Patient Health and Privacy Policy
Barks Pedorthics is committed to the principles of openness and transparency. We understand your privacy rights and we take them very seriously. We are committed to operational excellence and always want you to feel we have done what we can to keep your information accurate, up-to-date, and safe.
Our policies and procedures are designed to limit the collection of personal information to only what is necessary to provide you with your requested medical services and to keep your information safe and secure. We also understand that your information, including your health information, is your personal information. You have the right to access your personal health information at any time, notwithstanding legal restrictions. If you believe there is something we are not complying with regarding your personal information, you have the right to challenge our privacy practices. We are committed to getting it right.
Please read our privacy statement carefully to understand how we collect, use and disclose your personal health information. Our Privacy Policy adheres to Ontario’s Personal Health Information and Protection Act (PHIPA).
The Personal Information We Collect
Barks Pedorthics is committed to limiting its collection of personal information to only what is necessary for the purpose of providing you with the pedorthic services you request from us. We may collect the following information to ensure we can provide you with your requested needs:
Full name
E-mail address
Telephone number
Home address
Date of Birth
Insurance information
Personal health information, including but not limited to: your medical history, your doctor’s contact information, medications, x-rays, and evaluations from relevant health care practitioners or providers to ensure we can provide you with the best consultation
Foot size
Medical device preference
Audio recordings of assessment
Visual recordings of gait analysis
Written assessment notes
Measurements
Payment details (Moneris is our third-party PCI vendor)
When Booking With Us
Barks Pedorthics will only collect the personal information required to schedule your appointment. We may collect additional information after you have provided your express consent. Therefore, the personal information we gather about you may vary depending on how many times you have engaged with us and/or consulted with us relating to your pedorthic treatment.
Interacting With Our Website
We may collect non-sensitive personal information about how you use our Site, such as browsing patterns, materials viewed or downloaded, the frequency and duration of visits, and your source Internet Protocol (“IP”) address. We are doing this to improve our website and the services we provide for you.
Interacting With Our Third-Party Processors
We do not collect or process your Credit or Debit card data ourselves; we use a certified PCI Compliant third-party provider, Moneris, to administer cardholder processing, which includes payments at the site of assessment/dispensation of the pedorthic services.
How We Use Your Personal Health Information
We use your personal information only for the purpose of providing you with pedorthic treatment. We limit our use and access to your personal health information to only what is necessary for the purposes described in this Policy.
Barks Pedorthics may use your personal health information to:
Consult with you on your options for treatment of your condition;
Analyze your gait and ask you questions to better treat conditions of the foot, ankle and lower extremities that may require custom fitting, fabricating or adjusting of pedorthic devices.
Recommend appropriate footwear or footwear modifications
Consult with your medical care team, if required
Limiting Sharing and Disclosure of Your Personal Health Information
We limit what we collect and all personal health information is securely stored within our environment and available to only those with a need to know. We will not disclose your personal health information without your express consent unless we are legally obligated to do so.
Obtaining Your Consent
We use paper based, digital forms and verbal confirmation to capture your express consent for collecting the information we need to provide you with your requested services. We will never act without your consent, unless there is a legal obligation we must fulfill.
Safeguarding Your Personal Information
Barks Pedorthics uses a number of security safeguard measures to ensure your personal information is protected. We use operational, administrative and technical security safeguards to ensure the level of security surrounding your personal health information is complaint with PHIPA.
We use standardized forms designed to collect the minimum amount of personal health information required to provide our professional services to you. We always ask for your consent, where required, and we limit any personal health information recording (audio and visual) to only what is necessary to ensure we provide the best consultation and treatment options for you.
We deploy physical security measures, which include but are not limited to:
Locked filing cabinets
Restricted access to office
We deploy technological safeguards, which include but are not limited to:
User IDs, passwords and multi-factor authentication;
Internal firewalls and virus scanners
Endpoint detection and response (EDR)
Exchange Defender Antivirus and Online Protection
We deploy organization safeguards, which include but are not limited to:
Access restrictions;
Audit of security systems and access to PHI;
Set of IT policies
Annual privacy and security training
Personal information is stored in Canada and backups are hosted in Canada. Personal information is encrypted at rest. Automatic back-up file recovery is available to protect records from loss or damage.
Contact Us:
If you have any questions related to our privacy practices, please contact us at
Challenging Privacy
If you think that your personal information has been improperly collected, used, or disclosed by a public institution, child and family service provider, or by a health sector organization or practitioner, you have the right to file a complaint with the Information and Privacy Commissioner of Ontario (IPC).