policy. When disposing of your personal information, we take appropriate measures to ensure its confidentiality and prevent unauthorized access during the destruction process.
Personal information must be as accurate, complete, and up-to-date as necessary to achieve the intended purposes. Personal information used on an ongoing basis, including information shared with third parties, generally should be accurate and up-to-date, unless clear limitations on accuracy have been established. We do not systematically update personal information unless necessary to achieve the purposes of collection. The degree of accuracy, currency, and completeness of personal information depends on the data you provide during consent.
We take responsibility for personal information in our possession or entrusted to third parties for processing, ensuring strict standards of confidentiality and security. Our Privacy Officer oversees the personal information protection policy, associated processes, and procedures to protect this information. Our staff is informed and trained in accordance with our privacy policies and practices.
We have implemented and continue to develop rigorous security measures to ensure the strict confidentiality of your personal information and protect it against loss, theft, unauthorized access, communication, copying, use, or unauthorized modification. These security measures include organizational controls such as restricting access to authorized personnel, data backup and archiving using external systems, and technological measures like password usage and encryption (e.g., regular password changes and firewall usage).
Access to Personal Information
Only authorized personnel are permitted to access your personal information, and they possess the necessary qualifications for this access, essential to their job functions.
Requesting Access and Modifications
You have the right to know if we hold personal information about you and to access that personal data. You also have the right to inquire about how this information was collected and used and to whom it has been disclosed. We will provide this information within a reasonable timeframe from the date of receiving your written request, and reasonable fees may apply for processing. In certain specific circumstances, we may refuse to provide the requested information. Exceptions to your right of access include situations where the information concerns other individuals, cannot be disclosed for legal, security, or copyright reasons, was obtained as part of a fraud investigation, can only be obtained at prohibitive cost, or is subject to dispute or privilege. If we hold medical information about you, we may refuse to provide it directly and request that it be transmitted to a healthcare professional you designate to receive it. You also have the right to verify the accuracy and completeness of your personal information and request its modification if necessary. Any modification request will be processed promptly. You can send any requests for access to personal information or modifications of personal information to the following address:
Personal Information Protection Officer
Officer’s Name: Mr. Zappavigna
Email Address: firstname.lastname@example.org
Complaints and Questions
You can contact the Personal Information Protection Officer at the address mentioned above. Any complaints regarding the protection of personal information should be addressed to the Personal Information Protection Officer at the provided address. We will investigate all complaints, and if a complaint is found to be valid, we will take appropriate measures, including modifying our policies and practices if necessary.
Education and Awareness
We promote best practices and respect for transparency and personal information protection rights in various ways:
We inform all our staff through a consent form.
We display the name and contact information of the Personal Information Protection Officer.
We use various awareness methods, including information sessions on personal information protection, reminders during team meetings, staff training, a personal information protection action plan, a logbook, and more.
If you have reason to believe that our company has not adhered to these principles, please inform us by contacting our Personal Information Protection Officer. We will then take the necessary steps to identify and rectify the issue within reasonable timeframes. Please indicate “Privacy Protection” as the subject of your notification.
This policy is to be reviewed every three years and will also be updated in the event of significant changes in legislation or regulatory requirements. Last updated: September 2023.