(Last modified September 17, 2017)
Data Based Medicine Americas Ltd. and its affiliates, licensors, and agents (“DBM”) are committed to protecting your Personal Information and safeguarding the privacy of all Users of the TaperMD™ Portal (“the Portal”), which is accessible through the website meds.tapermd.wpengine.com (“the Website”).
“Account(s)” means the account used by Users to sign into and use the Portal.
“Health Care Provider” means a Practitioner, clinic, or business that subscribes to the Portal and registers its Patients with Accounts to the Portal.
“Identifying Information” means personally identifiable information that identifies an individual or for which it is reasonably foreseeable in the circumstances that it could be utilized, either alone or with other information, to identify an individual. This includes information such as name, address, email, and date of birth.
“Non-Personal Information” means information of an anonymous nature, such as an Internet Protocol Address, the domain used to access the Website, and the type and version of browser or operating system being used. Aggregate information, such as demographic statistics of Users (e.g., average age or geographical allocation), number of Users, which pages Users access or visit, average time spent on the Website, and information volunteered by Users, such as survey information, is also considered Non-Personal Information.
“Patient(s)” means those patients and clients of the Health Care Provider who are initially registered by the Health Care Provider with DBM to access the Portal.
“Personal Health Information” means identifying information about an individual, if the information (a) relates to the physical or mental health of the individual, including information that consists of the health history of the individual’s family, or (b) relates to the provision of health care services to the individual, including the identification of a person as a provider of health care to the individual.
“Personal Information” means both Identifying Information and Personal Health Information.
“Practitioner(s)” means those employees and agents of the Health Care Provider registered to be Users in order to access Personal Information through the Portal.
“User(s)” means any individual with authorized access to the Portal (whether a Health Care Provider, Practitioner, or Patient).
Collection of Personal Information
Personal Information is also collected to initiate the Users’ account setup and validation. This allows expedition of Users’ enrolment and access to the Portal, and includes without limitation, the User’s name and email.
Use of Personal Information
DBM collects and stores Personal Information to provide Users with direct and convenient access to a Patient’s Personal Information within the Portal. The Portal is a web-based tool that allows Health Care Providers to interact online with Patients in a private and convenient environment.
DBM uses Personal Information provided for verification and communication purposes with the Health Care Provider, Practitioners, and any authorized third party. In particular, the Portal is intended only to do the following:
- a) Allow Patients to seek general or specific information relevant to a Patient’s medications from health care providers and practitioners.
- b) Allow Patients to initiate the creation of and access to a personal health record containing information about a Patient, such as health history, medications, allergies, suspected medication side effects, health priorities, and other relevant personal information in one place.
- c) Be used by health care providers and practitioners to review and possibly reduce the medication burden on Patients.
DBM may use authorized agents to provide services on its behalf (“the Agents”). DBM gives the Agents only the Personal Information they need to deliver the service. DBM requires the Agents to maintain the confidentiality and privacy of the Personal Information and prohibits them from using such information for any other purpose.
DBM and the Agents may use your Personal Information for the following purposes:
- to provide Users with information about the Portal, including updates and notifications;
- to send Portal email communications;
- to invoice applicable service fees, if any;
- to maintain and administer Accounts;
- for support services; and
- to generate statistics and aggregate reports to improve the Portal.
DBM may disclose the Personal Information provided to it:
- to the extent that DBM is required to do so by law;
- in connection with any legal proceedings or prospective legal proceedings;
- to establish, exercise, or defend DBM’s legal rights;
- to any person who DBM reasonably believes may apply to a court or other competent authority for disclosure of that Personal Information where, in DBM’s reasonable opinion, such court or authority would be reasonably likely to order disclosure of that Personal Information; or
- any other circumstances permitted by PIPEDA or PHIPA.
DBM uses commercially reasonable efforts to ensure that Personal Information is stored and maintained in a secure environment. DBM has in place physical, electronic, technological, and organizational safeguards to appropriately protect Personal Information against loss, theft, and unauthorized access, copying, disclosure, use, or modification. DBM stores all Personal Information on secure password-protected and firewall-protected servers. All electronic transactions you make to or receive from DBM are encrypted using SSL technology. However, please note that DBM cannot guarantee that such information may not be accessed, disclosed, altered, or destroyed by breach of any of its physical, technical, or managerial safeguards.
You are responsible for keeping your password and Account details confidential. DBM will not ask you for your password (except when you log into the Portal). Steps you can take include:
- Creating a strong and unique Account password and updating it periodically.
- Not sharing your password with anyone. DBM will never ask you for your password, including in any unsolicited communication from DBM, such as letters, phone calls, or email messages.
- Logging out of your Account once you are finished using it, especially if you share your device or computer with anyone else.
- Having a strong and unique password on your device or computer.
Access to Personal Health Information
Users can access the Personal Health Information DBM holds about them by sending DBM an email at firstname.lastname@example.org. DBM will advise you in advance of any charges for copies of your file. DBM may be unable to provide you with some information in certain circumstances, such as if the information also refers to other individuals, is subject to legal privilege, contains confidential information, cannot be retrieved using your name or account number, or as otherwise permitted or restricted by law. If you wish to notify DBM of any changes to your Personal Health Information, or if you believe that any information DBM holds about you is inaccurate or incomplete, please send DBM an email with the corrections to the email address noted above.
Chief Privacy Officer
Attn: Dr. Dee Mangin
Data Based Medicine Americas Ltd.
Department of Family Medicine
100 Main Street West, 5th Floor
Hamilton ON L8P 1H6
All communications relating to privacy will be considered confidential and treated as such.
You have the right to complain to the Office of the Privacy Commissioner of Canada if you think DBM has violated your privacy rights for Personal Information. The Commissioner can be reached at:
- 30 Victoria Street, Gatineau, Quebec K1A 1H3
- Phone: (819) 994-5444 or 1-800-282-1376
- Fax: (819) 994-5424
- Web: www.priv.gc.ca
You have the right to complain to the Information and Privacy Commissioner of Ontario if you think DBM has violated your privacy rights for Personal Health Information. The Commissioner can be reached at:
- 1400 – 2 Bloor Street East, Toronto, ON M4W 1A8
- Phone: (416) 326-3333 or 1-800-387-0073
- Fax: (416) 325-9195
- Web: www.ipc.on.ca