Commitment to Stakeholders

 

Phoenix Medical Systems Ltd. is committed to protecting the privacy of our employees, our members, their patients, and all other public stakeholders. We value the trust of our stakeholders, and we commit to being clear, transparent and accountable when dealing with the information that is entrusted to us.

 

In delivering our programs and services, we gather and use personal information as required for their intended purposes. We carefully protect this information, and will obtain consent to utilize the information if required for any other purpose.

 

Purpose

Phoenix Medical Systems Ltd. gathers, stores and transmits medical practitioner and patient data through their MediClaim & WristShot billing applications for the sole purpose of filing claims for payment to medical practitioners from the Medical Services Plan in BC, Ontario Health Insurance Plan, Workers Compensation Board and the Insurance Corporation of BC. This data includes personal information about the practitioner and the patient. Financial information about the practitioner is also stored.

Personal information gathered by Phoenix Medical Systems Ltd. is kept confidential. Our staff will utilize personal information only for the reason that it was intended. Safeguards are in place to ensure that the information is not disclosed or shared beyond its original purpose. We also take the strongest measures to ensure that the integrity of this information is maintained and to prevent it from being lost or destroyed.

What is Personal Information?

Personal information is any information that can be used to distinguish, identify or contact a specific individual. This information can include an individualís medical condition, as well as facts about, or related to, that individual. The law outlines some exceptions. These include: business contact information and certain publicly available information, such as names, addresses and

telephone numbers that are published in directories. Where a person uses his or her home contact information as business contact information, we consider that the contact information provided is business contact information, and is not subject to protection as personal information.

Personal and public information about the medical practitioner includes their full names, business and/or home address, contact phone numbers and email addresses. MSP and OHIP practitioner and payment numbers, and relevant college identification numbers are stored. In most cases, credit card numbers and expiry dates are also stored in secure locations and are not stored on servers.

Personal and public information about the patient includes their full names, dates of birth, sex, personal health care numbers, in some cases home addresses, and a numeric code describing the nature of the condition for which they require treatment ( as defined by the International Code of Diagnostics, version 9).

Why is this information required?

In the case of the medical practitioner, names, college and practitioner/payee numbers are required information by MSP for the purpose of filing claims for payment. Addresses, phone and other contact information, and credit card information are required for processing payments by the practitioner for using the services provides by Phoenix Medical Systems Ltd. From time to time, practitioner data may be used by Phoenix Medical Systems Ltd. for their own statistical research (purposes). Individual physician data is not used. Only aggregate data is surveyed for demographic purposes, and only public information is used for these purposes.

In the case of the patient, only the information required by MSP in order to remunerate the practitioner for the services they provide on behalf of the patient is collected, stored and transmitted.

Who is this information shared with?

Medical practitioner information is shared only with OHIP, MSP, WCB, and ICBC for the sole purposes described. Credit card information is shared only with a credit card payment processing agent, in accordance with that agents, and the credit card companysí own privacy policies. Currently, Phoenix Medical Systems Ltd. uses Moneris Inc. for the purpose of processing credit card payments.††††

Patient data is shared only with the relevant health authorities and insurance providers, in this case, the Medical Services Plan of BC, Ontario Health Insurance Plan, and when necessary, the Workers Compensation Board and Insurance Corporation of BC.

Why is the patient data stored after the practitioner is paid?

Patient data is stored in order to provide accounting reports and an audit trail, should the practitioner, or governing bodies require it. Governing bodies would include the College of Physicians and Surgeons and the Medical Services Plan of BC.

Use of Smartphone Camera

Wristshot requires use of the camera in your smartphone to function with itís full set of features.

Wristshot uses the smartphone camera to collect patient data by capturing their PersonalHealth Number and date of birth from patient charts or wristbands.

Patient Data is retained on the smartphone only until associated fee for service claims are submitted by the user, typically one day.

The user may choose to delete patient data from their smartphone at any time prior to submitting their claim data to the Medical Services Plan of British Columbia

This data is shared only with the Medical Services Plan of British Columbia for the purpose of processing fee for service claims submitted by the user.

Security and Safeguards

Phoenix Medical Systems Ltd. ensures personal information is protected by security safeguards appropriate to the sensitivity of the information.

The MediClaim & WristShot billing applications have physical and technical measures in place to ensure the security of information. Servers reside in a secure data centre facility which is accessible only to a limited group of authorized personnel.

MediClaim / WristShot uses advanced encryption and firewall technology. The entire MediClaim Members Site is protected by a sophisticated firewall technology which is regularly updated to ensure up-to-the-minute intrusion detection and prevention.

Security measures have been integrated into the design, implementation, and day-to-day operating practices of the web site and mobile application as part of our continuing commitment to privacy.

Responsibilities

 

Phoenix Medical Systems Ltd. has appointed an individual to act as Privacy Officer. For more information, contact info@mediclaim.ca.