Privacy Policy
Updated February 1, 2023
Our Commitment
MemberRx is committed to ensuring the confidentiality and protection of personal information and personal health information (collectively referred to as “personal information”) in our possession.
MemberRx uses our patients’ personal information in accordance with this MemberRx Privacy Policy unless otherwise required by applicable law. We ensure that personal information we collect is relevant and used for limited purposes. Our Privacy Policy is governed by the information handling practices of the Personal Information Protection and Electronic Documents Act (PIPEDA), Personal Health Information Protection Act (PHIPA), and applicable provincial and professional standards.
Accountability
All MemberRx employees are accountable and committed to ensuring that your personal information is held in the strictest confidence. MemberRx’s Privacy Officer is responsible for the overall compliance to the requirements of all privacy legislation.
Identifying Purposes
MemberRx collects, uses, discloses, retains and destroys personal information for the sole purpose of providing the highest quality pharmacy services.
MemberRx identifies the purposes for which it collects personal information before or at the time of collection. This information is required to render the highest level of clinical care.
MemberRx shall not use or disclose, for any purpose, personal information that has been collected without first identifying and documenting the new purpose and obtaining consent.
Consent
MemberRx collects, uses and discloses personal information only with the consent of the individual, subject to certain exceptions. Such exceptions are set out in the law and include where legal, medical or security reasons make it impossible or impractical to seek consent. Consent may be expressed in writing. It may also be given verbally, electronically, or through an authorized representative.
In some situations, an authorized representative may take the place of the patient or customer. This means that another person has the authority to do what the individual can do under relevant legislation. An authorized representative may be:
- A guardian of a minor (someone who has the care and custody of a minor or takes daily care of the minor, such as a married parent, a divorced parent with a custody order, a guardian appointed by a Court, etc.);
- An executor or administrator of the estate of an individual who has died;
- A guardian or trustee of a dependent adult;
- An individual acting with the written authorization of an individual; or
- An individual who is acting under power of attorney.
Consent regarding the collection, use or disclosure of personal information related to an individual under 18 years of age will be obtained from the minor’s parent, guardian or legal representative.
Consent may be withdrawn at any time, subject to legal or contractual restrictions and reasonable notice. Persons withdrawing consent will be notified of any impact this may have on their eligibility for services provided by MemberRx.
Your consent is considered valid through to the completion of pharmacy services rendered, provided the reasons for the consent have not changed.
Limiting Collection of Personal Information
MemberRx only collects personal information required to render pharmacy services. Where appropriate, MemberRx will collect personal information directly from the patient or customer. It is sometimes necessary to collect personal information from other sources such as physicians (e.g., to obtain diagnoses and test results, relevant clinical notes, etc.) and other pharmacies (e.g., to obtain complete medication histories, obtain inofmrtaion on medication intolerances/ adverse reactions, etc.). MemberRx will obtain consent to collect this information.
Where MemberRx collects information from third parties (e.g., physicians and pharmacists), it is assumed that such third party has obtained its clients’ consent before disclosing the information. MemberRx is not responsible for any additional information members provide directly to these parties.
Limiting Use, Disclosure, and Retention of Personal Information
Personal information is not, without consent, used or disclosed to a third party for any purpose other than that for which it was collected, unless such use or disclosure is required or allowed by law.
When information is provided to a third party, we require them to protect it in a manner that is consistent with our privacy policy and practices. We do not sell your information to other organizations.
MemberRx retains personal information only if necessary to fulfil the identified purpose or otherwise required or allowed by law.
Reasonable and systematic controls shall be maintained to ensure that records retention and destruction schedules are followed for personal health information that is no longer required. Personal information that is no longer required shall be destroyed, erased or made anonymous. MemberRx shall use appropriate security measures when disposing of personal information no longer required.
MemberRx does not engage in any activity involving the selling, trading, renting or leasing of personal information.
Accuracy
MemberRx will make reasonable efforts to ensure that patients and customers personal information is as accurate, complete and current as required for the purposes for which it was collected. In some cases, MemberRx relies on individuals to ensure that certain information, such as mailing address, delivery address, email address or telephone number is current, complete and accurate.
Safeguards
MemberRx protects the security and confidentiality of personal information with safeguards appropriate to the sensitivity of the information, to protect your personal information from unwanted intrusion, release or misuse.
All employees are orientated and trained on privacy practices at the time of hire and sign a confidentiality agreement which is part of MemberRx’s standard employment agreement.
To keep the Personal Information secure, we restrict unauthorized access through protective policies, procedures, and technical measures, including:
- providing reasonable physical and electronic safeguards with regard to the storage of personal information;
- limiting access to your personal information to those employees who we reasonably believe need to come into contact with that information to provide pharmacy services to you or in order to do their jobs; and
- governing employees and other contractors by strict standards and policies to ensure that personal information is secure and treated with the utmost care and respect.
All personal information data is stored, accessed and used in Canada.
Openness
Information about our privacy policies and practices for managing and safeguarding your personal information shall be made available to you. Upon written request addressed to MemberRx’s Privacy Officer, we will provide a copy of these guidelines, and respond to inquiries about our practices relating to personal information.
Individual Access
If you would like to access your personal information at any time, please provide your request in writing. Your personal information will be available to you, subject to certain exceptions as permitted by law. You may also verify the accuracy and completeness of your information, and request that it be amended, if appropriate. As your file may contain information that is clinical in nature, we will invite you to meet with one of our pharmacists when you review your file. The pharmacist will be available to answer any of your questions. Similarly, you may request a copy of your file, in part or in whole, if required, by submitting a request in writing to a MemberRx staff member, again, subject to certain exceptions, as permitted by law.
We may need to collect additional personal information to validate the identity and authority of the individual making the access request. This is to ensure that only individuals authorized to access your information can do so. This additional information will only be used for the purpose of validating the information request.
Inquiries & Concerns
Any concerns or inquiries related to our privacy policies and practices should be made in writing to MemberRx’s Privacy Officer. All inquires will be investigated thoroughly, and if found to be justified, appropriate corrective measures will be taken, up to and including revising current policies and practices. Any such corrective actions will be included in our response to the individual making the inquiry.
All MemberRx employees are responsible for ensuring the privacy and confidentiality of your personal information. If you have any questions or concerns about your personal information, or if you would like more information about MemberRx’s policies and practices for managing and handling personal information, you are invited to contact MemberRx. If your privacy concerns cannot be addressed to your satisfaction, or you wish further information, your inquiry will be forwarded to MemberRx’s Privacy Officer. You may contact MemberRx’s Privacy Officer directly by email at [email protected] or in writing to 5220 Explorer Drive, Suite 105, Mississauga, ON L4W 5L1.