<img height="1" width="1" style="display:none" src="https://www.facebook.com/tr?id=741292666218767&amp;ev=PageView&amp;noscript=1 https://www.facebook.com/tr?id=741292666218767&amp;ev=PageView&amp;noscript=1 ">

Privacy Policies

Platform Privacy Policy 

This Privacy Policy and HIPAA Notice of Privacy Practices ("Privacy Policy and Notice") was last updated on September 24, 2021.

General Information

MindBeacon offers internet-based mental health care services to individuals located in Canada and in the U.S. We respect the privacy of everyone who accesses the MindBeacon Platform. We recognize the need for appropriate protections and management of the Personal Information or Protected Health Information or Personal Health Information (the “PHI”) (as defined below in this Policy). This Privacy Policy and Notice explain what information we collect, how we use that information, and how it is disclosed.

The website https://platform.mindbeacon.io is owned by MindBeacon Software Inc., and the MindBeacon application is licensed to and operated by MindBeacon Health Inc. and it's subsidiaries (MindBeacon Health Inc., its subsidiaries and MindBeacon Software Inc. collectively referred to as “MindBeacon”).

For Canadian Residents:

You must be at least sixteen (16) years old to use the MindBeacon Platform. By using the MindBeacon Platform, you represent and warrant to MindBeacon that you are at least sixteen (16) years old. Parental consent or the consent of a legal guardian may be required if you are under the age of eighteen (18).

For U.S. Residents:

You must be at least eighteen (18) years old to use the MindBeacon Platform. By using the MindBeacon Platform, you represent and warrant to MindBeacon that you are at least eighteen (18) years old.

Application

This Privacy Policy and Notice apply to the Personal Information that is collected, used, and disclosed by MindBeacon when you register and use the MindBeacon Platform at https://platform.mindbeacon.io and any and all sub-domains of such website, as well as the kinds of information we collect when you use our services through the MindBeacon Platform or when contacting us. By providing us with your Personal Information, you agree to be bound by the terms and conditions of this Privacy Policy and Notice and MindBeacon agrees to only use or disclose Personal Information and PHI as permitted by law or under the terms and conditions contained herein.

The privacy practices related to the MindBeacon website https://mindbeacon.com and any and all sub-domains of such website (the “Site”) are set out in a specific notice available on the Site.  Please see the Site Privacy Policy.

What is “Personal Information”?

For Canadian Residents:

For purposes of this Privacy Policy and Notice, the term “Personal Information” means information about an identifiable individual that is provided through the MindBeacon Platform or collected by MindBeacon such as contact information, name, address, phone number or email address, gender, date of birth, and personal health information, including information relating to physical or mental health, health history, medical records, prescriptions, payment for health care provided, and health card number.

Any data that has been collected in which personal identifiers have been removed, such that the information could not reasonably be used to identify the individual, is not considered Personal Information.

For U.S. Residents:

MindBeacon is considered a “covered entity” under the U.S. federal privacy law referred to as the Health Information Portability and Accountability Act of 1996 (“HIPAA”). Regulations under HIPAA explain how we may use and disclose identifiable health information that we collect from and about you and how we must keep your health information safe and secure.

This Privacy Policy and Notice apply to all of your Personal Information including your “protected health information” as defined under HIPAA. Protected health information is any and all information that pertains to the provision of health care services to you, or your past, present, or future physical or mental health condition, or the past, present, or future payment for your health care services.

Where appropriate for a particular mental health service, we may collect Personal Information directly from you through questionnaires or surveys, as well as through other health information that you disclose to counselors and other participants in the mental health services.

MindBeacon protects the Personal Information of patients that reside in the U.S., has designated a Security Officer and a Privacy Officer, has adopted HIPAA Privacy and Security policies and procedures, trains its workforce and enters into the appropriate business associate agreements with third parties when sharing Personal Information for payment, treatment and health care operations to appropriately protect the Personal Information of residents of the U.S. under HIPAA as well as applicable state law.

Consent and Authorization

By using the MindBeacon Platform and application, you agree to the terms of this Privacy Policy and Notice and acknowledge that we may collect, use and disclose your Personal Information in accordance with the terms hereof. By creating an account to save information, and/or by submitting information for screening purposes and/or an assessment, you consent to the Terms of Use and Privacy Policy and Notice as applicable to each and all of those actions.

MindBeacon will collect, use and disclose your Personal Information without your consent only in limited circumstances and as permitted or required by applicable law or regulatory requirement. For example, Personal Information may be used or disclosed without consent for the purpose of acting in respect of an emergency that threatens the life, health or security of an individual. In certain limited circumstances, we may be called upon to release your Personal Information in response to a court order, subpoena, search warrant, or applicable law or regulation. We will cooperate in responding to such requests, taking appropriate measures to ensure that the requester understands the sensitive nature of the Personal Information that they may receive, and that disclosure is necessary to comply with applicable law.

Except in limited circumstances as permitted by applicable law, we will obtain your consent before collecting, using or disclosing your Personal Information for new purposes unrelated to the purposes described in this Privacy Policy and Notice.

In certain cases, you may choose not to provide us with some or all of your Personal Information. However, should you choose not to provide necessary Personal Information to us, that decision may impact your ability to interact with us or for us to provide you with certain services. For example, we require that you provide us with current emergency contact information, and we cannot provide any services without emergency contact information.

Your Rights Regarding Your Personal Information

For Canadian Residents:

Right to Access Personal Information. Except in the limited circumstances established by law, you may obtain access to your Personal Information.  Requests for access must be made in writing and should be addressed to our Privacy Officer (please see the contact details set forth below).

Right to Correct Personal Information. You may also amend or correct your Personal information through the MindBeacon website or mobile application or request us to correct your Personal Information where you believe it to be out of date or otherwise inaccurate.  Requests for correction must be made in writing and should be addressed to our Privacy Officer (please see the contact details set forth below).

Right to Withdraw Consent. You may withdraw your consent for collection, use or disclosure of Personal Information at any time by notice to us in writing, subject to legal and contractual restrictions and reasonable notice. Should you choose to do so, you may not be able to access certain or all of the MindBeacon services. Withdrawal of consent cannot be retroactive. Please contact our Privacy Officer listed below to find out how.

For U.S. Residents:

Under HIPAA, your rights with respect to your Personal Information include the following:

Right to Access Personal Information. You have the right to obtain a copy of the Personal Information that MindBeacon maintains about you. To access a copy of your Personal Information, you must submit your request in writing. There may be a fee for the costs of copying, mailing, labor and supplies associated with your request. MindBeacon may deny your request to inspect and/or copy your Personal Information in certain limited circumstances. If that occurs, MindBeacon will inform you of the reason for the denial, and you may request a review of the denial.

Right to Correct Personal Information. You have a right to request that MindBeacon amend your Personal Information if you believe it is incorrect or incomplete. You must submit your request in writing to MindBeacon and provide a reason to support the requested amendment. We may, under certain circumstances, deny your request by sending you a written notice of denial. If MindBeacon denies your request, we will inform you of the reason for the denial, and you may request a review of the denial.

Right to Withdraw Consent. You may, at any time, withdraw your consent for us to collect, use, and disclose your Personal Information as outlined in this Notice. However, withdrawal of consent is subject to legal or contractual restrictions and reasonable notice. As such, we may continue to collect, use, and disclose your Personal Information as may be required to provide you with access to our Services, and to the extent required or permitted by law. If you refuse to provide us with Personal Information, or later contact us to withdraw your consent for us to use and disclose the Personal Information we have already collected, you may not be able to use our services including our websites and Platform.

Right to Provide us with Communication Preferences. In order to obtain access to MindBeacon’s services, when you register, you must provide MindBeacon with your email address and/or cell phone number. MindBeacon will use your email address or cell phone number to send you information related to updates on the Platform (e.g. security changes, registration changes) as well as appointment reminders and other information specifically related to your use of our services via the Platform. You are always able to opt out of receiving emails or text messages from MindBeacon. However, you opt out of receiving emails and text messages, MindBeacon may no longer be able to provide you with health care services.

If you authorize us to use or disclose PHI about you, you may revoke that authorization in writing at any time. If you revoke your authorization, we will no longer use or disclose Personal Information about you for the reasons stated in that written authorization, except to the extent we have already acted in reliance on your authorization. Any revocation of an authorization applies only to what you or your personal representative had authorized and does not apply to the situations above where we are permitted to use or disclose PHI about you without an authorization. You understand that we are unable to take back any disclosures that we have already made with your permission and that we are required to retain our records of the care we provide to you.

What Personal Information does MindBeacon Collect?

We may collect Personal Information about you for the purpose of administration and providing services through the MindBeacon Platform, including, without limitation, information such as:

  1. Your name;
  2. Your contact information, emergency contact information, date of birth;
  3. Demographic information (gender, ethnicity, place of birth, education, health, family and lifestyle information, etc.);
  4. The services you will and have received through the MindBeacon Platform, dates, etc.;
  5. Responses to your screening and/or online assessment;
  6. Your assessment report;
  7. Secure messaging or email communications between you and a regulated healthcare professional involved in your care;
  8. Any information that you send to us through email or the MindBeacon Platform;
  9. Notes and records of assessment and information relating to your assessment for suitability for services through the MindBeacon Platform, and notes and records relating to your progress through the MindBeacon Therapist Guided Program and/or MindBeacon’s Live Therapy or other MindBeacon program;
  10. Outcome data from self-report measures; and
  11. Your responses to requests for information and/or treatment questions at follow-up intervals three (3) and six (6) months after you have completed the course.

How is this Personal Information Used?

We will use your Personal Information for the purposes for which it was collected as outlined above, and as required or permitted by applicable law.  Specifically, we will use your Personal Information to:

  1. Determine your eligibility for the services;
  2. Deliver and administer services to you through the MindBeacon Platform, including, but not limited to, assessments, the Therapist Guided Program, Live Therapy and other services;
  3. Communicate with you, including setting up an assessment phone call, enabling communications with your therapist, to provide you with information about possible services and treatments, and to provide other reminders, prompts and feedback about your progress through the Therapist Guided Program and/or Live Therapy; and/or other services;
  4. Provide you with ongoing service and support and to help us better understand your needs.

Your Personal Information may be de-identified and/or aggregated, and thereafter used for the purposes of improving and developing new assessment processes or other related product or service offerings, research, including academic and non-academic research, AI and other types of analytics, quality assurance, performance reporting, customer reports, promotion and advertisement, and business development.

What Personal Information does MindBeacon Share?

We may share your Personal Information with third parties as follows:

MindBeacon Therapists: Your Personal Information may be shared with another MindBeacon therapist and/or any one or more clinical supervisors or clinical consultant of any MindBeacon therapist, if sharing such information is necessary to provide you with services through the MindBeacon Platform.

Consulting Professionals: Your Personal Information may be shared by your MindBeacon therapist with a MindBeacon consulting regulated healthcare professional for the purpose of quality assurance and otherwise in accordance with applicable laws.

Insurance Providers: In circumstances where you are completing therapy as part of a return to work plan established by an insurance company, we may share your Personal Information with those involved in your care, including the insurance company. This disclosure may include information regarding your assessment results, progress and discharge from the MindBeacon Therapist Guided Program, Live Therapy or other program.

Payors: If your use of services through the MindBeacon Platform is paid for by your employer or a third-party insurance provider, we may disclose certain information in order to assist us with arranging payment for your enrollment. This information includes your name and insurance plan information. We will not disclose to your employer or a third-party insurance provider, any correspondence between you and your MindBeacon therapist, any of your assessment information, progress or discharge reports, or any summaries of such information.

Hospitals: In circumstances in which you have been referred to us through a hospital or other health care provider that remains involved in your care on an ongoing basis, or if you are referred to such provider after concluding the MindBeacon Therapist Guided Program, Live Therapy or other program, we may share your Personal Information with such provider. This disclosure may include information regarding your assessment results, progress and discharge from the MindBeacon Therapist Guided Program, Live Therapy or other program.

Employees and Agents: We may provide your Personal Information to our employees and those of our affiliates and our respective agents and those third parties that require such information in order to help us provide services to our clients and administer our business.

Funding Body and its Agents: we may share your personal information for reporting and remuneration purposes with the funding body or its agents in circumstances where you are completing therapy as part of a publicly funded program or for evaluation purposes with the agents of the funding body who have been tasked by the funding body to conduct evaluation to understand the effectiveness of the MindBeacon Program as part of the service MindBeacon is paid to perform. The disclosed information may include identifiable information.

Service Providers: We have relationships with agents and third-party service providers that help us provide services to you including, but not limited to, administering our business, and designing, maintaining and improving the MindBeacon Platform and our systems and computer security.

We also use third parties to analyze aggregate data collected on the MindBeacon Platform for research purposes in accordance with applicable law. To the extent we allow a third-party service provider to access to your Personal Information for the purposes outlined herein, they will only be permitted to collect it or use it for purposes consistent with this Privacy Policy and Notice, under the terms and conditions of a business associate agreement and applicable law.

We use payment processing service providers that are hosted and operated in the United States, and laws in the United States and other jurisdictions may differ from the laws where you reside.

For information about the manner in which our service providers treat Personal Information, please contact us as set out in the “Questions about this Privacy Policy” section of the Privacy Policy and Notice.

Legal Disclosure: We and our service providers may disclose your Personal Information if we are required or permitted by applicable law or legal process, which may include lawful access by foreign courts, law enforcement or other government authorities in the jurisdictions in which we or our service providers operate.

The Personal Information you provide to us through the MindBeacon Platform will not be otherwise disclosed to a third party without your consent, except as required or permitted by applicable law. 

Confidentiality

The MindBeacon Platform is strictly confidential. That means that as a general rule, the information you share with us is known only to you, a regulated healthcare professional involved in your care and his/her supervisor. Neither MindBeacon nor any member of a regulated health profession working with MindBeacon will release any information about you to anyone without your written permission, except as set forth in this Privacy Policy and Notice or as required or permitted by applicable law or regulatory requirement.

For residents of the U.S., MindBeacon may use and disclose your Personal Information for the following purposes and to the extent required or permitted by law:

  1. to respond to a subpoena, order, legal process, or government request;
  2. to protect, establish or exercise our legal rights or defend against legal claims;
  3. to respond to requests from regulatory agencies; and
  4. to investigate, detect, suppress, prevent or take action regarding illegal or prohibited activities, suspected fraud, situations involving potential threats to the reputation or physical safety of any person.

For residents of Canada, MindBeacon has the following legal obligations to release confidential information:

  1. Harm to self: If a regulated healthcare professional involved in your care has reason to believe that you are in danger of physically harming yourself in ways that may be life-threatening, s/he will have to make a referral to a hospital and/or contact a family member, close other, or another person such as a police officer who may be able to help protect you. There may be other emergency health care related circumstances where disclosure is reasonably necessary for the protection of your health, in which case your regulated healthcare professional will disclose Personal Information to other healthcare professionals as long as you have not expressly prohibited him/her from doing so.
  2. Harm to others: If a regulated healthcare professional involved in your care has reason to believe that you are seriously threatening physical violence against another person, or if you have a history of physically violent behaviour, and if s/he believes that you are an actual threat to the safety of another person, s/he is required to take some action (such as contacting the police, notifying the other person, seeking hospitalization, or some combination of these actions) to ensure that the other person is protected.
  3. Abuse/Neglect: 
    a)  If a regulated healthcare professional involved in your care has reason to believe that a child under the age of sixteen (16) is being abused or neglected, s/he is legally obligated to report this situation to the appropriate child protection authority (e.g., the Children’s Aid Society).
    b) If a regulated healthcare professional involved in your care suspects or is informed of unlawful conduct that resulted in harm or risk of harm to a resident of a Long Term Care Facility or Retirement Home, or that a resident is being harmed or is at risk of being harmed in any way (e.g., sexual or physical abuse, neglect, misappropriation of resident’s funds), s/he may be required to contact the applicable Ministry or Regulatory Authority and report all relevant information.
  4. Sexual Abuse: If you have been sexually abused by a member of a regulated health profession, this information must be reported to the appropriate regulatory body if you share the information with a regulated healthcare professional involved in your care.
  5. Court Order: A regulated healthcare professional involved in your care and your clinical record can be subpoenaed by a court order. Your regulated healthcare professional can be required to testify and give information obtained during sessions. Without a court order, this information would never be provided voluntarily without your direct request or consent.
  6. Quality Control:
    a) On occasion, a regulated healthcare professional involved in your care may be randomly selected to participate in a Peer Assisted Review by his/her regulatory college (for example, the College of Psychologists of Ontario). As part of this process, your file may be potentially reviewed by a member of the regulatory college. Regulatory colleges have confidentiality policies in place to protect your information.
    b) A regulated healthcare professional involved in your care may be supervised in his/her clinical work by a more senior professional. You will be informed of any such supervisory arrangement. That supervisor may access your clinical file for the purposes of quality control.

Exceptions to confidentiality are rare. If disclosure of Personal Information is required, your regulated healthcare professional will release only the information required to be released to comply with our obligations in accordance with this Privacy Policy and Notice and applicable law.

Other Information/Logging

We may collect and use information about how you interact with the MindBeacon Platform, including Internet Protocol addresses, Internet domain names and operating system used to access the MindBeacon Platform, the time spent on each page and the time and date of each visit. This information is used for, among other things, auditing and tracking purposes, to improve the content of the MindBeacon Platform, and to create a better experience for users of the MindBeacon Platform.

Sale of Business

We may transfer any information we have about you as an asset in connection with a proposed or completed merger, acquisition or sale (including transfers made as part of insolvency or bankruptcy proceedings) involving all or part of MindBeacon or as part of a corporate reorganization or other change in corporate control.

Links and Referrals to Third Parties

We may provide links to third party websites or refer you to external resources for your convenience and information. If you access those links or contact those external resources, you will leave the MindBeacon Platform and you will be dealing with an external third party, not with MindBeacon. MindBeacon does not control those sites, external resources or their privacy practices, which may differ from this Privacy Policy and Notice. Please review the privacy policies of each web site that you visit and of each external organization that we may refer you to. MindBeacon is not responsible for any information provided or advice given by any such external resource or third party website, even if MindBeacon provided a link to such website or referred you to such external resource.

Our Security Measures

We are committed to protecting the security of your Personal Information. We have put in place commercially reasonable physical, electronic, and managerial procedures to safeguard and help prevent unauthorized access to your Personal Information. We apply security safeguards appropriate to the sensitivity of the Personal Information, such as retaining information in secure facilities and making Personal Information accessible only to authorized employees on a need-to-know basis. We have clearly defined internal policies and practices.

Although we will make commercially reasonable efforts to protect Personal Information from loss, misuse, or alteration by third parties, you should be aware that there is always some risk that an unauthorized third party could find a way to thwart our security systems. This risk is heightened if you are using unsecured/public Wi-Fi.

De-Identification

We may remove identifiers from your Personal Information and maintain, use and disclose it in a de-identified form and combine it with other information to generate aggregated information. Such de-identified information will be owned by MindBeacon and we shall have unrestricted title, rights, and interest to it which may include, without limitation, the right to use, disclose, rent, or sell the de-identified information.

Retention

We retain your Personal Information only for as long as is necessary for the purpose for which it was collected in accordance with the applicable laws, regulations, ethics and standards (e.g., to the members of the College of Psychologists of Ontario, HIPAA or such other applicable regulatory body in jurisdictions in which we operate). When your Personal Information is no longer required or required to be maintained, it will be destroyed in accordance with applicable laws.

If you create an account for the MindBeacon Program but do not submit your answers to the screening or the online assessment questionnaire within seven (7) days from the date upon which you create your account, then we will automatically delete your answers.

Your record will be maintained, as required, in accordance with the applicable laws and standards set out by the College of Psychologists of Ontario, HIPAA or any other applicable regulatory body governing the provision of services as a clinician.

Your Personal Information (including personal health information and protected health information) will be maintained and stored in Canada, except as otherwise set out in this Privacy Policy and Notice.

Verification

We will engage in periodic assessments to verify that our privacy practices continue to comply with this Privacy Policy and Notice.

Updates to this Privacy Policy and Notice

In order to ensure that this Privacy Policy and Notice is kept up to date, we may change this Privacy Policy and Notice from time to time. Notice of changes to the Privacy Policy and Notice will be posted on the Site and will be effective thirty (30) days following notice of the changes on the MindBeacon Platform. If you access or choose to continue to use the MindBeacon Platform after the effective date of the change, you are deemed to have automatically accepted the change.  

Questions about this Privacy Policy and Notice

BY SUBMITTING PERSONAL INFORMATION AND PERSONAL HEALTH INFORMATION THROUGH THE MINDBEACON PLATFORM, OR THE MINDBEACON APPLICATION, YOU SIGNIFY YOUR ACCEPTANCE OF THE TERMS OF THIS PRIVACY POLICY AND NOTICE. BY USING THE MINDBEACON PLATFORM, OR THE MINDBEACON APPLICATION, YOU ALSO ACCEPT THE TERMS OF USE POSTED ON THE MINDBEACON PLATFORM, AND THE MINDBEACON APPLICATION.

Privacy Officer
privacyofficer@mindbeacon.com
MindBeacon Health Inc.
175 Bloor St East, Suite 801 North Tower
Toronto, ON, M4W 3R8
1-877-252-6707

In Canada

If you have any concerns about MindBeacon’s privacy practices or for more information on your privacy rights, you can contact:

OntarioOffice of the Information and Privacy Commissioner 1-800-387-0073

AlbertaOffice of the Information and Privacy Commissioner 1-888-878-4044

British Columbia - Office of the Information and Privacy Commissioner 250-387-5629

Manitoba - Ombudsman 1-800-665-0531

New Brunswick - Office of the Integrity Commissioner 1-877-755-2811

Newfoundland and Labrador - Office of the Information and Privacy Commissioner 1-877-729-6309

Northwest TerritoriesInformation and Privacy Commissioner 1-888-270-3318

Nova ScotiaOffice of the Information and Privacy Commissioner 1-866-243-1564

Nunavut - Information and Privacy Commissioner 1-888-521-7088

Prince Edward Island - Office of the Information and Privacy Commissioner 902-368-4099

Quebec - Commission d’accès à l’information 418-528-7741

Saskatchewan - Office of the Information and Privacy Commissioner 1-877-748-2298

Yukon - Information and Privacy Commissioner 1-800-661-0408

Federal - Office of the Privacy Commissioner 1-800-282-1376

 

In the U.S.

HIPAA Concerns or Complaints

If you desire further information about your privacy rights, if you are concerned that we have violated your privacy rights, or if you disagree with a decision that we made about access to your PHI, you may contact our Privacy Officer in any of the manners described above. You also may send a written complaint to the U.S. Department of Health and Human Services, Office for Civil Rights, and we can provide you with the office’s current address. We will not take any action against you for filing a complaint.