Book Now

Privacy Policy

Your Privacy is Our Priority

Cornerstone Family Counselling Services is committed to protecting your Personal Health Information (PHI) and adhering to Ontario’s Personal Health Information Protection Act (PHIPA). This policy outlines our practices to ensure your data is handled safely and with the utmost respect.

Purpose

Cornerstone Family Counselling Services (CFCS), as a Health Information Custodian (HIC), is dedicated to protecting the privacy and security of Personal Health Information (PHI) under our care. This policy ensures client information is managed in compliance with Ontario’s PHIPA guidelines.

What is Personal Health Information (PHI)?

PHI includes any identifying information about an individual, such asAt Cornerstone, we value compassion, inclusivity, and excellence in everything we do.

  • Information related to physical or mental health, including family health history.
  • Details about health care provided to the individual.
  • Identification of a substitute decision-maker.
  • Health card number.

CFCS collects PHI to provide counseling and therapy services. This may include your name, date of birth, address, health history, family background, and records of services provided.

Our Privacy Responsibilities

To protect PHI, CFCS and its staff are required to:

  • Designate a Privacy Officer responsible for privacy practices.
  • Implement clear privacy policies.
  • Share only necessary health information with authorized parties, ensuring that only those involved in care have access
  • Notify clients if their information is shared outside the circle of care, intentionally or unintentionally.
  • Train all staff, students, and volunteers on PHIPA obligations.

Our Privacy and Security Policy supports CFCS staff in understanding their legal and professional obligations to maintain confidentiality and comply with PHIPA requirements. Staff members are advised to contact the Privacy Officer whenever uncertainty arises.

Guiding Ethical Practices

01.

CFCS staff must act in accordance with their professional and legal obligations.

02.

Clients must feel confident that their PHI will remain confidential to preserve trust in the therapeutic relationship.

03.

Confidentiality is critical to providing the highest standard of care, encouraging clients to share complete and accurate information for better outcomes.

Collecting and Disclosing Information

Collection of PHI

Staff can only collect information directly relevant to the mental health treatment of the client, as per CRPO requirements

Disclosure of PHI

Staff may only disclose PHI

  • With the patient’s or substitute decision-maker’s consent, and when necessary for lawful purposes.
  • Where permitted under legislation, without the patient’s or substitute decision-maker’s consent.
  • Where required by law.

Consent

We require client consent before disclosing PHI.

 Implied Consent: Assumed for sharing information within the client’s “circle of care.”

 Express Consent: Required for disclosures outside the circle of care, except as allowed by law.

Lock Boxes

Clients may restrict specific personal health information from being disclosed. CFCS staff will honor these restrictions unless it compromises safety or legal obligations. If restrictions impede safe treatment, staff may refuse to provide non-emergency services, explaining their decision to the client.

Standards and Practices

  • Staff will not share client information except for supervision, safety, or when directed by the client or permitted by law.
  • In group supervision or discussions, first names, initials, pseudonyms, and age will be used to protect client identity.
  • Records will be retained for at least 10 years after the last interaction or the client’s 18th birthday, whichever is later.
  • Express consent will be documented for any post-closure requests for information or booster sessions

Monitoring

CFCS conducts regular audits of our Client Information System to ensure compliance. The designated Privacy Officer performs bi-annual attestations to confirm alignment with privacy practices.

Unauthorized Access

Staff are prohibited from accessing client records unless directly involved in their care. Unauthorized access or misuse of client data will result in disciplinary action, regulatory reporting, or legal action.

Data Breach Response

In the event of a data breach, CFCS will:

  1. Identify and Contain the Breach: Immediately determine the nature and extent of the breach.
  2. Notify Affected Individuals: Inform individuals promptly, including the types of information involved and steps to mitigate harm.
  3. Report to Authorities: Notify the Information and Privacy Commissioner of Ontario as required.
  4. Conduct a Thorough Investigation: Identify the cause and implement measures to prevent future breaches.
  5. Review and Update Policies: Update privacy and security policies as needed.

Contact Us

If you have questions or concerns about our privacy practices, please contact:

Evelyn DeMoss

Privacy Officer
Email: [email protected]

Have Questions?

We’re happy to answer any questions you may have about our services. Fill out our contact form, and we’ll get back to you promptly.

Connect with Us

Do you have questions about our privacy policy? Please fill out the form below, and we’ll get back to you promptly.

Empowering Lives, Inspiring Hope.

Quick Links
Legal
Pages
Join Our Community
Facebook Twitter Instagram Youtube

Copyright © 2024 Cornerstone Family Counselling Services. All rights reserved. | Powered by Orthoplex Solutions