Commitment to Stakeholders
Phoenix Medical Systems Ltd.
is committed to protecting the privacy of our employees, our members, their
patients, and all other public stakeholders. We value the trust of our
stakeholders, and we commit to being clear, transparent and accountable when
dealing with the information that is entrusted to us.
In delivering our programs and
services, we gather and use personal information as required for their intended
purposes. We carefully protect this information, and will obtain consent to utilize
the information if required for any other purpose.
Purpose
Phoenix Medical Systems
Ltd. gathers, stores and transmits medical
practitioner and patient data through their MediClaim & WristShot
billing applications for the sole purpose of filing claims
for payment to medical practitioners from the Medical Services Plan in BC,
Ontario Health Insurance Plan, Workers Compensation Board and the Insurance
Corporation of BC. This data includes personal information about the
practitioner and the patient. Financial information about the practitioner is
also stored.
Personal
information gathered by Phoenix Medical Systems Ltd. is kept confidential. Our
staff will utilize personal information only for the reason that it was
intended. Safeguards are in place to ensure that the information is not
disclosed or shared beyond its original purpose. We also take the strongest
measures to ensure that the integrity of this information is maintained and to
prevent it from being lost or destroyed.
What
is Personal Information?
Personal
information is any information that can be used to distinguish, identify or
contact a specific individual. This information can include an individual’s
medical condition, as well as facts about, or related to, that individual. The law
outlines some exceptions. These include: business contact
information and certain publicly available information, such as names,
addresses and
telephone numbers
that are published in directories. Where a person uses his or her home contact
information as business contact information, we consider that the contact
information provided is business contact information, and is not subject to
protection as personal information.
Personal and public
information about the medical practitioner includes their full names, business
and/or home address, contact phone numbers and email addresses. MSP and OHIP practitioner
and payment numbers, and relevant college identification numbers are stored. In
most cases, credit card numbers and expiry dates are also stored in secure
locations and are not stored on servers.
Personal and public
information about the patient includes their full names, dates of birth, sex,
personal health care numbers, in some cases home addresses, and a numeric code
describing the nature of the condition for which they require treatment ( as
defined by the International Code of Diagnostics, version 9).
Why
is this information required?
In the case of the medical
practitioner, names, college and practitioner/payee numbers are required
information by MSP for the purpose of filing claims for payment. Addresses,
phone and other contact information, and credit card information are required
for processing payments by the practitioner for using the services provides by
Phoenix Medical Systems Ltd. From time to time, practitioner data may be
used by Phoenix Medical Systems Ltd. for their own statistical research
(purposes). Individual physician data is not used. Only aggregate data is
surveyed for demographic purposes, and only public information is used for
these purposes.
In the case of the
patient, only the information required by MSP in order to remunerate the
practitioner for the services they provide on behalf of the patient is
collected, stored and transmitted.
Who
is this information shared with?
Medical practitioner
information is shared only with OHIP, MSP, WCB, and ICBC for the sole
purposes described. Credit card information is shared only with a
credit card payment processing agent, in accordance with that
agents, and the credit card companys’ own
privacy policies. Currently, Phoenix Medical Systems Ltd. uses Moneris Inc. for
the purpose of processing credit card payments.
Patient data is shared
only with the relevant health authorities and insurance providers, in this
case, the Medical Services Plan of BC, Ontario Health Insurance Plan, and when
necessary, the Workers Compensation Board and Insurance Corporation of BC.
Why
is the patient data stored after the practitioner is
paid?
Patient data is stored in
order to provide accounting reports and an audit trail, should the practitioner, or governing bodies require it. Governing
bodies would include the
Use
of Smartphone Camera
Wristshot
requires use of the camera in your smartphone to function with it’s full set of features.
Wristshot
uses the smartphone camera to collect patient data by capturing their Personal Health
Number and date of birth from patient charts or wristbands.
Patient Data is retained
on the smartphone only until associated fee for service claims are submitted by
the user, typically one day.
The user may choose to
delete patient data from their smartphone at any time prior to submitting their
claim data to the Medical Services Plan of British Columbia
This data is shared only
with the Medical Services Plan of British Columbia for the purpose of
processing fee for service claims submitted by the user.
Security
and Safeguards
Phoenix Medical Systems
Ltd. ensures personal information is protected by security safeguards
appropriate to the sensitivity of the information.
The MediClaim & WristShot billing applications have physical and technical
measures in place to ensure the security of information. Servers reside in a
secure data centre facility which is accessible only
to a limited group of authorized personnel.
MediClaim / WristShot uses advanced encryption
and firewall technology. The entire MediClaim Members Site is protected by a
sophisticated firewall technology which is regularly updated to ensure up-to-the-minute
intrusion detection and prevention.
Security measures have
been integrated into the design, implementation, and day-to-day operating
practices of the web site and mobile application as part of our continuing
commitment to privacy.
Responsibilities
Phoenix Medical
Systems Ltd. has appointed an individual to act as Privacy Officer. For more
information, contact info@mediclaim.ca.