If there is ever a data breach, that could compromise your privacy, we will inform you. Reduction of Risk - we will take every measure to reduce your risk
Our policy may change from time to time, in the light of technological considerations. If we change our policy as respects your privacy, you will be informed of the explicit manner and respect that it has changed so that you may continue to use our services with informed consent
We define our privacy policy in accordance with the Privacy Act PHIPA, PIPEDA etc. (BC PIPA, BC FIPPA, BC E-Health Act*).
As a user, you will:
Be informed of the reasons for the collection, use and disclosure of your personal health information;
Be notified of the theft or loss or of the unauthorized use or disclosure of your personal health information;
Refuse or give consent to the collection, use or disclosure of your personal health information, except in certain circumstances;
Withdraw your consent by providing notice;
Expressly instruct that your personal health information not be used or disclosed for health care purposes without your consent;
Access a copy of your personal health information, except in limited circumstances;
Request corrections be made to your health records;
Complain to our office if you are refused access to your personal health information;
Complain to our office if you are refused a correction request;
Complain to our office about a privacy breach or potential breach; and
Begin a proceeding in court for damages for actual harm suffered after an order has been issued or a person has been convicted of an offence under PHIPA.
Certain information/actions/service require specific consent. Our goal is to provide you informed consent. We will step you through the process of obtaining your consent at each relevant point
Implied Consent occurs when a patient’s actions reflect the patient’s consent to treatment or procedures. For example, a patient books an appointment to their family doctor for the purpose of obtaining a referral to a specialist and communicates with their family doctor the desire to see a specialist. Another example, a patient who makes an appointment for a flu shot, keeps the appointment, and then rolls up his sleeve for the doctor to give the shot is presumed to have consented to receive the flu shot. Likewise, if a patient comes to a lab for blood work and voluntarily holds out her arm for the nurse to take blood, she has given implied consent.
You will always maintain the right to withdraw your consent at any given time. It is important to understand that the withdrawal of your consent for a particular piece of your data or as respects the processing of your data as a whole
You have a right to accuracy. You have a right to ensure that your data is accurate and complete. If you believe a component of your medical data is incomplete and/or inaccurate, please notify your doctor. Should you need to, you may contact HealthSmart and we will assist as much as possible. If the point of inaccuracy is with your care provider, it will be up to them to make the necessary amendments. We are committed to ensuring your right that your health data is accurately stored, maintained, and utilized at your consent. If you suspect or identify any inaccurate components in your health data, you may contact the following: The authoring provider of the record (ie, your doctor or care provider); or HealthSmart. We will gladly assist in ensuring you maintain an accurate health record.
We are also committed to ensuring your right to a complete health record. If you suspect that some health data may be incomplete, you may contact the following: The authoring provider of the record (ie, your doctor or care provider); or HealthSmart. We will gladly assist in ensuring you maintain a complete health record.
First Approach: Internal. In-house complaints are welcome to our privacy department. This department develops policy and can clarify protocol on how to address complaints, resolve privacy concerns.
Second Approach: If a complaining party is not satisfied, or does not feel reasonably resolved, the Office of The Privacy Commissioner of Canada or a provincial equivalent is available to address any complaints or relevant concerns.
You have a right to accuracy and completeness. You have a right to ensure that your data is accurate and complete. If you believe a component of your medical data is incomplete, please notify your doctor
Access to data. You legally have a right to access your medical information, and HealthSmart seeks to make your access to that data seamless and easy. It is important to note that your care provider, is the legal custodian of that data. To have your medical data transferred to you, you MUST request it from your care provider. This may incur a fee from your clinic.
Data sharing from your care provider to the app, and from the app to your care provider may not be guaranteed or immediate. Sharing data with your care provider when feasible and appropriate is included in a HealthSmart subscription service plan.
Your medical information comes directly from the clinic that has your medical records.
Purpose - To improve the services we offer you in order to better monitor your health
Consultations with Primary Care Provider(s)- at times we will be able to notify your primary care provider of any health concerns based on the information you provide. Examples: your reason for visit, previous diagnoses, ongoing concerns, previous chart notes, medications list, etc.
Referral Services - Where you consent or opt we may share components of your data with specialists, health providers, health facilitators, and/or other clinics.
Ethical Considerations - We will not profit from the sharing of your data, without your consent
Health Research - where you consent, your data may be used to advance not for profit health research
Pseudonymity - We will anonymize your data in a way that is privacy preserving if your information is moving away from our platform
Consent- we will obtain your consent for any transmission of components of your medical data outside of our system
We will not share your personal health information with any one without your consent whether it be a medical professional or otherwise.
We will store your credit or debit card information with your consent. Any transactions will be processed by a secure 3rd party payment processor in accordance with PIPEDA.
Your health information will always be stored using encrypted cryptographic protocols, whether on your device via a digital wallet or on our servers.
In some cases, an amount of your medical data may be stored for up to 16 years from the last date of service (ex, a care provider) or 16 years after the age of majority. (Health Professions Act BC).
HealthSmart does not have the right to delete any component of your medical data and can not facilitate any request to do so.
HealthSmart will not disclose your personal health information or medical data to any entity without your consent.
The HealthSmart app may interact with third party content.
Any third party provider that HealthSmart interacts with will be in relation to your health.
Since we have no control over third party owned content, and so it is important for you to acknowledge that we can not be responsible for, nor have any control of any content on another website or app. In utilizing our services, you must acknowledge that HealthSmart is not liable for any content, activity or events that occur while you are in those ecosystems.
Interactions with Third-Party Websites
The Website, Mobile App and Services may include functionality that allows certain kinds of interactions between the Website, Mobile App and Services and User’s account on a third-party web site or application. The use of this functionality may involve the third-party operator providing certain information, including Personal Information, but never personal health information without your consent.
You [as a user], should review the applicable third-party privacy policies before using such third-party tools in conjunction with any HealthSmart Service or before consenting for any component of your personal health information to be securely passed on to another platform.
With the growth of Internet of Things (IoT), and wearable technologies for healthcare, there are potential benefits for users and patients wishing to monitor their health more closely.
HealthSmart wellness services will seek to assist in doing so where explicit informed consent has been provided. For example, glucose monitors or devices used to administer prescribed medication may help our application users better manage chronic health conditions.
As a company, we want you to be in control of how much of those IoT readings and data are pushed to HealthSmart, and for what purpose. Data can only be received from such devices if they are made accessible via the correct data transmission standards. Additionally, while our systems are trained with AI to detect anomalies we are not responsible for the readings that are output by such devices.
Any health data that is stored on the app will be stored in a cryptographically secure manner. When data is transmitted outside of the app to an entity that you have explicitly consented to, the component of your data will be transmitted in an encrypted privacy preserving manner.
There may be certain security risks associated with the wearable or medical devices that you use, and as such we encourage those choosing to utilize IoT devices and wearable technologies to ensure that their device stipulates its security and privacy standards. HealthSmart is not responsible for any risks that relate to the construction of medical devices or wireless connection routes and it is the user and device manufacturer’s responsibility to ensure that devices are manufactured in accordance with industry standards developed by:
ISO (International Standards Association)
NIST (National Institute of Standards and Technology)
In utilizing the HealthSmart app, you understand that while we take every reasonable precaution to protect your privacy and personal health information, no platform is entirely impenetrable and there are higher risks when sharing data outside of our ecosystem.
We seek to provide you secure and privacy preserving services that decrease the risk of a privacy breach, but increase your convenience and continuity of care.
HealthSmart commits to always remain compliant with the legal requirements for health information digital service providers in Canada, and will operate in accordance with the regulatory compliance standards for health data storage, retrieval and transmission set out by the CSA and Health Level Seven.
Advertisement cookies are used to deliver visitors with customized advertisements based on the pages they visited before and analyze the effectiveness of the ad campaign.
Functional cookies help to perform certain functionalities like sharing the content of the website on social media platforms, collect feedbacks, and other third-party features.
Performance cookies are used to understand and analyze the key performance indexes of the website which helps in delivering a better user experience for the visitors.
This website uses cookies to improve your experience while you navigate through the website. Out of these cookies, the cookies that are categorized as necessary are stored on your browser as they as essential for the working of basic functionalities of the website.
We also use third-party cookies that help us analyze and understand how you use this website, to store user preferences and provide them with content and advertisements that are relevant to you. These cookies will only be stored on your browser with your consent to do so. You also have the option to opt-out of these cookies.But opting out of some of these cookies may have an effect on your browsing experience.