InnerView Guidance International (“IGI”) understands that privacy is a critical issue for all our users. We are committed to the highest standards of privacy, confidentiality and data security to protect the personal and financial information of all clients and counsellors who are using the IGI website (the “Site”). IGI complies with Canadian federal and provincial privacy and confidentiality legislation; specifically, the Personal Information Protection & Electronic Documents Act (PIPEDA), and the governing provincial acts and regulations including Ontario’s Personal Health Information Protection Act. IGI also complies with United States federal privacy and confidentiality legislation; specifically, the Health Insurance Portability and Accountability Act (HIPAA).
IGI USES YOUR PERSONAL INFORMATION FOR…
(performing our services (collectively, the “Services”), including):
- providing a secure platform for confidential web-based counselling services
- providing a web-based platform for educational webinars and seminars
- providing an online community for IGI practitioners to exchange communications and dialogue
- providing qualified representatives from our Administrative Support Team (“Admin”) to assist with technical support, and with Admin and Site use issues
- providing clients and practitioners with online appointments and bookings
- providing secure, encrypted information storage services for client and practitioner files
- providing client accessibility only to his or her own file; and providing accessibility to the practitioner(s) assigned to such file and to IGI
- communicating by email, telephone and/or mobile devices for matters relating to client accounts
- contacting client and practitioners in emergency situations or where the client has consented to or requested that he or she be contacted by us
- creating anonymous and aggregate statistics and reports about our Services, service standards and trends – these statistics and reports do not contain any information that could identify any client personally
- paying IGI practitioners for the services they provide
- auditing and supervisory purposes as required, and/or to assist in managing our business
When personal information that has been collected is to be used for a purpose not initially identified, the new purpose shall be identified prior to use. Unless the new purpose is required by law, we will obtain consent from the individual before information will be used for that purpose.
THE KIND OF INFORMATION COLLECTED
Contact information: We may collect personal information that can identify you such as your name, email address, other contact information, type of employment, age, general geographic residence, with specific guidelines as to where and when you want to be contacted by us.
Demographic information: This information will be used to facilitate demographic profiling and trend analysis; and to assist us in planning programs and in improving our Services.
Information you provide: Personal health information which is provided to IGI practitioners is stored in client-specific files in an encrypted space in keeping with Platform policies and procedures; such that only clients and practitioners handling that client client’s file may access a client member’s health information for counselling purposes only. IGI Directors may also access this information for the purpose of quality assurance and ethical management of our Services. We also collect client financial information in order to process payments.
IGI employs safeguards to protect personal information from unauthorized access, disclosure, copying, or use, by employing various methods of protection, appropriate to the sensitivity of the information. The methods of protection may include:
- Technical measures (passwords, encryptions, firewalls, and audits)
- Organizational controls (security clearances, limiting access on a ‘need-to-know’ basis, staff training, confidentiality agreements, policies and procedures)
- Contractual confidentiality covenants in keeping with professional ethics
- Physical measures (locked filing cabinets, restricted access to files and offices, shredding any printed documents)
- Use of Secure Sockets Layer (SSL) cryptographic protocols that provide internet communication security to protect the privacy of confidential communications on our Site
IGI also employs care in the disposal or destruction of personal information to prevent unauthorized parties from gaining access to the information. We will retain personal information for as long as necessary for the purpose for which it has been collected, or as required or permitted by law, including insurance laws, tax laws, and statute of limitations.
All information disclosed in InnerView sessions and the written records pertaining to those sessions are confidential and will not be revealed to anyone outside of IGI without your written permission. We retain your personal information only for as long as we need it to fulfill the purposes for which it was collected and to comply with our legal obligations. We may also disclose your personal information to third parties when professional ethics based on the law require us to do so. The limited circumstances under which the law requires disclosure include child protection concerns, medical emergencies, danger to public safety, and threats of violence or harm to oneself or others.
You have a right of access to, and correction of, information that we hold about you.
IGI is not responsible for any personal information removed by a practitioner or client from the Site (for example, by way of copying, photographic image reproduction, or otherwise) without our authorization.
The collection of personal information shall be limited to that which is necessary for the purposes identified by IGI. All personal information shall be collected by fair and lawful means. We shall not collect personal information indiscriminately. Both the amount and type of information collected shall be limited to that which is necessary to fulfill the Services identified. We shall specify the type of information collected as part of our information-handling policies, practices, and professional ethics. The requirement that personal information be collected by fair and lawful means is intended to prevent organizations from collecting information by misleading or deceiving individuals about the purpose for which information is being collected. This requirement implies that consent with respect to collection, use or disclosure must not be obtained through deception.