905-637-4000

Privacy Policy

Last Updated June 25, 2025

Pillars of Wellness (“we,” “us,” or “our”) is committed to protecting your privacy and safeguarding your personal health information (PHI) in compliance with:

  • Ontario’s PHIPA (Personal Health Information Protection Act, 2004)
  • CPO Regulations (College of Physiotherapists of Ontario Professional Standards)
  • PIPEDA (where applicable)
  1. Information We Collect

We collect:

  • Personal Health Information (PHI): Name, contact details, health history, treatment records, and other data necessary for your care (as required under PHIPA S.4(1)).
  • Cookies: Used only for functionality (e.g., appointment booking) and analytics (with explicit consent for non-essential cookies).
  1. How We Use Your Information

Your PHI is used solely for:

  • Providing healthcare services (PHIPA S.29-33).
  • Billing and insurance claims (with your consent).
  • Clinical decision-making and continuity of care (CPO Standard 4.5).
  • Legal/regulatory compliance (e.g., reporting obligations under PHIPA).

Non-PHI data (e.g., website analytics) is used only to improve services.

  1. Disclosure of PHI

We disclose PHI only as necessary:

  • To healthcare providers directly involved in your treatment (PHIPA S.20(1)).
  • To third-party vendors under strict PHIPA-compliant agreements (e.g., electronic medical records providers).
  • When legally required (e.g., court orders, public health reporting under PHIPA S.40).

We never sell PHI or share it for marketing purposes.

  1. Consent
  • Implied Consent: By providing PHI, you consent to its use for treatment, billing, and referrals (PHIPA S.18(1)).
  • Express Written Consent is required for:
    • Sharing PHI with non-treating providers (e.g., insurers, lawyers).
    • Research or educational purposes (CPO Standard 4.6).
  • Right to Withdraw Consent (except where legally required).
  1. Data Security

We adhere to PHIPA’s Safeguards Principle (S.12):

  • Physical: Secure storage of paper records.
  • Technical: Encrypted electronic records, firewalls, and access controls.
  • Administrative: Staff trained annually on PHIPA/CPO confidentiality policies.

Breach Protocol: Any PHI breaches are reported to you and the Information and Privacy Commissioner of Ontario (IPC) within required timelines (PHIPA S.12(2)).

  1. Patient Rights

Under PHIPA, you have the right to:

  • Access your PHI (PHIPA S.52).
  • Request corrections to inaccurate PHI (PHIPA S.55).
  • File a complaint with our Privacy Officer or the IPC.
  1. Retention & Destruction
  • PHI is retained for 10+ years (CPO Record-Keeping Standard) or as required by law.
  • Secure destruction methods (e.g., shredding, digital wiping) are used when PHI is no longer needed.
  1. Children’s Privacy
  • For minors (<16), consent is obtained from a parent/legal guardian (PHIPA S.23).
  1. Updates & Contact
  • Policy changes are posted online with prior notice for material updates.
  • Privacy Officer Contact:
    Pillars of Wellness
    Unit 16, 100 Plains Road West, Burlington, L7T0A5, ON
    Phone: 905-637-4000
    Email: [email protected]
905-637-4000