Privacy Policy for the BEACON Platform

This Privacy Policy was last updated on November 15, 2019.

General Information

We respect the privacy of everyone who accesses the BEACON Platform. We recognize the need for appropriate protections and management of Personal Information (as defined below in this Policy). This Privacy Policy will assist you to understand what information we collect, how we use that information, and how it is disclosed.

The website https://beacon.mindbeacon.io is owned by MindBeacon Software Inc. and the BEACON application is licensed to and operated by MindBEACON Health Inc. (MindBEACON Health Inc. and MindBEACON Software Inc. collectively referred to as “BEACON”).

You must be at least sixteen (16) years of age to use the BEACON Platform or any BEACON service. By using the BEACON Platform, you represent and warrant to BEACON that you are at least 16 years old.

Application

This Privacy Policy applies to the Personal Information that is collected, used, and disclosed by BEACON when you register and use the BEACON Platform at https://beacon.mindbeacon.io and any and all sub-domains of such website, as well as the kinds of information we collect when you use our services through the BEACON Platform or when contacting us. By providing us with your Personal Information, you agree to be bound by the terms and conditions of this Privacy Policy.

The privacy practices related to the Beacon website https://mindbeacon.com and any and all sub-domains of such website (the “Site”) are set out in a specific notice available on the Site.  Please see the Online Privacy Policy.

What is “Personal Information”?

For purposes of this Policy, the term “Personal Information” means information about an identifiable individual that is provided through the BEACON Platform such as contact information, name, address, phone number or email address, gender, date of birth, information relating to physical or mental health, health history, medical records, prescriptions, payment for health care provided, and health card number.

Any data that has been collected in which personal identifiers have been removed, such that the information could not reasonably be used to identify the individual, is not considered Personal Information.

Consent

By using the BEACON Platform and application, you agree to the terms of this Privacy Policy and acknowledge that we may collect, use and disclose your Personal Information in accordance with the terms hereof. By creating an account to save information, and/or by submitting information for screening purposes and/or an assessment you consent to the Terms of Use and Privacy Policy as applicable to each and all of those actions.

BEACON will collect, use and disclose your Personal Information without your consent only in limited circumstances and as permitted or required by law or regulatory requirement. For example, Personal Information may be used or disclosed without consent for the purpose of acting in respect of an emergency that threatens the life, health or security of an individual. In certain limited circumstances, we may be called upon to release your Personal Information in response to a court order, subpoena, search warrant, law or regulation. We will cooperate in responding to such requests, taking appropriate measures to ensure that the requester understands the sensitive nature of the Personal Information that they may receive, and that disclosure is necessary to comply with applicable law.

Except in limited circumstances as permitted by applicable law, we will obtain your consent before collecting, using or disclosing your Personal Information for new purposes unrelated to the purposes described in this Privacy Policy.

In certain cases, you may choose not to provide us with some or all of your Personal Information. However, should you choose not to provide necessary Personal Information to us, that decision may impact your ability to interact with us or for us to provide you with certain services. For example, we require that you provide us with current emergency contact information, and we cannot provide any services or the BEACON course without emergency contact information.

You may withdraw your consent at any time by notice to us in writing. Please contact our Information Officer listed below to find out how.

What Personal Information does BEACON Collect?

We may collect Personal Information about you for the purpose of administration and providing services through the BEACON Platform, including, without limitation, information such as:

1. Your name;
2. Your contact information, emergency contact information, date of birth;
3. Demographic information (gender, ethnicity, place of birth, education, health, family and lifestyle information, etc.);
4. The services you will and have received through the BEACON Platform, dates, etc.;
5. Responses to your screening and/or online assessment;
6. Your assessment report;
7. Secure messaging communications between you and a regulated healthcare professional involved in your care;
8. Any information that you send to us through email or the BEACON Platform;
9. Notes and records of assessment and information relating to your assessment for suitability for the course, and notes and records relating to your progress through the course;
10. Outcome data from self-report measures; and
11. Your responses to requests for information and/or treatment questions at follow-up intervals three (3) and six (6) months after you have completed the course.

How is this Personal Information Used?

We will use your Personal Information for the purposes for which it was collected, as outlined above, and as required or permitted by applicable law.  This includes, without limitation, to provide you with information about possible services and treatments, to help us better understand your needs, and to deliver the services related to the BEACON Platform and the BEACON course to you as required.

For example, we may use your Personal Information to:

1. Communicate with you, including setting up an assessment phone call, and to provide other reminders, prompts and feedback about your progress through the BEACON course;
2. Deliver services to you, including assessments, help with your course, and course materials;
3. Provide you with ongoing service and support; and/or
4. Where relevant, provide assessments and reports to third party insurance or wellness center partners through which you have contacted us for services and treatment.

Regulated healthcare professionals involved in your care through the BEACON Platform work as a team, and your Personal Information may be shared with and used by other BEACON team members.

Your Personal Information may be de-identified such that it does not identify you and, in some cases, used in an aggregate form. This de-identified data may be used for the purposes of research, prospecting new business, artificial intelligence, promotion and advertisement in accordance with this Privacy Policy and applicable law.

Our Relationship to Insurance and Wellness Center Partners

You may be using BEACON through one of our third-party insurance or wellness center partners. If this is the case, we will request an additional third-party consent which allows us to provide reports and other information about your treatment to these partners.

Confidentiality

The BEACON Platform is strictly confidential. That means that the information you share with us is known only to you, a regulated healthcare professional involved in your care and his/her supervisor. Neither BEACON nor any member of a regulated health profession working with BEACON will release any information about you to anyone without your written permission, except as set forth in this Privacy Policy or as required or permitted by applicable law or regulatory requirement.

Please note that we have the following legal obligations to release confidential information:

1. Harm to self: If a regulated healthcare professional involved in your care has reason to believe that you are in danger of physically harming yourself in ways that may be life-threatening, s/he will have to make a referral to a hospital and/or contact a family member, close other, or another person such as a police officer who may be able to help protect you. There may be other emergency health care related circumstances where disclosure is reasonably necessary for the protection of your health, in which case your regulated healthcare professional will disclose Personal Information to other healthcare professionals as long as you have not expressly prohibited him/her from doing so.
2. Harm to others: If a regulated healthcare professional involved in your care has reason to believe that you are seriously threatening physical violence against another person, or if you have a history of physically violent behaviour, and if s/he believes that you are an actual threat to the safety of another person, s/he is required to take some action (such as contacting the police, notifying the other person, seeking hospitalization, or some combination of these actions) to ensure that the other person is protected.
3.  Abuse/Neglect: 
1. If a regulated healthcare professional involved in your care has reason to believe that a child under the age of 16 is being abused or neglected, s/he is legally obligated to report this situation to the appropriate child protection authority (e.g., the Children’s Aid Society).
2. If a regulated healthcare professional involved in your care suspects or is informed of unlawful conduct that resulted in harm or risk of harm to a resident of a Long Term Care Facility or Retirement Home, or that a resident is being harmed or is at risk of being harmed in any way (e.g., sexual or physical abuse, neglect, misappropriation of resident’s funds), s/he may be required to contact the applicable Ministry or Regulatory Authority and report all relevant information.
4. Sexual Abuse: If you have been sexually abused by a member of a regulated health profession, this information must be reported to the appropriate regulatory body if you share the information with a regulated healthcare professional involved in your care.
5. Court Order: A regulated healthcare professional involved in your care and your clinical record can be subpoenaed by a court order. Your regulated healthcare professional can be required to testify and give information obtained during sessions. Without a court order, this information would never be provided voluntarily without your direct request or consent.
6.  Quality Control:
1. On occasion, a regulated healthcare professional involved in your care may be randomly selected to participate in a Peer Assisted Review by his/her regulatory college (for example, the College of Psychologists of Ontario). As part of this process, your file may be potentially reviewed by a member of the regulatory college. Regulatory colleges have confidentiality policies in place to protect your information.
2. A regulated healthcare professional involved in your care may be supervised in his/her clinical work by a more senior professional. You will be informed of any such supervisory arrangement. That supervisor may access your clinical file for the purposes of quality control.

Exceptions to confidentiality are rare. If disclosure of Personal Information is required, your regulated healthcare professional will release only the information required to be released to comply with our obligations in accordance with this Privacy Policy and applicable law.

Our Relationship to Third Parties

The Personal Information you provide to us through the Platform will not be disclosed to a third party without your consent, except as set forth under this Policy or as required or permitted by applicable law or regulatory requirements.  Your Personal Information will be maintained and stored in Canada.

We have relationships with agents and third-party service providers that help us provide services to you including, but not limited to, administering our business, and designing, maintaining and improving the BEACON Platform and our systems and computer security.

We also use third parties to analyze aggregate data collected on the BEACON Platform for research purposes in accordance with applicable law. We may provide your Personal Information to our employees and those of our affiliates and our respective agents and those third parties that require such information in order to help us provide services to our clients and administer our business. To the extent we allow a third-party service provider to access to your Personal Information for the purposes outlined herein, they will only be permitted to collect it or use it for purposes consistent with this Privacy Policy and applicable law.

Sale of Business

We may transfer any information we have about you as an asset in connection with a proposed or completed merger, acquisition or sale (including transfers made as part of insolvency or bankruptcy proceedings) involving all or part of BEACON or as part of a corporate reorganization or other change in corporate control.

Links to Third Parties

We may provide links to third party websites for your convenience and information. If you access those links, you will leave the BEACON Platform. BEACON does not control those sites or their privacy practices, which may differ from this Privacy Policy. Please review the privacy policies of each web site that you visit.

Our Security Measures

We are committed to protecting the security of your Personal Information. We have put in place commercially reasonable physical, electronic, and managerial procedures to safeguard and help prevent unauthorized access to your Personal Information. We apply security safeguards appropriate to the sensitivity of the Personal Information, such as retaining information in secure facilities and making Personal Information accessible only to authorized employees on a need-to-know basis. We have clearly defined internal policies and practices.

Although we will make commercially reasonable efforts to protect Personal Information from loss, misuse, or alteration by third parties, you should be aware that there is always some risk that an unauthorized third party could find a way to thwart our security systems. This risk is heightened if you are using unsecured/public Wi-Fi.

Retention

We retain your Personal Information only for as long as is necessary for the purpose for which it was collected in accordance with the laws, ethics and standards applicable to members of the College of Psychologists of Ontario or such other applicable regulatory body in jurisdictions in which we operate. When your Personal Information is no longer required or required to be maintained, it will be destroyed or de-identified in accordance with applicable laws.

If you create an account on BEACON but do not submit your answers to the screening or the online assessment questionnaire within seven (7) days from the date upon which you create your account, then we will automatically delete your answers. If you create an account but do not use it, your account will be deleted within 30 days from the date upon which you created your account.

Your record will be maintained, as required, in accordance with the laws and standards set out by the College of Psychologists of Ontario or any other applicable regulatory body governing the provision of services as a clinician.

Verification

We will engage in periodic assessments to verify that our privacy practices continue to comply with this Privacy Policy.

Access

Except in the limited circumstances established by law, individuals may obtain access to their Personal Information.  Individuals may also request us to correct their Personal Information where they believe it to be out of date or otherwise inaccurate.  Requests for access or correction must be made in writing and should be addressed to our Information Officer (please see the contact details set forth below). We may decide to share your Personal Information with you through a healthcare provider, where appropriate.

We will assist you if you inform us that you need assistance in preparing a request concerning Personal Information. Administrative charges may apply.

Updates to this Privacy Policy

In order to ensure that this Privacy Policy is kept up to date, we may change this Privacy Policy from time to time. Notice of changes to the Privacy Policy will be posted on the Site and will be effective 30 days following notice of the changes on the BEACON Platform. If you access or choose to continue to use the BEACON Platform after the effective date of the change, you are deemed to have automatically accepted the change.  

Questions about this Privacy Policy

BY SUBMITTING PERSONAL INFORMATION AND PERSONAL HEALTH INFORMATION THROUGH THE BEACON PLATFORM, OR THE BEACON APPLICATION, YOU SIGNIFY YOUR ACCEPTANCE OF THE TERMS OF THIS PRIVACY POLICY. BY USING THE BEACON PLATFORM, OR THE BEACON APPLICATION, YOU ALSO ACCEPT THE TERMS OF USE POSTED ON THE BEACON PLATFORM, AND THE BEACON APPLICATION.

You can update your account through the BEACON website, or by contacting our Information Officer.

If you have any questions about this Privacy Policy or the handling of your Personal Information, please contact the BEACON Information Officer.

Information Officer
Informationofficer@mindbeacon.com
MindBeacon Health Inc.
175 Bloor St East, Suite 801 North Tower
Toronto, ON, M4W 3R8
1-877-252-6707

If you have any concerns about BEACON’s privacy practices or for more information on your privacy rights, you can contact