Privacy Policy

1.     Accountability for Personal Health Information

Icentia is a health information custodian responsible for the collection, use and disclosure of personal health information in its control. Icentia is committed to privacy by implementing privacy related procedures and policies to protect the personal health information it holds, in accordance with the Icentia Quality Manual.

Icentia staff must abide to the Personal Health Information Protection Act (PHIPA) requirements and any applicable rules of professional conduct, covered within Icentia's policies and procedures.

The Chief Privacy Officer (CPO) or its designee is the contact person accountable for the compliance of this Privacy Policy.

The CPO is authorized to and responsible for:

-       Ensuring that Icentia's personnel are appropriately informed of their duties regarding information privacy;

-       Responding to inquiries from the public about the Icentia’s information practices;

-       Responding to requests of an individual for access to or correction of a record of personal health information about the individual that is in the custody or under the control of Icentia;

-       Receiving complaints from the public about the custodian’s alleged contravention of the regulation.

2.    Identifying Purposes for Collection of Personal Health Information

Icentia only collects, uses and discloses personal information for the following purposes:

·         To safely identify a patient in the context of performing clinical data analysis and providing results to health care practitioners.

·         To safely identify a patient in the context of communicating with health care practitioners and organizations where the data is required for the health care of the patient.

·         To comply with the legal and regulatory framework of relevant legislation and to comply with any other requirements mandated by a government authority.

Icentia might use patient electrophysiological data, patient demographics or other patient data on an anonymous basis for the following purposes:

·         To improve the quality, efficacy and performance of its products.

·         To evaluate or demonstrate the quality, efficacy and performance of its products.

·         To perform research and statistical studies on its products.

3.     Consent for the Collection, Use and Disclosure of Personal Information

Icentia assumes that a patient’s request for treatment constitutes implied consent for specific purposes, unless expressly instructed otherwise.

Icentia directly or indirectly collects personal information from health care practitioners and health care organizations in the context of the prescription of tests involving at least one of its product or service.

4.     Limiting Collection of Personal Health Information

Icentia limits the collection of personal information to the purposes identified in this Policy.

5.     Limiting Use, Disclosure and Retention of Personal Health Information

Personal Health Information will not be used or disclosed for purposes other than those for which the information is collected or as required or permitted by law.

Icentia will retain personal information for the periods prescribed by applicable rules and guidelines. These may vary depending upon the type of tests that are performed. After the expiry of these periods the records Icentia will destroy, erase or make anonymous all personal information (which include physical and electronic records) in a way that protects patient privacy.

6.     Accuracy of Personal Health Information

Icentia takes proper and reasonable steps to ensure accuracy and completeness of information. Icentia minimizes the possibility of inappropriate usage of erroneous data to make a decision about a patient.

7.    Safeguards for Personal Health Information

Icentia takes all reasonable precautions to ensure that personal information, whether recorded electronically or on a physical support, is protected from loss, theft, unauthorized access, modification, use, copying, disclosure or tampering.

Icentia protects all personal information retained in its facilities and during their disposal and destruction with the following methods:

·         Physical measures (locked filing cabinets, restricting access to our office, alarm systems)

·         Technological measures (passwords, encryption, firewalls, anonymizing software)

·         Administrative and organizational controls (limiting access on a “need-to-know” basis, staff training, confidentiality agreement)

All Icentia’s employees are made aware of the importance of maintaining the security and confidentiality of all personal information in company's possession.

8.    Openness about Personal Health Information

Icentia is committed to make readily available specific information about its policies and practices relating to the management of personal health information without unreasonable effort, in a format that is generally understandable.

All requests shall be routed to " privacy@icentia.com ".

9.     Individual Access to Personal Health Information

Icentia will respond to a patient's request for access within reasonable timelines and costs to the patient, as governed by law, following consent from prescribing physician or organization.

Icentia will take reasonable steps to ensure that the requested information is made available in a format that is generally understandable.

All requests shall be routed to " privacy@icentia.com ".

10.  Challenging Compliance with the Privacy Policy

An individual is able to address a challenge or complaint concerning compliance with the above principles to the Icentia Chief Privacy Officer.

All complaints shall be addressed to " privacy@icentia.com ". Icentia receives and responds to complaints per its internal procedures.