Multiplex Genomics’ objective is to be the standard for Patient Privacy in the Canadian healthcare industry against which other companies measure themselves. Privacy is the right of an individual to control the Collection, Use and Disclosure of their Personal Information (PI) and Personal Health Information (PHI).
Multiplex Genomics recognizes that protecting its Patients’ privacy is the basis upon which it establishes trust within its healthcare community. Protecting Patient Privacy is fundamental in Multiplex Genomics’ business and reflects our values of Caring, Customer Driven, Agile and One Team. Moreover, it complies with the laws applicable to Multiplex Genomics’ conduct of business.
Capitalized terms used in this Policy are defined in Appendix A to this Policy. Questions regarding this Policy should be forwarded to the Privacy Office at email@example.com.
This Policy establishes the framework and principles to govern the Collection, Use, Disclosure, Retention and Destruction of Patient PI/PHI by Multiplex Genomics, in a manner that respects Patient Privacy while enabling the effective and efficient provision of health services to Patients. This Policy also outlines governance and accountability for Multiplex Genomics’ Privacy commitments and appropriate risk-based management of PI/PHI. This Policy reflects compliance with Applicable Privacy Laws and incorporates Privacy and industry best practices.
The Privacy policies and procedures are intended to reflect and comply with Applicable Privacy Laws. In all cases, these Privacy policies and procedures should be interpreted in a manner that is consistent with Applicable Privacy Laws. In the event of any actual conflict between Multiplex Genomics’ Privacy policies and procedures and Applicable Privacy Laws, the Applicable Privacy Laws are paramount and must be followed.
This Policy applies to all Patient PI/PHI that is Collected, Used, or Disclosed, Retained by Multiplex Genomics, in any form whether oral, electronic, written or otherwise.
Every person who Collects, Uses or Discloses Patient PI/PHI as an Employee, agent or service provider of Multiplex Genomics must comply with this Policy.
This Policy does not include Privacy of Multiplex Genomics’ Employees. Employee Privacy is addressed in a separate Employee-specific policy.
This Policy is current from the last revision date set out in the revision table at the front of the document. Multiplex Genomics’ Privacy Office will review Privacy policies and procedures periodically to ensure that they remain relevant and current with respect to changes in Multiplex Genomics’ business, changing legislation, and evolving technologies. The Chief Privacy Officer will lead a fulsome review of the Privacy policies and procedures at least every two years to ensure they continue to meet Privacy best practices as they evolve.
The Ten Principles and Compliant Practices at Multiplex Genomics
Multiplex Genomics applies the ten Fair Information Principles enumerated below in the handling of PI/PHI. These principles form the basis of Multiplex Genomics’ compliance with its legal obligations pursuant to Applicable Privacy Laws. These principles are also reflected in other Multiplex Genomics policies and procedures adopted to implement specific privacy commitments and practices.
Multiplex Genomics is responsible for PI/PHI under its control and designates individuals who are accountable for compliance with these 10 principles.
Every person who Collects, Uses or Discloses Patient PI/PHI on behalf of Multiplex Genomics is accountable for handling of that PI/PHI in accordance with this Policy. Ultimate accountability for protecting Privacy at Multiplex Genomics rests with the Chief Executive Officer and Board of Directors. Multiplex Genomics’ Privacy governance and accountability framework is outlined in Section 4 below. The Chief Privacy Officer of Multiplex Genomics is the lead executive accountable for Multiplex Genomics’ Privacy commitments and compliance with Applicable Privacy Laws and reports directly to the Chief Executive Officer.
As a Custodian, Multiplex Genomics remains responsible for PI/PHI in its possession or custody, including PI/PHI that has been transferred to a third party, such as a service provider, for processing. Before transferring any PI/PHI to any third party for any permitted reason, Multiplex Genomics requires them to sign binding agreements to protect the confidentiality and Security of such PI/PHI. Multiplex Genomics’ policy and procedures respecting transfers of PI/PHI to or from a third party are set out in the Multiplex Genomics Privacy in Agreements with Third Parties Policy.
Multiplex Genomics’ accountability for compliant Collection, Use and Disclosure is also found in its Privacy policies and procedures to give effect to these ten principles, including:
- creating procedures designed to help protect PI/PHI while it is in the custody of Multiplex Genomics
- creating procedures to receive and respond to privacy-related inquiries and complaints and request for access to information by Patients and third parties
- training Employees and communicating information to Employees about Multiplex Genomics’ policies and procedures
- publishing materials, including on the Multiplex Genomics website, to explain Multiplex Genomics’ privacy Policies and procedures
Multiplex Genomics identifies the purposes for which it collects PI/PHI at or before the time the information is collected.
Multiplex Genomics identifies the purposes for collecting PI/PHI at the time of Collection (referred to as the Identified Purposes). Multiplex Genomics Collects PI/PHI from the Patient (or their SDM) for the purpose of serving the Patient’s medical, health and diagnostic needs. The Identified Purposes may be identified in a requisition, batch sheet, or by written notices where Multiplex Genomics is providing services. If Multiplex Genomics receives PI/PHI from a referring health care provider, the referring health care provider must similarly have disclosed the Identified Purposes to the Patient.
When Multiplex Genomics wishes to Use or Disclose PI/PHI for a purpose other than an Identified Purpose, it will obtain the Patient’s Consent before such new Use or Disclosure, unless such Use or Disclosure is required or permitted by law. Multiplex Genomics may, however use Anonymized information such as population-level, aggregate information to evaluate our performance, contribute to health system improvement and to support research.
Multiplex Genomics Collects, Uses or Discloses PI/PHI only with the Patient’s knowledge and Consent, subject to Applicable Privacy Law exceptions.
The knowledge and Consent of the Patient are required for the Collection, Use, or Disclosure by Multiplex Genomics of PI/PHI, except where law or a recognized authority permits Collection, Use or Disclosure of PI/PHI without such knowledge and Consent. Multiplex Genomics will seek such Consent at the time of its Collection. In certain circumstances, Consent may be sought after the PI/PHI has been Collected, but before it is so Used or Disclosed, such as when there is an additional purpose beyond the original Consent.
In determining the appropriate form of Consent, Multiplex Genomics may take into account the type and sensitivity of the PI/PHI involved and the circumstances of Collection. In appropriate circumstances, Consent may be implied, such as when a Patient presents a requisition at a PSCs for diagnostic tests and by notifying Patients of the Identified Purposes through notices clearly posted at its PSCs prior to the point of Collection of PI/PHI. Multiplex Genomics may obtain Consent in other ways, including, for example, using an application form and/or a check-off box, or orally - in particular, when PI/PHI is Collected over the telephone. Consent can also be given by an SDM, such as the legal guardian of a child. In obtaining Consent, Multiplex Genomics will Use reasonable efforts to address the expectations of the Patient.
Multiplex Genomics will not, as a condition of the supply of a product or service, require a Patient to Consent to the Collection, Use, or Disclosure of PI/PHI beyond that required to fulfill the specified and legitimate Identified Purposes.
A Patient may withdraw Consent at any time, subject to legal or contractual restrictions and reasonable notice. Multiplex Genomics will inform the Patient of the implications of such withdrawal when it is submitted.
Multiplex Genomics limits the collection of personal information to that which is necessary for the Identified Purposes. Information will be collected by fair and lawful means.
Multiplex Genomics will not Collect PI/PHI that is unrelated to an Identified Purpose or in a misleading or deceptive manner. Both the amount and the type of PI/PHI Collected will be limited to that which is necessary to fulfil the Identified Purposes.
Limiting Use, Disclosure and Retention
Multiplex Genomics will not use or disclose personal information for purposes other than the Identified Purposes for which it is collected, except with the consent of the individual or as required by law. Personal information will be retained only as long as necessary for the fullfillment of the stated purposes.
Multiplex Genomics will not Use or Disclose PI/PHI for purposes other than those Identified Purposes for which it was Collected, except with the Consent of the Patient, or as permitted or required by Applicable Privacy Laws. Only Employees with a business “need-to-know”, to fulfill the Identified Purposes, are granted access to PI/PHI.
Multiplex Genomics may Disclose PI/PHI to the Patient to whom the PI/PHI relates, and for any other purpose to which the Patient Consents. Multiplex Genomics may also disclose PI/PHI to a Patient’s authorized health care professionals for the purpose of treatment and health care decisions.
Multiplex Genomics will keep PI/PHI only as long as it remains necessary or relevant for the Identified Purposes, and as permitted or required by applicable law. Multiplex Genomics will Destroy or Anonymize PI/PHI that is no longer permitted or required to be retained. Multiplex Genomics has guidelines and procedures for the Retention of PI/PHI and for the Destruction and Anonymization of PI/PHI.
Multiplex Genomics will maintain personal information as accurate, complete and up-to-date as is necessary for the purpose for which it is used.
PI/PHI Used by Multiplex Genomics should be sufficiently accurate, complete, and up-to-date as possible to minimize the likelihood of any negative impact resulting from the Use of inaccurate PI/PHI. Multiplex Genomics will not routinely update PI/PHI, unless necessary to fulfill the Identified Purposes for which the PI/PHI was Collected. For example, PI/PHI that was accurate and complete when Collected or created, such as a lab test result, continues to be “accurate, complete and up-to-date” as a historical record and need not be updated by Multiplex Genomics.
If a Patient brings any inaccurate or outdated PI/PHI to Multiplex Genomics’ attention, Multiplex Genomics will make the corrections to the extent necessary for the Identified Purposes and then will provide the Patient with a confirmation of those corrections. Where a revision is not made, an explanation will be provided to the Patient.
Multiplex Genomics protects personal information by security safeguards appropriate to the sensitivity of the information.
Multiplex Genomics protects PI/PHI that has been Collected, regardless of the format in which it is held, against loss or theft, unauthorized access, unauthorized Disclosure, copying, Use, or modification, through safeguards which are appropriate to the sensitivity of the PI/PHI, the amount, distribution, and format of the PI/PHI, and the method of storage. /p>
The methods of protection used include:
- physical measures, for example, locked filing cabinets and restricted access to offices and premises in which PI/PHI is kept
- secure protocols for the physical transport of PI/PHI including specimens
- organizational measures, for example, limiting access on a “need-to-know” basis
- complex technological measures for the protection of PI/PHI in electronic form, established through robust industry-leading information security practices
- destruction of PI/PHI when it is no longer required to be retained
- contractual terms to protect PI/PHI that is Collected from or Disclosed to non-Multiplex Genomics entity in the course of business
Multiplex Genomics will also promote a culture of Privacy-awareness and compliance and require Employees to participate in Privacy training upon hiring and at least annually thereafter.
Multiplex Genomics will make specific information about its policies and procedures relating to its management of personal information readily available to individuals.
Multiplex Genomics will make specific information about this Policy and supporting Multiplex Genomics policies and procedures relating to the management of PI/PHI, readily available to Patients in a form that is generally understandable. This information should be readily available including on Multiplex Genomics’ websites and at locations where it receives Patients.
The information made available should include:
- a description of the type of PI/PHI typically Collected and Used by Multiplex Genomics and Multiplex Genomics’ commitments in handling PI/PHI
- contact information of the Privacy Office accountable for Multiplex Genomics’ Privacy program and method of making inquiries or complaints
- the means for a Patient or their SDM to gain access to their PI/PHI held by Multiplex Genomics
- other information that explains Multiplex Genomics’ Privacy policies and standards
Multiplex Genomics will inform individuals of the existence, use, and disclosure of his or her personal information, and give them access to their own information. An individual may challenge the accuracy and completeness of the information and have it amended as appropriate.
Multiplex Genomics will respond to written requests for a copy of a Patient’s PI/PHI and requests for correction to PI/PHI where a Patient believes the information is inaccurate or incomplete, in accordance with the Multiplex Genomics Personal Information Access Procedure. Multiplex Genomics may charge a fee for responding to such requests as described in that procedure.
Multiplex Genomics is accountable for its compliance with the above principles and an individual may address a challenge concerning compliance with the above principles to the Privacy Office.
A Patient may submit make inquiries regarding Multiplex Genomics’ compliance with this Policy or applicable Privacy legislation by contacting the Privacy Office by mail, email or telephone using the contact information in Section 7 below. Multiplex Genomics’ procedures for this are detailed in the Multiplex Genomics Privacy Inquiries Procedure. Multiplex Genomics will investigate all material concerns pursuant to this procedure. If Multiplex Genomics concludes that a concern or complaint is justified, Multiplex Genomics will take appropriate measures to address the concern. Multiplex Genomics will inform a Patient who has raised a concern or complaint of the outcome of the investigation.
Governance and Accountability
Multiplex Genomics’ Privacy governance distributes accountability and responsibility for Privacy management and oversight within Multiplex Genomics. While designated individuals or bodies have particular responsibilities, it remains every Employee’s responsibility to ensure compliance with Multiplex Genomics’ Privacy commitments and obligations under Applicable Privacy Laws. Third parties with whom Multiplex Genomics may exchange PI/PHI are also accountable for compliance with their Privacy-related contractual commitments to Multiplex Genomics and with Applicable Privacy Laws.
The Privacy governance framework at Multiplex Genomics is made up of:
- Board of Directors (BOD)
- Chief Executive Officer (CEO)
- Chief Operating Officer (COO)
Accountabilities and Responsibilities
Chief Executive Officer and Board of Directors:
The CEO and BOD have ultimate accountability for protecting Privacy at Multiplex Genomics. The CEO and BOD promote a culture of awareness and compliant Privacy practices throughout the Multiplex Genomics. They are the ‘tone from the top’ in incorporating Privacy considerations into every aspect of Multiplex Genomics’ business that touches PI/PHI.
The CEO is accountable for ensuring that Multiplex Genomics has an effective Privacy program in place, designed to support the compliance of Employees and third parties with Multiplex Genomics’ Privacy policies and procedures and Applicable Privacy Laws.
The CEO delegates the oversight and management of the Privacy program to the Chief Privacy Officer.
Chief Operating Officer and Privacy Office:
The COO is a Multiplex Genomics executive who is the internal and external point of contact and representative for Privacy matters within Multiplex Genomics. The COO reports to the CEO and is accountable for the strategic and operational oversight of the Multiplex Genomics Privacy program throughout Multiplex Genomics’ businesses. The CPO’s mandate includes:
- Acting as the public face of Privacy compliance within Multiplex Genomics including being the lead or primary point of contact for:
- privacy inquiries, complaints and access requests
- the containment, resolution and investigation of privacy breaches
- Oversight for the Multiplex Genomics Privacy program including policies and procedures that reflect privacy best practices, promotion of a privacy-culture and awareness, and delivering privacy training and resources for Employees
- Liaising with Regulators and external and internal stakeholders
- Overseeing Privacy risk management activities
- Leading the Privacy Office in operationalizing the Multiplex Genomics Privacy program
(a) Privacy Office/Privacy Officers:
The COO delegates responsibility for day-to-day management of the Privacy program to the Multiplex Genomics Privacy Officers that form the Privacy Office. The Privacy Office will ensure that Multiplex Genomics complies with its commitments and obligations as set out in its privacy policies and procedures and Applicable Privacy Laws.
Privacy Officers of Multiplex Genomics’ affiliates will provide regular, not less frequently than bi-weekly, reporting on the performance of their respective affiliates’ Privacy programs to the COO. The COO will be engaged by Privacy Officers to consult on material Privacy issues impacting Multiplex Genomics’ affiliates as they arise.
Multiplex Genomics’ Privacy Office will review Privacy policies and procedures periodically to ensure that they remain relevant and current with respect to changes in Multiplex Genomics’ business, changing legislation, and evolving technologies. /p>
(b) Policy and Procedure Review:
(c) Annual Report on Privacy:
The COO will prepare an Annual Report on Privacy for presentation to the ELT, CEO and BOD. The report will provide summary information about significant Privacy matters at Multiplex Genomics (including its affiliates) in the prior year including:
- Privacy incidents, breaches and investigations
- Privacy inquiries and complaints
- Material Policy or operational updates in the Privacy program
- Enhancements of physical, organizational and technological Security
- Summary of Privacy training and awareness in the prior year
- Privacy risk management report
Executive Leadership Team:
Each ELT member will be responsible for oversight of Privacy compliance and risk management within the Multiplex Genomics functional area for which they are responsible. The ELT will receive periodic reporting on Privacy matters from the COO and will provide input, raise considerations from each member’s function’s Privacy experience and make recommendations on Privacy issues. The ELT will have Privacy as a standing item on its quarterly agenda, or more frequently as requested by the CPO. Matters for ELT consideration include, but are not limited to:
- Privacy issues requiring review or feedback from the ELT
- Privacy breaches and complaints
- Progress of risk mitigation activities and results of PIAs and audits
- Summary of material changes to Multiplex Genomics Privacy policies and procedures
- Function-specific Privacy issues or concerns that have arisen
Privacy and Cyber-Security Executive Governance Committee:
The Privacy and Cyber-Security Executive Governance Committee is a committee of executive leaders including the CEO, COO, and other key members of the ELT, and other key employees across the organization. This Committee was established to integrate Privacy and information security into all business functions. It plays a key role in Multiplex Genomics’ Privacy program in providing a governance body that integrates Privacy and security requirements into the design of Multiplex Genomics’ businesses and ensures the tone at the top for key areas for the organization such as privacy and cyber-security.
Risk and Assurance Policy
Multiplex Genomics applies a risk-based approach to identify, assess, mitigate and monitor risks that may negatively impact Multiplex Genomics’ ability to protect Privacy in compliance with this Policy and Applicable Privacy Laws. Privacy risk management is a continuous process within Multiplex Genomics, overseen by the COO and operationalized by the Privacy Office.
Effective Privacy risk management relies on broad participation and input from every functional area of Multiplex Genomics and every ELT member is responsible for supporting Privacy risk management activities within their respective functions. The Chief Privacy Officer will escalate enterprise-level Privacy risks to the Multiplex Genomics’ Enterprise Risk Management (ERM) Program.
Privacy risk management is detailed in the Multiplex Genomics Privacy Risk Management Procedure. This risk-based approach includes:
- Risk identification and assessment including establishing and maintaining a risk register that applies risk severity and likelihood to guide mitigation initiatives
- Privacy impact assessments (PIAs) to identify Privacy risks inherent in business initiatives, programs or technology solutions, including preliminary Privacy assessments (PPAs) as an essential element of the project lifecycle process
- Periodic monitoring through Privacy compliance audits and risk mitigation efficacy reviews
- Privacy risk training and resources to support the identification, reporting and mitigation of Privacy risks
For further information about this Policy and Multiplex Genomics information handling practices contact the Multiplex Genomics’ Privacy Office:
- By Mail:
- 574 Hanlon Creek Boulevard, Guelph, ON, N1C 0A1
- Attn: Multiplex Genomics Privacy Office
- By phone at 1-519-827-8294
- By email at firstname.lastname@example.org
Appendix A – Definitions
Throughout this Policy, and for all supporting privacy policies, the following definitions will be used for the associated terms:
Anonymize – means the act of stripping data of sufficient identifying detail such that it can no longer be connected with the Patient to whom it originally related, including bythe aggregation of data in a manner that prevents disaggregation that enables connection to that Patient, and Anonymization has a similar meaning.
Applicable Privacy Laws - means all federal, provincial, municipal or other applicable statutes, laws, regulations, rulings, judgments or orders of any governmental or regulatory authority, or judicial body, in any jurisdiction in which Multiplex Genomics conducts business governing the handling of information about an identifiable individual, as may be amended or otherwise revised from time to time, including Ontario’s Personal Health Information Protection Act (PHIPA), British Columbia’s Personal Information Protection Act (PIPA), the federal Personal Information Protection and Electronic Documents Act (PIPEDA), Alberta’s Health Information Act, 2001 (HIA), Saskatchewan’s Health Information Protection Act, 2003 (HIPA), and the province’s public sector privacy legislation where Multiplex Genomics is providing services to a provincial ministry.
Chief Privacy Officer - means the Multiplex Genomics executive accountable for meeting legislative privacy requirements and overseeing the Multiplex Genomics privacy program, reporting to the Chief Executive Officer.
Collection - means the act of gathering, acquiring, creating, recording, or obtaining PI/PHI from any source, including sources other than the Patient to whom the PI/PHI relates, by any means, and Collect and Collecting have similar meanings.
Consent - means an agreement to a proposed course of action. Consent can be either express or implied and can be provided directly by the Patient or by an authorized representative. Express Consent can be given orally, electronically or in writing. Implied Consent is Consent that can reasonably be inferred from a Patient’s action or inaction. Consent must be knowledgeable, must relate to the information collected, used or disclosed for a particular purpose, and must be obtained without deception or coercion.
Custodian - means a person or organization who has custody or control of personal information or personal health information as a result of or in connection to health care services. Multiplex Genomics is a Custodian.
Destroy - means the rendering of a quantity of information in whatever form, such that its content is beyond recovery, such as through shredding, erasure, autoclaving, etc. and Destruction has a similar meaning.
Disclosure - means through action or inaction, permitting access to PI/PHI by a Third Party, and “disclose” has a similar meaning.
Employee - means a permanent, temporary, past or present, full or part-time staff member, consultant or contractor engaged by Multiplex Genomics.
Identified Purposes - means the stated reasons and intended purposes for which PI/PHI is being requested or Collected.
Information and Privacy Commissioner (IPC) - means the independent provincial legislative officer appointed in a province to oversee and promote the protection of personal privacy.
Multiplex Genomics - means Multiplex Genomics Inc. and its affiliates, subsidiaries and divisions now existing or created while this Policy is in effect, including its operating entitles Multiplex Genomics.
Patient - means the individual with respect to whom the personal information or personal health information is being collected.
Personal Health Information (PHI) - means, with respect to an identifiable Patient, whether living or deceased, (a) information concerning the physical or mental health of the Patient; (b) information concerning any health service provided to the Patient; (c) information concerning the donation by the Patient of any body part or any bodily substance of the Patient or information derived from the testing or examination of a body part or bodily substance of the Patient; (d) information that is Collected in the course of providing health services to the Patient; or (e) information that is Collected incidentally to the provision of health services to the Patient; excepting where such information has been sufficiently Anonymized such that it can no longer be connected with the Patient to whom it originally related.
Personal Information (PI) - means information about an identifiable Patient, including Personal Health Information, excepting where such information has been sufficiently Anonymized such that it can no longer be connected with the Patient to whom it originally related.
Privacy - means the right of a Patient to control the Collection, Use and Disclosure of their PI/PHI.
Privacy Office - means the Chief Privacy Officer together with the Privacy Officers.
Privacy Officer - means a Multiplex Genomics Employee who is accountable for the day-to-day management of Multiplex Genomics’ Privacy program, reporting to the Chief Privacy Officer.
Retention - means, with regard to Privacy compliance, maintaining possession of a record after Collection.
Security - means the protection of assets by ensuring the confidentiality, integrity and availability of information through the application of safeguards.
Substitute Decision-maker (SDM) - means a second party, authorized under legislation, to make decisions on behalf of a Patient, for example, as in the case of a parent or guardian of a child.
Use - means the treatment, handling, management and Retention of PI/PHI.
Appendix B – Privacy ResourcesFurther References
- Master Information & Privacy Commissioner of Ontario, www.ipc.on.ca