top of page

Privacy Policy

1. Purpose​

Our clinic is committed to safeguarding the privacy, confidentiality, and security of all patient information. This policy explains:

  • What information we collect

  • How we use and share it

  • How we protect it

  • Your rights as a patient under PHIPA

 

2. What Information We Collect

We collect only the information necessary to provide safe and effective medical and cosmetic care. This may include:

  • Name, date of birth, address, phone number, email

  • Medical history and clinical notes

  • OHIP information and insurance details

  • Consent forms and treatment records

  • Photographs (medical or cosmetic), with consent

  • Payment information for cosmetic services

 

3. How We Use Your Information

Your information is used for the following purposes:

  • Providing dermatological and cosmetic care

  • Booking and managing your appointments

  • Processing payments and insurance claims

  • Maintaining accurate medical records

  • Communicating with you regarding your care

  • Ensuring quality assurance and clinic operations

  • Meeting legal and regulatory requirements

 

4. Consent

We obtain your consent (express or implied) to collect, use, and disclose your PHI for healthcare purposes. You may withdraw consent at any time, except where restricted by law or necessary for safe care.

Written consent is required for:

  • Use of patient photos

  • Sharing information with third parties (e.g., specialists, family members)

  • Cosmetic treatment procedures

 

5. Disclosure of Information

We may share your PHI only as permitted under PHIPA, including:

  • With healthcare providers involved in your care

  • With insurers for billing purposes (OHIP or private)

  • With labs, pharmacies, or specialists with consent

  • When required by law (e.g., court orders, public health requirements)

We do not sell, rent, or share your information for marketing purposes.

 

6. Personal Information for Cosmetic Services

For cosmetic appointments:

  • Information is kept confidential and treated as medical information.

  • Before-and-after photos require explicit written consent.

  • Payment and financial information are securely stored.

 

7. How We Protect Your Information

We use administrative, technical, and physical safeguards, including:

  • Secure electronic medical records (EMR)

  • Role-based access controls for staff

  • Password-protected systems and encrypted backups

  • Confidentiality agreements for all staff

  • Locked file storage for paper records

  • Ongoing privacy training

 

 

8. Retention and Destruction of Records

Records are retained according to Ontario regulations:

  • Medical records: Minimum 10 years from last visit (or age 18 + 10 years for minors)

  • Cosmetic records: Retained according to clinic policy and legal requirements

Paper and electronic records are destroyed securely.

 

9. Your Rights as a Patient

Under PHIPA, you have the right to:

  • Access your personal health information

  • Request corrections to your record

  • Withdraw consent for use or disclosure

  • Ask how your information has been shared

  • File a complaint with our Privacy Officer

 

10. Complaints and Concerns

If you have concerns about your privacy, contact our Privacy Officer:

Privacy Officer: Tim Fobear
Phone: 613-707-1977

If unresolved, you may contact the Information and Privacy Commissioner of Ontario (IPC).

 

11. Changes to This Policy

This policy may be updated periodically. The most current version will always be available at the clinic and on our website.

 

 

12. Acknowledgment

By receiving care at our clinic, you acknowledge that you have been informed of our privacy practices.

If you'd like, I can tailor this policy to your clinic name, add your exact privacy officer details, or align it with your EMR system.

bottom of page