PRIVACY POLICY

Privacy with respect to transfer of documentation and associated information will be considered of primary importance throughout your association with ATF Canada Corp.  It is our responsibility through corporate policy as well through federal and provincial privacy legislation, to handle any information provided as extremely sensitive. Where information is shared, this will be in accordance with the law (PIPEDA).  Any information stored on site, off site, or through our web based referral system is done so in a manner that is encrypted, secured by soft and/or hard means, and in compliance with the aforementioned legislation.

Privacy Policy Document 

ATF CANADA CORP.
CORPORATE PRIVACY POLICY GOVERNING THE COLLECTION, USE, RETENTION, AND DISCLOSURE OF PERSONAL INFORMATION.

ATF Canada Corp. provides impartial medical, physical, and mental health examinations as well as ergonomic, vocational, and disability management consultant services for individuals who have been referred by various third parties. As such, the privacy of personal information is extremely important to ATF Canada Corp.

We are committed to collecting, using, and disclosing personal information responsibility, and only to the extent necessary for the goods and services we provide. This Privacy Statement outlines the practices of ATF Canada Corp. relating to the collection, use and disclosure of personal information, including personal health information, obtained through the performance of the services outlined above.

In this Privacy Statement, individuals are referred to as the "Participant" and the third parties who refer the individuals are designated as the "Referring Sources".

PRIVACY LEGISLATION
Federal: Personal Information Protection and Electronic Documents Act (PIPEDA, or C-6), applicable to ATF Canada Corp., effective January 1, 2004.

Provincial: An Act Respecting the Protection of Personal Information in the Private Sector (Quebec), and all corresponding provincial legislation.

Personal Information          
For the purpose of this Privacy Statement, “personal information” means information about an identifiable individual, but does not include the name, title or business address or telephone number of an employee of an organization. "Personal health information" means: (a) information concerning medical, physical, or mental health; (b) information concerning any service provided; (c) information derived from the testing or examination of an individual, body part, or bodily substance; (d) information that is collected in the course of providing services; and (e) information that is collected incidentally to the provision of the services.

Collection of Personal Information  
ATF Canada Corp. collects the following personal information about a Participant:

  • Identification and contact information (your name, mailing address, and telephone number);
  • Demographic information (such as gender, date of birth, height, weight, and handedness);
  • Medical/Social information (such as current signs and symptoms, medications, medical history, conditions or injuries, treatment, pre and post loss activities) from: (i) Referring Sources; (ii) Participants; and (iii) Contract or Third party service providers who conduct diagnostic testing on behalf of ATF Canada Corp.
  • Examination findings, (such as medical history and information generated through the conduct of medical, physical, or mental examinations and additional diagnostic testing) from: (i) Referring Sources; (ii) Participants; and (iii) third party service providers who conduct diagnostic testing on behalf of ATF Canada Corp.
  • Proof of identity (such as a signature and photo identification).

Use of Personal Information       
ATF Canada Corp. only uses personal information about a Participant to:

  • Conduct examinations of the specific condition(s) related to an Participant's injury or illness and any prior or subsequent condition(s) that might affect such injury or illness;
  • Communicate with a Participant for purposes related to the conduct of an evaluation; and confirm the identity of a Participant.
  • Statistical purpose (such as order tracking, quality assurance/peer review, and auditing by regulatory bodies).
  • Invoicing for goods and services rendered or collect outstanding accounts.

ATF Canada Corp. does not use personal information about a Participant for any other purposes without seeking the Participant's prior consent.

Sharing of Personal Information         
ATF Canada Corp. may share personal information with third parties engaged to assist it in carrying out one or more of the purposes described above. For example, a limited amount of personal information (name, contact information, and language preferences) is shared with translators who assist in evaluations of non-English speaking Participants.

Medical, physical, and mental health information is shared with the service providers engaged by ATF Canada Corp. to perform examinations.

These service providers are prohibited from using personal information for any purpose other than to provide an evaluation and are required to protect personal information disclosed by ATF Canada Corp. in accordance with the general privacy principles described in this Privacy Statement and in accordance with applicable privacy laws.

Personal information about a Participant including medical, physical, or mental health information generated through the conduct of examinations and additional diagnostic testing is released to the Referring Source who referred the Participant.

Disclosure of Personal Information  
ATF Canada Corp. does not disclose personal information to third parties without seeking a Participant's prior consent.

ATF Canada Corp. will disclose personal information to a Participant's legal representative if the Participant so directs.

ATF Canada Corp. reserves the right to disclose personal information to a third party if a law, regulation, search warrant, subpoena or court order legally requires or authorizes it to do so.

ATF Canada Corp. also reserves the right to disclose and/or transfer personal information to a third party in the event of a proposed or actual purchase, sale, lease, merger, amalgamation or any other type of acquisition, disposal or financing of all or any portion of ATF Canada Corp. or of any of the business or assets or shares of ATF Canada Corp. or a division thereof in order for that third party to continue to provide the services.

Knowledge and Consent     
ATF Canada Corp. only collects personal information about a Participant with his/her consent. A Participant may withdraw consent at any time, subject to legal or contractual restrictions and reasonable notice. If a Participant wishes to withdraw his/her consent, he/she may contact the Privacy Officer. The Participant will be informed of the implications of withdrawing consent.

Protection of Personal Information  
ATF Canada Corp. makes commercially reasonable efforts to ensure that personal information is protected against loss and unauthorized access. This protection applies in relation to information stored in both electronic and hard copy form. Access to personal information is restricted to employees or consultants on a need-to-know basis. In addition, ATF Canada Corp. employs generally accepted information security techniques, such as firewalls and access control procedures, to protect personal information against loss and unauthorized access.
           
Retention/ Destruction of Personal Information           
ATF Canada Corp. retains personal information for as long as necessary to fulfill the purposes for which it was collected and to comply with applicable laws. Destruction of hard records is provided by a bonded shredding organization specific to each province of Canada. Electronic records contained on media such as CD ROMs are physically destroyed, once their information is no longer deemed necessary to retain. Personal information contained on reusable media such as computer hard drives and discs are deleted and where necessary re-formatted to be used within the organization. Those media past their reusability are physically destroyed.

Changes to this Privacy Statement     
ATF Canada Corp. reserves the right to modify this Privacy Statement at anytime without notice. The Privacy Statement distributed at any time or from time to time shall be deemed to be the Privacy Statement then in effect.

Reviewing, Correcting, Updating Personal Information          
With only a few exceptions, you have the right to review the factual personal information we hold on you. Requests to access and review information are to be made in writing, with proof of identity, to the appropriate Privacy Officer.  ATF Canada Corp. will respond to your request within 30 days and reserves the right to charge a nominal fee depending on the nature of the request and the amount of information in our possession. Should you identify an error in our factual information, corrections can be submitted in writing to the organization via the same contact Officer.

If we are unable to provide you access to the requested information we will respond in writing within 30 days of the request outlining our reasons.

ATF CANADA CORP.
CORPORATE PRIVACY POLICY GOVERNING COLLECTION, USE, RETENTION, AND DISCLOSURE OF EMPLOYEES, CONSULTANT, AND CONTRACTOR/ SUBCONTRACTOR INFORMATION.

PURPOSE
To outline the responsibilities of ATF Canada Corp. and all members of the workforce including employees, subcontractors and consultants – to safeguard personal information in our possession.

DEFINITION OF PERSONAL INFORMATION
Any information that is collected and linked to a specific individual including, but not limited to, specific information such as SIN, phone number and birth date, broader information such as financial information, employment records and health information and/or any information that allows the person to be identified. Personal information can be stored and/or transmitted in any form, whether electronically, on paper or through conversation.

PRIVACY LEGISLATION
Federal: Personal Information Protection and Electronic Documents Act (PIPEDA, or C-6), applicable to ATF Canada Corp., effective January 1, 2004.

Provincial: An Act Respecting the Protection of Personal Information in the Private Sector (Quebec), and all corresponding provincial legislation.

EMPLOYEE RIGHTS
ATF Canada Corp. Human Resources and Management will collect, use and may disclose employee personal information only as necessary for personnel and benefits management. Collection of personal information from a third party regarding an employee or candidate will be obtained with the consent of the employee or candidate, except as permitted by law.

To protect the privacy and physical security of such personal information, personnel files will be maintained in secure areas at all times. This includes personal notes and annual performance reviews maintained by managers in their offices. Only individuals who need the information to carry out their job duties may have access to an employee’s personal information.

Appropriate measures will also be taken to ensure that personal information remains confidential. No one may disclose personal information to outsiders, or disclose it for other purposes unless the individual concerned consents, or except as permitted by law. Careful use of the file and clear indication to outsiders that ATF Canada Corp. does not comment on current or former employees are among the rules to be followed to ensure confidentiality. References regarding an ATF Canada Corp. employee may be provided only upon receipt from the employee concerned of written consent to disclose such information and the name(s) of the party(ies) to whom the reference may be provided.
While most personal information is obtained when an employee joins ATF Canada Corp. the responsibility for updating personal information rests with each employee. Each employee has the right to correct any inaccurate or incomplete information in his/her personnel file.
An employee who wants to review his/her personnel file, or wants more information about this matter, should contact the Office Manager or Immediate Supervisor and/or and Human Resources.

EMPLOYEE RESPONSIBILITIES
Every employee and member of the workforce of ATF Canada Corp. has a legal and ethical responsibility to safeguard the privacy and confidentiality of personal information, in any form. When an employee or member of the workforce in the course of his/her work collects personal Information directly from an individual, he/she must ensure the individual has knowledge of all uses and disclosures regarding his/her personal information and informed consent is provided.

In the course of work with ATF Canada Corp., employees and members of the workforce may have access to, or observe, such personal information. All employees and members of the workforce must ensure that such information is maintained in the strictest confidence by implementing the following procedures:

ACCOUNTABILITY
Pursuant to privacy legislation, ATF Canada Corp. has designated a Privacy Officer accountable for the organization’s compliance legislation.

The Privacy Officer is accountable for the following:

  • Achieving and maintaining compliance with privacy legislation;
  • Ongoing monitoring of compliance for all services, products and processes
  • Responding to all inquiries including RFIs, RFPs, etc. regarding privacy compliance;
  • Addressing all internal and external complaints regarding privacy compliance;
  • Reviewing marketing materials and service descriptions regarding privacy compliance;
  • Updating corporate privacy procedures as needed;
  • Ensuring employees are knowledgeable about their role in ATF Canada Corps’ ongoing commitment to protecting the privacy of personal information.

LIMITING USE AND DISCLOSURE OF PERSONAL INFORMATION
When personal information must be discussed or otherwise shared with other ATF Canada Corp. employees and members of the workforce, it must be on a “need-to-know basis” within the course of work. All employees and members of the workforce are to use their best judgment in determining if the person with whom they are sharing personal information has a business need-to-know about such information.

All are to use best efforts to ensure that others who do not have a need-to-know and are not directly involved in the matter cannot overhear such conversations and cannot see the personal information in question.

Electronic documents containing personal information are not to be stored on a shared drive.

When using, disclosing, or requesting personal information, reasonable care must be taken to limit information to the minimum amount necessary to accomplish the intended purpose. All employees and members of the workforce are to use best judgment and consult their manager to determine if what is being requested is the minimal amount necessary.

Email must contain the following language (Example)

“This e-mail may be privileged and/or confidential, and the sender does not waive any related rights and obligations. Any distribution, use or copying of this e-mail or the information it contains by other than an intended recipient is unauthorized. If you received this e-mail in error, please advise me (by return e-mail or otherwise) immediately.

Ce courriel est confidentiel et protégé. L'expéditeur ne renonce pas aux droits et obligations qui s'y rapportent. Toute diffusion, utilisation ou copie de ce message ou des renseignements qu'il contient par une personne autre que le (les) destinataire(s) désigné(s) est interdite. Si vous recevez ce courriel par”

Or

“The information contained herein, including any attachments, is proprietary and confidential and is intended for the exclusive use of the addressee. It may contain privileged information and/or personal information subject to privacy legislation. Any dissemination or use of this information by a person other than the intended recipient is unauthorized and may be illegal. If you have received this email in error, please notify us immediately by reply email and destroy all copies. ”

The ATF Canada Corp. fax and memo templates must contain the required confidentiality language and must be used for all correspondence containing personal information.

When providing personal information over the phone, all employees and members of the workforce must use best efforts to authenticate the caller to be sure the caller is in fact an individual entitled to receive the personal information. The questions to be asked to determine authentication is at the discretion of the business unit’s manager.

Upon becoming aware of an inappropriate use or disclosure of personal information in violation of these procedures, all are required to 1) notify the receiving party and instruct them to immediately destroy the information, and 2) notify the Privacy Officer of the situation.

SECURITY SAFEGUARDS
No real, live data is to be used for software demonstrations and/or service presentations, unless it has been completely indemnified.

Password protected screen savers are to be utilized to restrict visibility or computer screens when left unattended. All employees are to use their own passwords, which are to be changed regularly. Monitors are to be turned away from plain view, where practical. All electronic documents are to be password protected or otherwise encrypted.
Documents containing personal information are to be kept out of plain view and in locked cabinets or drawers when not in use.

PERSONAL INFORMATION AND CONTRACTING
When contracting, all purposes for which the personal information is to be used, disclosed, transmitted or reported by ATF Canada Corp. must be communicated to the contracting party and noted in the contract.

Unless an exception is available, the client from whom ATF Canada Corp. receives personal information must state in the contract that they have (will prior to submitting the personal information) obtained consent to disclose personal information for the noted purposes.

When ATF Canada Corp. must disclose personal information to a third party to fulfill a contractual obligation (i.e., independent assessments, treatment providers), all such third-party contracts are to include language whereby ATF Canada Corp. ensures that the third party receiving such information will administer safeguards to protect the personal information as mandated by privacy legislation.

CHALLENGING COMPLIANCE
Any internal or external complaints regarding the handling of personal information are to be brought to the attention of the Privacy Officer.

CONSEQUENCES FOR VIOLATIONS
Violations of these procedures will result in disciplinary action, up to and including dismissal.

All web site content is subject to copyright © 2010 All rights reserved