Privacy Policy

Policy

Pine River Institute (PRI) is committed to safeguarding the personal information of its clients in compliance with the Personal Information Protection and Electronic Documents Act (Canada) and Ontario’s Personal Health Information Protection Act (PHIPA).  We uphold the ten privacy principles established under these Acts to ensure the confidentiality and privacy of our clients’ information.

 

Note: Ontario’s Personal Health Information Protection Act (2004) was deemed substantially similar to Part 1 of the Personal Information Protection and Electronic Documents Act in 2005. Thus, it is the provincial law that will apply instead of PIPEDA, although PIPEDA continues to apply to federal works, undertakings or businesses, and to interprovincial or international transfers of personal information. The same ten privacy principles apply in both Acts.

Procedures

 

Confidentiality Agreement: Upon admission, both the student and parent/caregiver sign a Confidentiality Agreement.

·        With the signing of this document the client agrees to the following:

 

o   In order to protect the confidentiality of all Pine River participants, they will not divulge any identifying information such as names, physical descriptions, addresses, work/school positions, or other data that would allow one to identify another Pine River participant.  This includes published photos or videos.

 

o  Additionally, they will keep all information pertaining to treatment issues of other PRI clients in the strictest of confidence.

o   Acknowledge that what is said in treatment will remain confidential among the Pine River Institute team with 3 exceptions: if a staff member has reason to believe that the client is going to harm themselves, harm someone else, or someone is harming them in which case PRI staff have a legal and professional obligation to disclose this information. 

o   The client will be notified before this exception to the general obligation of confidentiality is made unless waiting poses a serious danger of injury or death.

 

 Consent to Release Information

·        At the time of admission clients sign Consent to the Release of Information, allowing an individual or organization to release personal information to PRI. This written consent will be signed by the student (if 16 years of age or older), or the parent/guardian (if
student is under 16 years of age), or a substitute decision maker (“SDM”), as per Ontario’s Personal Health Information Protection Act (2004).

 

·        With the signing of this document the clien agrees to the following:

o   This consent and authorization allows PRI to speak with individuals who provide health care, or professional services, or
educational services to the client, or have done so in the past;

 

o   The client may cancel or modify their consent at any time (except where the institute has already taken action on the basis of the consent), as long as they do so in writing; and

 

o   Unless revoked by the client, the consent to release of information remains valid for the duration of their participation in
the live-in phase of the program. If the client enters the Aftercare program,  they will sign a new consent that will be valid for the duration of their participation in Aftercare.

 

Release of Personal Information

·        PRI will not release personal information concerning a client, to an individual or organization, without written consent from the student (if 16 years of age or older), or the parent/guardian (if student is under 16 years of age), or substitute decision maker (“SDM”), as per
Ontario’s Personal Health Information Protection Act (2004). The Consent to Disclosure of Information is used for this purpose.

 

The Consent to Disclosure of Information remains valid for the duration of enrollment at Pine River Institute, until program discharge, unless the client withdraws their consent in writing. 

·         Personal information could include, but is not limited to, health information, results of assessments and psychological tests, educational information, including academic records, transcripts.

Privacy Principles

[From the Personal Information Protection and Electronic Documents Act (Federal, 2001), and Ontario’s Personal Health Information Protection Act (2004)]

Principle 1 – Accountability

The School is responsible for all Personal Information under its control.

We acknowledge our responsibility for Personal Information in our possession or custody, including information that has been transferred to a third party for processing.

We will use contractual or other means to provide a comparable level of protection when your personal information is processed by a third party.

Principle 2 - Identifying Purposes

We will identify and document the purposes for which we collect, use, or disclose Personal Information at or before the time of collection.

The purposes will be limited to those which are related to our business and which a reasonable person would consider are appropriate in the circumstances.

We collect, use, and disclose Personal Information concerning our students, their parents, and alumni for the following reasons:

  • to assist in communicating with the students and parents (this would include, without limitation, administering tests, evaluation and accreditation, contacting students and parents about upcoming events and activities, and collecting information to assist us in carrying on our activities);
  • to assist in communicating with and maintaining contact with our alumni (this would include, without limitation, providing information about upcoming events and activities, and collecting information to assist us in carrying on our activities);
  • for maintaining student file;
  • to process student billing and fees; and
  • for medical emergency reasons.

Principle 3 – Consent

Personal Information will only be collected, used, or disclosed with the knowledge and consent of the individual, except where inappropriate.

The way in which we seek consent, including whether it is express or implied, may vary depending upon the sensitivity of the information and the reasonable expectations of the individual (and in the case of students, their parents).

An individual can withdraw consent at any time, subject to legal or contractual restrictions and reasonable notice. We will inform individuals of any implications of withdrawing consent.

Typically, we will seek consent for the use or disclosure of information at the time of collection. In certain circumstances, consent may be sought after the information has been collected but before use (such as where we want to use information for a purpose not previously identified).

We will not, as a condition of the supply of services, require an individual to consent to the collection, use, or disclosure of Personal Information beyond what is required to fulfill the explicitly specified and legitimate purposes.

Principle 4 - Limiting Collection

We will limit the amount and type of Personal Information collected to that which is necessary for our identified purposes and we will only collect Personal Information by fair and lawful means.

Principle 5 - Limiting Use, Disclosure, and Retention

Personal Information will not be used or disclosed for purposes other than those for which it was collected, except with the consent of the individual or as required or permitted by law. Personal Information will be retained only as long as necessary to fulfill the identified purposes.

Principle 6 – Accuracy

We will use our reasonable efforts to ensure that Personal Information is as accurate, complete, and up-to-date as is necessary for the purposes for which it is to be used.

Principle 7 – Safeguards

We will protect Personal Information with safeguards appropriate to the sensitivity of the information.

Our safeguards will protect Personal Information against loss or theft, as well as unauthorized access, disclosure, copying, use or modification, regardless of the format in which the information is held.

We will make our employees aware of the importance of maintaining the confidentiality of Personal Information and we will exercise care in the disposal or destruction of Personal Information to prevent unauthorized parties from gaining access to the information.

Our methods of protection include physical measures (for example, locked filing cabinets and restricted access to offices), organizational measures (for example, limiting access to a “needto-know” basis), and technological measures (for example, the use of passwords and encryption).

Principle 8 – Openness

We will make specific information about our policies readily available.

The information we will make available will include: how to gain access to Personal Information; the type of Personal Information held by us, including a general account of its use; general information concerning our Policy and policies; what Personal Information is made available to related companies; and how to contact our Privacy Officer. Our Policy may be amended from time to time.

Principle 9 - Individual Access

Upon written request, we will inform the individual of the existence, use, and disclosure of his or her Personal Information (and, if applicable, his or her child’s Personal Information) and we will give the individual access to that Personal Information.

An individual can challenge the accuracy and completeness of his or her Personal Information and have it amended as appropriate. We will respond to an individual’s written request within a reasonable time (generally within 30 days).

Principle 10 - Challenging Compliance

Any individual can bring any concerns or questions concerning our compliance with any of the Privacy Principles to our Privacy Officer. The Privacy Officer, Michelle Methven, can be reached at 416.955.1453 or by e-mail (michelle@pineriverinstitute.com).

 Download the full Privacy Policy here.

Search