Statement of Information Practices – The aTouchAway Platform
The sharing of personal information (PI) and personal health information (PHI) is a core element of the aTouchAway platform, a patient remote monitoring solution that provides support to a patient and their authorized caregivers when receiving remote care and communicating with healthcare providers who are on the patient’s care team.
As the provider of the aTouchAway platform, Aetonix may use your PI/PHI when supporting its clients, who are healthcare providers through the provision of the following services:
- Enabling health care providers to use the aTouchAway platform to facilitate care provided to the patient;
- Safeguarding the PI/PHI stored, processed and managed in the aTouchAway platform;
- Limiting use of PI/PHI to only the purposes identified by Aetonix’s clients in agreements, or as described in the Aetonix Privacy Policy, and ensuring that staff only access the least amount of PI/PHI required to meet the identified purpose;
- Logging and reviewing events and activities such as access to PI/PHI;
- Maintaining an enterprise-wide privacy program to support Aetonix’s compliance with the requirements of the Personal Health Information Protection Act, 2004 (PHIPA) and its regulations as well as our agreements with health care providers. We follow recognized standards in privacy, security and information management to safeguard PI/PHI more broadly. Below is a summary of our privacy program and practices.
Aetonix will never disclose the PI/PHI of users, such as patients or their caregivers, except as instructed by its healthcare provider clients, as described in the Aetonix Privacy Policy, or where required by law.
Accountability for Privacy
Aetonix is committed to maintaining the confidentiality of the PI/PHI in its care. Aetonix has designated a Privacy Officer who is accountable for the organization’s compliance with privacy legislation and internal policies.
Aetonix Privacy Program
Aetonix has developed and implemented an enterprise-wide privacy program through which it has defined and meets its privacy obligations.
The foundation of this program is Aetonix’s Privacy and Data Protection Policy, which governs how Aetonix collects, uses and discloses PI/PHI in its control, and defines how Aetonix, as a service provider to health care providers, protects the privacy of people whose PI/PHI is in the aTouchAway platform.
Aetonix has developed and implemented the following measures to support it in meeting the requirements in its Privacy and Data Protection Policy:
- Privacy and information management procedures to ensure that Aetonix staff, contractors and third-party vendors appropriately limit their access to and use and retention of your PHI for the purposes of providing and managing the system and services;
- Privacy training and awareness for all new employees, with refresher privacy training provided annually;
- Processes for identification and management of privacy risks; and
- Privacy review activities to confirm that Aetonix complies with its privacy requirements, including Privacy Impact Assessments and Threat Risk Assessments of the services.
Consent
The collection, use, and disclosure of PI/PHI is a core element of the aTouchAway platform, a patient remote monitoring solution that provides support to a patient and their authorized caregivers when receiving remote care and communicating with healthcare providers who are on the patient’s care team. Aetonix collects certain PI from you at the time you register an account with the aTouchAway platform.
If you are a patient of a healthcare provider using the aTouchAway platform, your healthcare provider may collect PHI from you through the use of the aTouchAway platform. Obtaining your consent to collect, use and disclose your PHI is the responsibility of the healthcare provider that captures, accesses, and shares your PHI in the aTouchAway platform.
If you want to withdraw your consent for your PHI to be accessed or shared, you must contact the health care provider that provided you with care.
As the provider of the aTouchAway platform, Aetonix may use your PHI when supporting its clients, who are healthcare providers, to use the telemedicine components of the system to facilitate care provided to the patient.
Safeguards
Aetonix has implemented information security safeguards to protect your Personal Information, including PI/PHI, in the aTouchAway platform from unauthorized collection, use, disclosure, and retention. Key safeguards include, but are not limited to:
- Access controls in the aTouchAway platform and other repositories of PI/PHI (electronic and hard copy) to ensure that access to PI/PHI by staff, contractors and third-party vendors has been appropriately limited;
- Data protection measures, including protection (e.g., encryption) of PI/PHI when transmitted between health care providers and when stored in the aTouchAway platform; and
- Network protections, including firewalls, intrusion detection and prevention measures, and antimalware protections.
Your Privacy Rights
You must contact the healthcare provider that provides you with the health care that is documented in the aTouchAway platform for the following privacy matters:
- Request a copy of your PHI in the aTouchAway platform;
- Request information about how health care providers have been accessing and using your PHI in the aTouchAway platform;
- Request a correction to your PHI in the aTouchAway platform; and
- Make a privacy inquiry or complaint about how the health care providers are managing and ensuring the privacy of your PHI in the aTouchAway platform.
If you contact Aetonix regarding any of the above, we will redirect your request to the health care provider(s) that placed your PHI in the aTouchAway platform.
As a mobile account holder and user of the aTouchAway platform, you have certain rights related to your PI and the information you provide at the time you register for an account:
- Request a copy of the PI you provided at the time you registered with the aTouchAway platform;
- Request information regarding how your PI, as described above, has been accessed and used within the aTouchAway platform;
- Request a correction or update to the PI within aTouchAway platform; and
- Initiate a privacy inquiry or file a complaint about how we manage and ensure the privacy of your PI within our system.
Contact Us
Questions, inquiries or complaints about the Services that Aetonix provides can be directed to our Privacy Office, using the following contact details:
by phone:
1 855 561-4591
by email:
privacy@aetonix.com
or by mail:
Aetonix
725 Baransway Drive (formerly Third St.)
London, Ontario N5V 5G4
Canada
You can also contact Information and Privacy Commissioner of Ontario at (416) 326-3333 for privacy inquiry or complaint. See more information at: https://www.ipc.on.ca/