Privacy Policy

Information Management & Privacy Policy

Purpose
 Happy at Home Support Services Inc. is committed to protecting the privacy, confidentiality, and security of client and employee information. This policy ensures compliance with the Personal Health Information Protection Act (PHIPA), 2004, the Home and Community Care Act, 2020, Accreditation Canada standards, and other relevant legislation governing health information management.

Scope
 This policy applies to all employees, contractors, students, and volunteers who handle personal or health information within Happy at Home Support Services Inc.

Information Collection and Use

Happy at Home collects, uses, and discloses personal health information (PHI) only as necessary to:

  • Assess, plan, and provide home care services.
  • Communicate with clients, substitute decision-makers, and authorized representatives.
  • Ensure continuity of care and service coordination with Ontario Health at Home, hospitals, physicians, and other providers.
  • Meet legal, regulatory, funding, and accreditation requirements.
  • Support quality improvement, risk management, and staff training (using de-identified information when possible).

Privacy and Confidentiality

All PHI will be handled with strict confidentiality. Staff and representatives must:

  • Follow confidentiality agreements, privacy protocols, and PHIPA regulations.
  • Access PHI only on a “need-to-know” basis.
  • Maintain records securely in both electronic and paper formats.
  • Refrain from discussing client information in public or non-secure settings.
  • Use caution when transmitting PHI electronically (encrypted email, secure fax, or approved telehealth platforms only).

Information Storage and Security

  • Electronic Records: Stored in secure, encrypted systems with role-based access controls and audit logs.
  • Paper Records: Stored in locked cabinets accessible only to authorized staff.
  • Remote Access: Permitted only through company-approved, secure devices and networks.
  • Auditing: Regular monitoring and audits are conducted to detect unauthorized access or breaches.

Retention and Disposal of Information

  • Records are retained for at least 10 years from the last interaction, or 10 years past the age of majority for minors.
  • Secure disposal is completed via cross-shredding (paper) or certified digital erasure (electronic).
  • Disposal is documented and verified by management.

Consent and Information Disclosure

  • Informed consent is obtained before collecting, using, or sharing PHI, except where disclosure is required by law (e.g., public health, court orders, risk of harm).
  • Clients have the right to:
    • Access their own health record.
    • Request corrections to inaccurate or incomplete information.
    • Request a record of disclosures.
    • Withdraw consent for information sharing, subject to legal exceptions.

Reporting a Privacy Breach

All suspected or confirmed breaches must be reported immediately to the Designated Privacy Officer. Steps include:

  1. Secure the information and contain the breach.
  2. Investigate and document details.
  3. Notify affected individuals without unreasonable delay, if required.
  4. Report to the Information and Privacy Commissioner of Ontario (IPC) if the breach meets legal thresholds.
  5. Implement corrective and preventive measures.

Employee Responsibilities and Training

All staff, contractors, and volunteers must:

  • Complete privacy and information security training at orientation and annually thereafter.
  • Follow policies, procedures, and legislation governing PHI.
  • Report any incidents, near misses, or breaches immediately.

Compliance and Enforcement

Failure to comply with this policy may result in corrective action, up to and including termination of employment or contract. Serious breaches may also be reported to regulatory authorities.

Continuous Improvement

  • Privacy practices will be reviewed at least annually and following any incident.
  • Feedback from clients, families, and staff will inform policy updates.
  • Monitoring and audits will be used to ensure ongoing compliance with PHIPA and Accreditation Canada standards.

Designated Privacy Officer

The Privacy Officer for Happy at Home Support Services Inc. is:

Sheona Kloostra RN/CEO 

Cookie Notice

Website Cookies and Online Tracking
 Happy at Home Support Services Inc. may use cookies on its website.

  • Essential cookies are required for basic website functionality (such as security, language selection, and navigation).
  • Optional cookies (such as analytics or marketing tools) are used only with consent, to improve user experience and understand website usage.
  • Visitors may choose to accept all cookies, reject non-essential cookies, or customize preferences.

Cookie practices comply with the Personal Information Protection and Electronic Documents Act (PIPEDA) and align with our commitment to transparency and client privacy.

 

Phone

705-326-9355

(24/7 RN On-Call)

Office Hours

Monday – Friday: 8 am – 4 pm

Saturday – Sunday: Closed

Address

Happy at Home Care Support Services- 100 Mississaga St. W. Orillia, Ontario, L3V 3B1

Necessary cookies enable essential site features like secure log-ins and consent preference adjustments. They do not store personal data.
None
Functional cookies support features like content sharing on social media, collecting feedback, and enabling third-party tools.
None
Analytical cookies track visitor interactions, providing insights on metrics like visitor count, bounce rate, and traffic sources.
None
Advertisement cookies deliver personalized ads based on your previous visits and analyze the effectiveness of ad campaigns.
None