At Kensington Medical Clinic we strive to provide our patients with excellent, efficient medical care and services. Every member of our team at Kensington Medical Clinic abides by our commitment to privacy in the handling of personal information. This policy demonstrates the ways we ensure that patients’ privacy is protected. Our policy applies to all personal health information of all patients that are in our possession and control. This policy was last modified on the 1st day of January 2019.
Protecting Personal Information
1. Openness and transparency
Kensington Medical Clinic values patient privacy and acts in accordance to ensure that it is and remains protected. This policy was written to explain how our office practices and upholds federal and provincial requirements for the protection of personal information. This policy describes how our office collects, protects and discloses the personal information of patients and the rights of patients in respect to their personal information. As an office, we are available to answer any patient questions regarding our privacy practices.
As a medical clinic we are aware that our physicians are ultimately accountable for the protection of the health records in his/her possession. As patient information is sensitive by nature. Employees and all staff at our clinic are required to periodicaally review this policy as revisions are made. All of our staff must adhere to the protections described in this policy for the appropriate use and disclosure of personal information.
2.1 All of the staff at Kensington Medical Clinic who have access to personal information must adhere to the following information management practices:
2.2 Kensington Medical Clinic employs strict privacy protections to ensure that:
Collection, Use and Disclosure of personal information
3. Collection of personal information
We collect the following personal information from patients:
We only collect the information that is required to provide patient care and administrative duties which includes but are not limited to communicating with patients, follow up protocols and setting of appointments. We do not collect any other information, or allow information to be used for other purposes, without the patient’s express consent. This excludes where we are authorized to do so by law. These limits on collection ensure that we do not collect any unnecessary information.
4. Use of personal information
The personal information in which we collect from patients is used by this office for the following purposes:
No information given to our clinic is released to any third parties unless specifically requested by the patient at which signed authorization is required.
5. Disclosure of personal information
5.1 Implied consent (Disclosures to other providers)
Unless otherwise indicated, we assume that patients at Kensington Medical Clinic have consented to the use of their information for the purposes of providing them with care. This includes sharing the information with other health providers involved in their care. By seeking care from Kensington Medical Clinic, the patient’s consent is implied for the provision of that care. Relevant health information is shared with other providers involved in the patient’s care, including other physicians working within the confines of our practice at Kensington Medical Clinic, as well as, physicians that are consulted while providing patient care
5.2 Without consent (Disclosures mandated or authorized by law)
Kensington Medical clinic recognizes that in limited situations physician are legally required to disclose personal information without the patient’s consent. Examples of these situations include:
5.3 Express Consent (Disclosures to all other third parties)
We acknowledge that written consent is required before we disclose personal information to third parties for any purpose other than to provide care unless authorized to do so by law.
In these situations, a copy of the written signed consent form is attached to the patients record to ensure that proper protocols are followed.
5.4 Withdrawal of consent
Patients have the option to withdraw consent to having their information shared. This includes withdrawing consent with other health providers and with third parties at any time. If a patient chooses to withdraw their consent, a physician within our practice will discuss any possible significant consequences that might result with respect to their care and treatment.
6. Security measures
6.1 Kensington Medical Clinic have multiple safeguards put in place to protect the security of patient information. These safeguards include a combination of physical, technological and administrative security measures.
Physical safeguards utilized by Kensington Medical Clinic:
Technological safeguards utilized by Kensington Medical Clinic:
administrative safeguards utilized by Kensington Medical Clinic:
In utilizing these safeguards, we limit third party members from accessing patient information, and if required, they shall only do so through contractual agreements provided with a comparable level of protection.
6.2 Staff signed confidentiality agreements
As an employer, Kensington Medical clinic ensures that all staff have signed confidentiality clause as part of their employment contract. The confidentiality clause within the employment contract states that:
Note, this confidentiality clause extends beyond the term of employment.
7. Communications policy
We are sensitive to the privacy of personal information and this is reflected in how we communicate with our patients, others involved in their care and all third parties. We ensure to protect personal information regardless of the format.
We use specific procedures to communicate personal information by:
Use of Telephone:
Use of Fax:
Use of Email:
Use of Post/Courier:
8. Record retention
As mandated by College guidelines, we retain patient records as required by law and professional regulations. The Canadian Medical Protective Association (CMPA) advises that all physicians retain copies of medical records for at least 10 years from the date of the last entry. In the case of minors, 10 years from the time the patient would have reached the age of majority which is the age 19 in BC jurisdiction. Given the fact that claims may arise beyond the stipulated regulatory period, we keep all records indefinitely as we are an electronic office.
9. Procedures for secure disposal/destruction of personal information
When information is no longer required, it is destroyed according to set procedures that govern the storage and destruction of personal information
We use the following methods to destroy/dispose of paper records:
We use the following methods to destroy/dispose of electronic records We seek expert advice on how to dispose of electronic records and hardware. At a minimum, we ensure that all information is wiped clean where possible prior to disposal of any electronic devices such as storage devices, CD’s etc. We properly disposed of all computer hard drives, and shred all CD’s )
Before the secure disposal of any health records, we maintain that the information is uploaded to our electronic medical records so that we can uphold the integrity of information provided to us while ensuring patient information privacy.
10. Access to information
At Kensington Medical Clinic we acknowledge that patients have the right to access their record in a timely manner. If a patient requests a copy of their records, one will be provided at a reasonable cost of $40 dollars which is in accordance to the BCMEA private fee guidelines set forth by the college. Access shall only be provided upon approval of the physician. If a patient wishes to view the original record, one of our staff members must be present to maintain the integrity of the record, and a reasonable fee may be charged for this access. Patients can submit access requests in writing using the release of information form provided by our office.
Our office follows specific procedures to respond to access requests:
11. Limitations on access
In extremely limited circumstances the patient may be denied access to their records, but only if providing access would create a risk to that patient or to another person. For example, when the information could reasonably be expected to seriously endanger the mental or physical health or safety of the individual making the request or another person. Or if the disclosure would reveal personal information about another person who has not consented to the disclosure. In this case, we will do our best to separate out this information and disclose only what is appropriate.
12. Accuracy of information
We make every effort to ensure that all patient information is recorded accurately. Upon arrival to the clinic all contact information is updated. With regards to chart information, if an inaccuracy is noted, the patient can request changes in their own record. This request is documented by an annotation in the record. No changes shall be made to a patient’s record without the approval or authorization of the attending physician.
13. Privacy Complaints
It is important to us that our privacy policies and practices address patient concerns and respond to patient needs.
If a patient believes that this office has not responded to their access request or handled their personal information in a reasonable manner it is encouraged that the person first addresses this with their doctor.
Our complaints process is readily accessible, transparent and simple to use. In most cases, an issue is resolved simply by telling us about it and discussing it. Patient complaints can be made in writing addressed to:
Attn: Privacy officer
Kensington Medical Clinic
6548 Hastings St
Patients who wish to pursue the matter further are advised to direct their complaints to:
The College of Physicians and Surgeons of British Columbia or the provincial privacy commissioner.