Privacy Policy
Privacy of personal health information is important to me as a psychotherapist. I am committed to collecting, using, and disclosing personal information responsibly and only to the extent necessary for the delivering therapy services and managing business matters related to these services. I strive to be open and transparent about the handling of clients’ personal information. This document describes my privacy policies, made in consideration of the (provincial) Personal Health Information Protection Act, 2004 (PHIPA) and the (federal) Personal Information Protection and Electronic Documents Act, 2000 (PIPEDA).
WHAT IS PERSONAL INFORMATION?
Personal information is information about an identifiable individual. Personal information includes information relating to an individual’s personal identity and characteristics (e.g., name, gender, age, income, home address, phone number, ethnic background, family status); health (e.g., health history, health conditions, health services received by them); or activities and views (e.g., religion, politics, opinions expressed by client or of client by another individual, personal views). Personal information is different from business information (e.g., an individual’s business address or phone number). Business information is not protected by privacy legislation.
WHO I AM
Danielle Terbenche, Registered Psychotherapist (Qualifying)
I am a Registered Psychotherapist in the Province of Ontario, currently registered with the College of Registered Psychotherapists of Ontario (CRPO) in the Qualifying (initial) category of registration. I operate a private practice, providing teletherapy services to individuals in Ontario. As a recently registered practitioner, I am supervised by a psychotherapy practitioner with supervisory status in accordance with the CRPO’s standards and policies (https://www.crpo.ca/supervision/). Client information may be shared with this supervisor for the purposes of clinical supervision and quality of care; all supervisors are also required to maintain confidentiality by their regulatory colleges. No personal information will be shared outside of the practice without a client’s express verbal or written consent unless issues of safety, abuse, legal subpoena, or unpaid fees arise which would compel me to disclose your information to an appropriate agency. All of this information will be addressed in the consent forms discussed and completed in the first therapy session.
WHY IS PERSONAL INFORMATION COLLECTED?
PRIMARY PURPOSES
I collect, use, and disclose personal information in order to serve my clients through the provision of psychotherapy. It involves collecting information about a client’s history, including
family history, social situation, and cognitive and emotional functioning to help me assess their psychotherapy needs, advise them of their options, develop treatment goals/plans, and provide them with psychotherapy. It also enables me to establish a baseline of assessment information so that, in providing ongoing services, changes occurring over time may be identified.
Inquiries for Therapy Services
Member of the general public may contact me to inquire about service for themselves. In answering inquiries, I will determine if I am the best fit for your needs. If I feel I am not an appropriate fit, I will do my best to provide you with a referral or an alternative option. Whether I take you as a client or not, information gathered will be documented and retained to maintain an accurate chronology of requested services.
SECONDARY PURPOSES
Like most businesses/organizations, I also collect, use, and disclose information for purposes related to, or secondary to, my primary purposes. The most common examples of related and secondary purposes are:
· Invoicing clients and collecting payments for psychotherapy services
· Working with external agents (accountants, bookkeeper, lawyer) for business purposes or in the event of an audit/inquiry from an external regulator (Canada Revenue Agency, Information and Privacy Commissioner, Human Rights Commission, etc.). All persons involved in these activities are required to maintain the confidentiality of any accessed information.
· Responding to inspection requests of the College of Registered Psychotherapists of Ontario (CRPO). All regulatory health colleges may inspect practitioner records and interview practitioners as part of their regulatory activities in the public interest. As a professional, I am obligated to report serious misconduct, incompetence, or incapacity of other health practitioners to that practitioner’s regulatory college should it be brought to my attention. Sometimes these reports include personal information about our clients, or other individuals to support the concern (e.g., improper services). All regulatory college personnel are required by law to maintain confidentiality of accessed information.
· The costs of some services provided by me may be paid by third parties (e.g. auto insurance companies, long-term disability companies, WSIB, etc.) In such cases, I will ask for your express written consent to disclose to them certain information to demonstrate your entitlement to this funding (except for confirming the date and costs of services provided).
PROTECTING PERSONAL INFORMATION
I understand the importance of protecting personal information. Records relating to all clients are confidential. Generally, this means that no information contained in records is provided to a third party without the express written consent of the client. [Note: There are some specific ethical or legal circumstances when this confidentiality is waived. For example, psychotherapists must reveal information when there is a suspicion of child or elder abuse, when clients pose a significant danger to themselves or others, when clients report sexual abuse by a health care professional, or when the court issues a subpoena for records or testimony.]
In addition, I take the following precautions when storing and managing client information:
· Paper information is either under my supervision or is secured in a locked container/file cabinet.
· Electronic hardware is either under my supervision or secured in a restricted area. Computers are password protected and USB drives are encrypted.
· I use a secure, web-based practice management system to store and manage my client records. This includes information such as client appointments, billing documents, session notes, contact details, and other client-related information and documents. The system I use is encrypted and its servers are exclusively located in Canada.
· Any messages sent to the adjustgrow@outlook.com email or voicemails left will only be retained for the minimum time needed to respond to them, and will be deleted promptly. Clients must provide express verbal or written consent to use email correspondence, as communication over the internet is neither secure nor verifiable. Clients are discouraged from sharing information of a personal nature by email due to this lack of security.
· I transmit any paper information (e.g., requests for a chart copy) via sealed, addressed envelopes or boxes by reputable companies and only when specifically requested by a client or their representative or other healthcare providers.
RETENTION AND DESTRUCTION OF PERSONAL INFORMATION
I retain personal information for some time to ensure that I can answer any questions you might have about the services provided and for my own accountability to external regulatory bodies. I do not, however, want to keep personal information for longer than necessary in order to protect your privacy.
Client files are kept for approximately 10 years after the last significant client contact or, in the case of someone under age 18 at the time they received therapy, for ten years after they turn 18 years of age.
I destroy paper files containing personal information by shredding. I destroy electronic information by deleting it, and ensure hard drives are physically destroyed when hardware is discarded.
If I die or become unable to practice for any reason, your file will be forwarded to and become the responsibility of an alternate designated clinician.
DATA BREACH PROTOCOL
If your information was stolen, lost or accessed by an unauthorized person, I would be responsible for notifying you of this security breach at the first reasonable opportunity and taking any required steps, such as notifying the Privacy Commissioner of Ontario.
YOU CAN LOOK AT YOUR INFORMATION
With a few rare exceptions, you have the right to see what personal information I hold about you. Often all you have to do is ask, and I will set up a consultation to determine how I can help you and to identify what records I might have about you. I will try to help you understand any information that is unclear to you (e.g. short forms, technical language, etc.). I reserve the right to charge a nominal fee for such requests.
If there is a problem, I may ask that you put your request in writing. If I cannot give you access, I will tell you within 30 days, if possible, and tell you the reason as to why I cannot give you access (e.g., because the requested information reveals a third party and/or may jeopardize the health or safety of a third party; because the information relates to legal proceedings or a subpoena or warrant).
If you believe there is a mistake in the information, you have the right to ask for it to be corrected. This applies to factual information and not to any professional opinions I may have formed. I may ask you to provide documentation that my files are wrong. Where I agree that a mistake was made, a correction will be made and I will notify anyone to whom I sent this information. If I do not agree that a mistake was made, I will still include in the file a brief statement from you on the point(s) and will forward that statement to anyone else who received the earlier information.
DO YOU HAVE ANY QUESTIONS?
If you have any questions about my privacy policy, please feel free to ask Danielle Terbenche, RP (Qualifying) via telephone at 416-459-9701 or by emailing adjustgrow@outlook.com.
If you wish to make a formal complaint about my privacy policies, please do so in writing. I will acknowledge receipt of your complaint and ensure that it is investigated properly and that you are provided with a formal decision and reasons in writing. Please send such complaints to:
Danielle Terbenche, RP (Qualifying)
Adjust & Grow Counselling
P.O. Box 53062 ROYAL ORCHARD
Thornhill, ON
L3T 7R9
If you have a concern about the professionalism or competence of my work as a psychotherapist, I would ask you to discuss those concerns with me. If, however, I cannot satisfy your concerns, you are entitled to make a complaint to my regulatory body, the College of Registered Psychotherapists of Ontario (CRPO):
College of Registered Psychotherapists of Ontario
375 University Avenue, Suite 803
Toronto, ON M5G 2J5
Phone: 416-479-4330
Toll-Free: 1-844-712-1364
Fax: 416-639-2168
Email: info@crpo.ca
This Privacy Policy is made in compliance with both PIPEDA and PHIPA. These acts are complex and are too detailed to be set out in full here. For more information, the Information and Privacy Commissioner of Canada oversees the administration of PIPEDA legislation in the private sector. The Information and Privacy Commissioner of Ontario oversees the administration of PHIPA. These Commissioners also act as a kind of ombudspersons for privacy disputes. Their contact information appears below:
Office of the Privacy Commissioner of Canada
30 Victoria Street
Gatineau, Quebec
K1A 1H3
Phone: (819) 994-5444; Toll-free: 1-800-282-1376
The Information and Privacy Commissioner of Ontario
2 Bloor Street East, Suite 1400
Toronto, Ontario M4W 1A8
Tel: (416) 326-3333 or 1-800-387-0073
Fax: (416) 325-9195, TTY: TDD/TTY: (416) 325-7539