Privacy Policy

PDF Version

 

CMPA and privacy

At the Canadian Medical Protective Association (CMPA) we understand the importance of privacy and the protection of our members’ personal information. The CMPA places the highest value on ensuring the confidentiality of members’ personal information entrusted to us, and strives to comply with all legal and regulatory requirements.

This privacy policy governs personal information collected from or about individuals, including members and staff of the CMPA. The Association collects, uses, and discloses information solely for the purposes of providing medical-legal services to its members, for reasons that are consistent with this purpose, or as mandated by law. Information is kept securely and retained only as long as necessary to fulfil its purpose. You have a right to access the information collected about you, within a reasonable time frame, in accordance with existing legislation except in limited circumstances.

The CMPA will, from time to time, review and revise its privacy practices and this privacy policy. Policy changes will apply to the information collected from the date of the revised privacy policy as well as to existing information held by the CMPA at the time of amendment. The CMPA’s privacy statements are also updated on a regular basis. You will be reminded of our privacy policy and these updates with your annual billing reminder. Should you have any questions or concerns, you are invited to contact us.

Collection and use of personal information

Summary

The CMPA collects personal information to enable the Association to provide medical legal services and membership maintenance support to its members. This information is generally collected from the individual directly. The Association will not sell or trade personal information for financial or other consideration, and will only disclose information as mandated by law.

Details

The CMPA collects personal information solely to fulfill the mandate of the Association, which includes:

  • communicating with members
  • granting assistance to members and providing risk management advice for and on behalf of members
  • business and medical risk analytics
  • providing support to members with provincial or territorial reimbursement programs, third party payer groups (e.g. groups who pay membership fees on a member’s behalf), and provincial or territorial medical regulatory authorities (Colleges)
  • facilitating the use of the national physician identification system known as the Medical Identification Number for Canada (MINC)
  • conducting service related surveys and providing educational programs and general advice
  • meeting legal or regulatory requirements

The CMPA’s use of personal information is limited to these purposes or is consistent with them.

For the purposes of this policy, we consider "personal information" to mean information, recorded in any form, about an identified individual, or an individual whose identity may be inferred or determined from the information. When you provide personal information, you agree and consent that the CMPA may collect, use, and disclose your personal information in accordance with the CMPA Privacy Policy. The CMPA does not sell, trade, barter, exchange or disclose for consideration any personal information it has obtained. You are free to withdraw your consent. However, if you choose not to provide us with consent to collect, use, or disclose personal information, we may not be able to offer the services requested.

Website privacy

Summary

Our web server tracks general information about visitors, such as their IP address and domain name, along with page view data. This information, only in aggregate form, is used internally to serve visitors better by helping us manage our site.

In addition, the CMPA website uses cookies (data stored on your browser) to track website usage. Session cookies track a user’s progression, and are deleted as soon as you close your browser. Persistent cookies are used in limited circumstances to enable our web server to facilitate an authorized user’s access to certain resources such as the CMPA Good Practices Guide.

On the member site, additional information may be collected in accordance with our privacy policy. Your use of the member site is considered consent to collect and use this information.

Details

Our web server tracks general information about visitors such as their IP address, domain name, time of visit and may ask for your medical specialty, occupation or other non-identifiable information. The CMPA’s website also collects and aggregates information regarding which pages are being accessed. This information, only in aggregate form, is used internally to serve visitors better by helping us manage our site, diagnose any technical problems and improve the content of our website.

In addition, the CMPA uses a technology called "cookies" which can provide specific information from a website. A "cookie" is an element of data that a website can send to your browser, which may then store it on your system.

The CMPA website uses session cookies to track website usage. Session cookies track a user’s progression through our website(s) in a single visit. These cookies enable our web server to remember things as you progress from one page to another. Session cookies are deleted as soon as you close your browser. If you leave your browser open for a prolonged period, the cookies on our website are not set to erase themselves automatically after a short period of time. They will, however, be deleted when you shut down your browser.

Persistent cookies do not erase themselves, and they remain on your computer until you erase them using your browser settings. This website makes use of persistent cookies in limited circumstances. In particular, persistent cookies enable our web server to remember specific information related to an authorized user’s access to resources when required. As persistent cookies do not erase themselves, authorized users need not provide this specific information every time they access the CMPA from the same computer. If you have any specific questions regarding website privacy and cookies, please contact the Privacy Office.

Please note that for security purposes and to ensure that the CMPA’s website remains available for use, the CMPA employs software programs to monitor network traffic, to identify unauthorized attempts to upload or change information, and to prevent denial-of-service attacks or other attacks intended to cause damage.

The CMPA may disclose personal information collected via this website to individuals or organizations that it retains to assist in the provision of service to users of this website (e.g., technical support). This will occur only if that individual or organization has signed a confidentiality and non-disclosure agreement, and agrees to use such personal information solely for the purposes of performing tasks pursuant to instructions of the CMPA and, with respect to that information, to act in a manner consistent with the requirements of this statement.

The CMPA retains the right to use aggregated information that does not identify or permit the identification of an individual in any way that it determines appropriate.

Disclosure of your personal information

Summary

Your membership provides consent for the CMPA to use and disclose your personal information to provide services to you and in support of your membership. The CMPA also discloses personal information as mandated by law. In these circumstances, the Association will not disclose more information than is required.

Details

The CMPA will only disclose your personal information in accordance with the CMPA Privacy Policy.

The CMPA may collect, use, and disclose personal information to confirm or support your membership with third parties, including:

  • medical associations and provincial or territorial governments responsible for administering CMPA fee reimbursement programs
  • Colleges with whom you have registration
  • hospitals, universities, clinics, and third party payer groups (e.g. groups who pay membership fees on a member’s behalf) with whom you work
  • the Medical Identification Number for Canada (MINC)

At your direction, the Association will also provide information to other organizations with whom you interact in the course of your practice that have a legitimate interest in confirming your CMPA membership.

When the CMPA confirms or supports membership with third parties, medical-legal information will not be released. A list of medical associations, provincial or territorial governments, and Colleges with whom the CMPA exchanges personal information may be obtained from the CMPA website or by contacting the Association. The CMPA will only disclose personal information to organizations where the organization agrees to use such personal information solely for the purposes for which it was provided and to protect the information using appropriate means of security.

The CMPA does not engage in any commercial use of your information.

There are some circumstances where the CMPA may disclose personal information without consent. Such circumstances include where the CMPA:

  • is required by law or by order of a court or tribunal
  • believes, upon reasonable grounds, that it is necessary to protect the rights, privacy, safety, or property of an identifiable person or group
  • believes it necessary to establish or collect fees
  • believes it necessary to permit us to provide approved services, pursue available remedies, or limit any damages that we may sustain
  • believes the information is public

Where obliged or permitted to disclose information without consent, the CMPA will not disclose more information than is required.

The CMPA will only disclose personal information about former members in accordance with this privacy policy. The CMPA retains the right to use non-identifiable information in any ethical way that it determines appropriate.

Accuracy and retention

Summary

The CMPA endeavours to ensure that your personal information is accurate, and generally retains personal information only for as long as is necessary to fulfill the purposes for which it was collected. Our retention policy is reviewed and updated regularly.

Details

The CMPA endeavours to ensure that any personal information in its possession is accurate, current and complete. Information contained in files that have been closed is not actively updated or maintained. The CMPA generally retains personal information as long as the Association believes it is necessary to fulfil the purpose for which it was collected. Once this purpose has been fulfilled, the CMPA destroys the information in a secure manner that protects the privacy of the individual to which the information relates. Currently, the CMPA stores personal information in the city of Ottawa, Ontario.

Protection of personal information

Summary

The CMPA endeavours to maintain reasonable physical, procedural, and technical security with respect to its offices and information storage facilities.

Details

The CMPA endeavours to maintain adequate physical, procedural, and technical security with respect to its offices and information storage facilities so as to prevent any loss, misuse, unauthorized access, disclosure, or modification of personal information. This also applies to the disposal or destruction of personal information.

As part of those precautions, we restrict access to personal information to those employees and external associates we determine need to know that information in order that the CMPA may provide its services. The CMPA has a policy under which employee misuse of personal information is treated as a serious offence for which disciplinary action may be taken.

The CMPA may rely on external associates who are located in the United States and other countries. Some personal information collected by the CMPA may therefore be retained in countries other than Canada where privacy laws may offer different levels of protection from those in Canada, and personal information may be subject to access by and disclosure to law enforcement agencies in those jurisdictions.

We audit our procedures and security measures from time to time to ensure that they remain effective and appropriate.

Access to your personal information

Summary

The CMPA strives to provide access to personal information in keeping with all applicable legislation. The CMPA may decline to provide access to personal information only in accordance with existing legislation.

Details

We will provide information from our records in a form that is easy to understand, and will also endeavour to provide explanations for any abbreviations or codes used. When possible, the CMPA will also provide a list of organizations that may have received such information.

We may charge a reasonable cost (e.g. photocopying, mail charges) to the individual making the request.

The CMPA reserves the right to decline to provide access to personal information where the information requested:

  1. would disclose:
    1. the personal information of another individual or of a deceased individual
    2. trade secrets or other confidential business information that may harm the CMPA or the competitive position of a third party, or interfere with contractual or other negotiations of the CMPA or a third party, or result in a significant financial loss or gain to the CMPA or a third party, including but not limited to:
      1. materials relating to the CMPA’s strategic or operational planning activities
      2. any portion of a test document, except a cumulative total test score for either a section of or the entire test document
  2. is subject to solicitor-client or litigation privilege, or a professional privilege or obligation
  3. is not readily retrievable and the burden or cost of providing would be disproportionate to the nature or value of the information
  4. does not exist, is not held, or cannot be found by the CMPA
  5. could reasonably result in serious harm to the treatment or recovery of the individual concerned or another individual, serious emotional harm to the individual or another individual, or serious bodily harm to the individual or another individual
  6. may harm or interfere with law enforcement activities and other investigative or regulatory functions of a body authorized by law to perform such functions
  7. any other grounds under applicable legislation

Where information will not or cannot be disclosed, the individual making the request will be provided with the reasons for non-disclosure.

The CMPA will not respond to repetitive or vexatious requests for access and, in doing so, will consider such factors as the frequency with which information is updated, the purpose for which the information is used, and the nature of the information. To guard against fraudulent requests for access, the CMPA may require sufficient information to allow it to confirm the identity of the person making the request before granting access or making corrections.

Resolving your privacy concerns

In the event of questions about the CMPA’s collection, use, or disclosure of personal information, visit our website or contact us:

Phone
1-800-267-6522 or 1-613-725-2000

Email
privacyofficer@cmpa.org

Online
Contact us

Address
P.O. Box 8225
Station T, Ottawa ON
K1G 3H7