The 10 Information Privacy principles developed by the Canadian Standards Association and adopted into law as Bill C-6 are now known as The Personal Information Protection and Electronic Documents Act (PIPEDA). They were adopted by our Board of Directors in 2002.
We collect information through emails sent to us and through our database of patients and care-givers. Our promise is to keep this information secure as described in the resolution adopted below. We promise that we will be the only ones to contact anyone registered in our database, unless they expressly permit us to allow a researcher to contact them. We will not sell or share the information under any circumstance.
Our online database partner, Pixelera, whose donated online service enables us to securely collect information for the Patient Registry, has provided a statement for you, below. We download the data and erase it from the online database, and and except for email addresses, store the profile data securely offline only on disk. We keep the profile data on disk in a nearby bank's vault.
Principle 1 - Accountability
An organization is responsible for personal information under its control and shall designate an individual
or individuals who are accountable for the organization's compliance with the following principles.
Principle 2 - Identifying Purposes
The purposes for which personal information is collected shall be identified
by the organization at or before the time the information is collected.
Principle 3 - Consent
The knowledge and consent of the individual are required for the collection, use, or
disclosure of personal information, except where inappropriate.
Principle 4 - Limiting Collection
The collection of personal information shall be limited to that which is necessary for the
purposes identified by the organization. Information shall be collected by fair and lawful means.
Principle 5 - Limiting Use, Disclosure, and Retention
Personal information shall not be used or disclosed for purposes other than those for which it was
collected, except with the consent of the individual or as required by law. Personal information shall
be retained only as long as necessary for the fulfilment of those purposes.
Principle 6 - Accuracy
Personal information shall be as accurate, complete, and up-to-date as is necessary for the
purposes for which it is to be used.
Principle 7 - Safeguards
Personal information shall be protected by security safeguards appropriate to the sensitivity of the information.
Principle 8 - Openness
An organization shall make readily available to individuals specific information about its policies
and practices relating to the management of personal information.
Principle 9 - Individual Access
Upon request, an individual shall be informed of the existence, use, and disclosure
of his or her personal information and shall be given access to that information. An individual shall be
able to challenge the accuracy and completeness of the information and have it amended as appropriate.
Principle 10 - Challenging Compliance
An individual shall be able to address a challenge concerning compliance with the above principles to
the designated individual or individuals accountable for the organization's compliance.
