Privacy Policy – As at April 1, 2024

Nomad Therapies is committed to safeguarding the Personal Information entrusted to us by our clients. We manage your Personal Information in accordance with The Health Information Protection Act (HIPA) and other applicable laws. This policy outlines the principles and practices we follow in protecting your Personal Information.

This policy applies to Nomad Therapies; Nomad Therapies will require any person or third-party company providing services on behalf of Nomad Therapies to comply with this policy. A copy of this policy is provided to any client upon request.

What is personal Information?

Personal Information means information about an identifiable individual. This includes an individual’s name, home address and phone number, age, sex, marital or family status, an identifying number, financial information, etc. For the purposes of this policy, Personal Information includes Personal Heath Information, which is: information with respect to the physical or mental health of an individual or with respect to any health services provided to that individual.  Personal Health Information also includes information collected in the course of providing health services or incidental to the provision of health services, and also includes health registration information.

What Personal Information do we collect?

We collect only the Personal Information needed for the purposes of providing services to our clients (“Services”). If collection of Personal Information occurs for any other purposes, we will inform our clients of such purpose at the time of collection, unless information is provided for an obvious purpose (i.e.: provision of credit card information to pay an invoice).  We normally collect Personal Information directly from our clients.  In some circumstances, we may collect Personal Information from third parties, including “trustees” who have provided health services to a client, within the contemplation of HIPA, but such collection will occur only with a client’s consent, or as authorized by law. Where we have working arrangements with other Trustees we will require, via working agreement, that these Trustees abide by the HIPA regulations.

Consent

We will obtain a client’s express consent to collect, use or disclose client Personal Information, for the purpose of providing the Services, except in specific circumstances, where collection, use or disclosure without consent is authorized or required by law. Consent will be implied where information is supplied for an obvious purpose.

We may not be able to provide Services to a client who will not consent to the collection, use or disclosure of certain Personal Information that is necessary for us to provide those Services fully and effectively. Where express consent is needed, we will normally ask clients to provide their consent orally (in person or by telephone), or in writing (by signing a consent form).

A client may withdraw consent to the use and disclosure of Personal Information at any time unless the Personal Information is necessary for us to fulfill our legal obligations. We may be unable to or decline to provide you with Services if we do not have the necessary Personal Information.

We may collect, use, or disclose client Personal Information without consent only as authorized by law. For example, consent will not be required when the collection, use or disclosure relates to an emergency that threatens a person’s life, health, or safety.

How do we use and disclose Personal Information?

We use and disclose client Personal Information only for the purpose for which the information was collected, except as authorized by law.  If we wish to use or disclose client Personal Information for any new purpose, we will ask for the client’s consent. We may not seek consent if the law allows this (e.g. for the purpose of collecting a debt).

How do we safeguard Personal Information?

We make every reasonable effort to ensure that Personal Information is accurate and complete. We rely on individuals to notify us if there is a change to their Personal Information that may affect their relationship with our organization. If a client is aware of an error in our information about themselves, they should let us know and we will correct it on request wherever possible. In some cases, we may ask for a written request for correction.

We will use physical, technical, and administrative safeguards to protect Personal Information in a manner appropriate for the sensitivity of the information. We make every reasonable effort to prevent any loss, misuse, unauthorized access, disclosure, or modification to Personal Information. Our employees and contractors receive formal education through our organization on safeguarding personal information and the regulations of HIPA. This is done with all employees and contractors during onboarding and again on an annual basis. We also require all Information Management Service Providers that we utilize in the management of client health information to be HIPA compliant.

We use appropriate security measures when destroying Personal Information, including shredding paper records, and permanently deleting electronic records. Note that health information is presently required by HIPA to be retained for a period of 10 years.

We retain Personal Information only as long as is reasonable to fulfill the purposes for which the information was collected or for legal or business purposes.

Access to records containing Personal Information

Clients have a right to access their own Personal Information in a record that is in the custody or under the control of Nomad Therapies, subject to some exceptions. For example, organizations are required under The Personal Information Protection and Electronic Documents Act to refuse to provide access to information that would reveal Personal Information about another individual.

If we refuse a request in whole or in part, we will provide the reasons for the refusal. In some cases where exceptions to access apply, we may withhold that information and provide a client with the remainder of the record.

A client may make a request for access to their Personal Information by writing to Perry Kimber, Privacy Officer, Nomad Therapies. A client must provide sufficient information in your request to allow us to identify the information they are seeking.

A client may make a request for access to their Personal Information by writing to Perry Kimber, Privacy Officer, Nomad Therapies. A client must provide sufficient information in your request to allow us to identify the information they are seeking.

We will respond to a client request within 30 calendar days, unless an extension is required, in which case we will confirm that to the client. We may charge a reasonable fee to provide information, but not to make a correction to information that is inaccurate on our file. We will advise clients of any fees that may apply before beginning to process their request.

Changes

Our Privacy Policy may change from time to time. We will not reduce client rights under this Privacy Policy without their explicit consent. We will post any privacy policy changes on this page and, if the changes are significant, we will provide a more prominent notice (including, for certain services, email notification of privacy policy changes). We will also keep prior versions of this Privacy Policy in an archive for client review.

Questions and complaints

If a client has a question or concern about any collection, use or disclosure of Personal Information by Nomad Therapies, or about a request for access to their own Personal Information, they may contact Perry Kimber, Privacy Officer.