Privacy and Security

Download the PDF below for more information:

Freedom of Information and Protection of Privacy (FIPPA) provides the right for every person to access information held by hospitals and a formal process is in place for people to make Freedom of Information (FOI) requests for records that came into the hospital’s custody and control on or after June 2007.

FIPPA has been amended as of January 01, 2012 so certain types of hospital records are excluded from the act. For example:

• Records that relate to the operations of a hospital foundation

• Records regarding charitable donations

• Administrative records of a regulated health care professional

• Records relating to certain labor relations or employment matters

• Quality of Care Information

• Certain records associated with research/teaching

Personal health information is subject to the Personal Health Information Protection Act (PHIPA) and is not subject to FIPPA.

Who can make a FOI request?

Any person can make an FOI request. The requestor does not have to be a Canadian citizen.

How to make a FOI request?

The request can be made in writing to the hospital and accompanied by the $5.00 application fee (i.e. a cheque payable to the hospital)

Mailing Address:

Chief Privacy Officer

Wellington Healthcare Alliance

Groves Memorial Community Hospital 131 Frederick Campbell Street

Fergus, ON N1M 0H3

Statements may be updated at any time. The date is reflected.

Last updated: August 5, 2021

If you have a concern about how your health information has been used, please contact the Privacy Office at 519-843-2010 ext. 45611 or by emailing privacy at privacy@whca.ca.

To contact by mail, address correspondence to:

Chief Privacy Officer

Wellington Health Care Alliance

Groves Memorial Community Hospital

131 Frederick Campbell Street

Fergus, ON | N1M 0H3

For more information, ask for a copy of our privacy brochure, available at various places within the hospital.

If we can’t solve your problem or concern, it is your right to contact the Office of the Information and Privacy Commissioner of Ontario at:

Phone: 1-800-387-0073

Email: info@ipc.on.ca

Website: www.ipc.on.ca

Address: Information & Privacy Commissioner of Ontario

2 Bloor Street East, Suite 1400

Toronto, Ontario

M4W 1A8

Security

Security Services at Groves will operate only on evenings and weekends. Security Service staff will be situated in the Emergency Department.

The role of the Security Staff is to provide a safe environment for all persons on hospital property. The Security Staff is responsible for preserving the peace and preventing crimes on hospital property.

Video Surveillance

Groves Hospital has video surveillance in effect both in and around the hospital. The purpose of video surveillance is to enhance the safety and security of patients, staff, physicians, volunteers, visitors and property. It is also used to deter, detect, and assist in investigations, as required. For additional information about our Video Surveillance Policy please contact our hospital's main switchboard.

Accurate health information is essential to make sure you get appropriate care. Each time you visit the hospital we collect information. We record and maintain information about your current condition and care, including the results of tests, procedures and therapies. Information such as your name, address and date of birth is recorded for the purposes of identification, contact and billing. PHIPA allows for additional collections and uses of a patient’s health card number for identity verification purposes and to link records of personal health information. Your personal information whether stored on paper or electronically is kept safe and secure. We adopt collection, storage and security practises to protect against unauthorized access, disclosure and destruction. Information is collected, retained and destroyed in compliance with hospital policy. We conduct routine audits of our health information system to ensure your Personal Health Information is viewed by those based on need to know.

Policies and procedures are in place that protect how your information is collected and used. We will share your health information with your family doctor, specialist or other health care providers who are involved in your care. Staff have access to your information on a need to know basis to do their work. All staff are bound by a confidentiality agreement. Your information is protected by administrative, physical and technical safeguards. You may request that your health information not be shared with your health care providers. Your consent is required to share your health information with third parties such as lawyers, insurance companies or police.

How is Information Used:

• To provide care

• To receive payment for the care we provide

• To meet legal and regulatory requirements

• To improve the quality and efficiency of care

• To support research and educational opportunities

• 
  

Unless you tell us not to, we may also disclose your information to visitors or callers so they can reach you in the hospital.

Further information about how the hospital collects, uses and discloses health information can be obtained from the Your Health Information and Your Privacy in Our Hospital pamphlet available to all visitors and staff.

PHIPA and its regulations provide special rules for fund raising. The hospital may disclose your name and mailing address for fund raising activities for purposes related to operations of the hospital. To opt out, contact the Privacy Office.

The privacy office consists of a Chief Privacy Officer who is a resource for privacy information, for policy development and leading education to staff, patients and visitors.

We conduct privacy training routinely for staff, volunteers and students. All staff, volunteers and students are required to sign a pledge of confidentiality. Privacy policies provide rules for the collection, use, disclosure and retention of health information. It is based on 10 internationally recognized privacy principles.

Principle 1 – Accountability for Personal Information

GMCH is responsible for personal information under its custody or control and has designated an individual, the Chief Privacy Officer, who is accountable for GMCH’s compliance with the following principles.

Principle 2 – Identifying Purposes for the Collection of Personal Information

GMCH, at or before the time personal information is collected, will identify the purposes which personal information is collected. The primary purposes are the delivery of direct patient care, the administration of the health care system, to conduct research and statistics and to comply with legal and regulatory requirements.

Principle 3 – Consent for the Collection, Use and Disclosure of Personal Information

The knowledge and consent of the individual are required for the collections, use or disclosure of personal information, except where inappropriate.

Principle 4 – Limiting Collection of Personal Information

The collection of personal information will be limited to that which is necessary for the purposes identified by GMCH. Information will be collected by fair and lawful means.

Principle 5 – Limiting Use, Disclosure and Retention of Personal Information

Personal information will not be used or disclosed for purposes other than those for which it was collected, except with the consent of the individual or as required by law. Personal information will be retained only if necessary, for the fulfilment of those purposes.

Principle 6 – Ensuring Accuracy of Personal Information

Personal information will be accurate, complete and up-to-date as is necessary for the purposes for which it is to be used.

Principle 7 – Ensuring Safeguards for Personal Information

Security safeguards appropriate to the sensitivity for the information will protect personal information.

Principle 8 – Openness about Personal Information Policies and Practices

GMCH will make readily available to individuals’ specific information about its policies and practices relating to the management of personal information.

Principle 9 – Individual Access to their own Personal Information

Upon request, an individual will be informed of the existence, use and disclosure of his or her personal information and will be given access to that information. An individual will be able to challenge the accuracy and completeness of the information and have it amended as appropriate.

Principle 10 – Challenging Compliance with GMCH’s Privacy Policies and Practices

An individual will be able to address a challenge concerning compliance with the above principles to the Corporate Privacy Officer.

Statements may be updated at any time. The date is reflected.

Last updated: August 5, 2021

North Wellington Health Care and Groves Memorial Community Hospital offer a patient record portal, named ConnectMyHealth (CMH).

CMH is a digital health solution that provides patients with an online, single access point to view their health records from participating hospitals in southwestern Ontario. CMH is available on desktop and mobile devices and is free.

To sign up or login visit: connectmyhealth.ca To learn more visit: info.connectmyhealth.ca