PhysioVeda (“PhysioVeda”, “we”, “us”, “our”) values your privacy and is committed to protecting the privacy, confidentiality, and security of your personal information and personal health information. We collect, use, and disclose information responsibly and only as necessary to provide safe, effective, and lawful health care services.

Collection, Use, and Disclosure of Personal Information

In this Privacy Policy, “Personal Information” includes both personal information and personal health information. We may collect information such as your name, date of birth, contact details, address, emergency contact information, health history, symptoms, assessment findings, treatment plans, progress notes, appointment details, insurance information, billing information, and any other information reasonably required to provide our services. This may be collected before, during, and after your visits to PhysioVeda.

We may collect Personal Information directly from you, from someone authorized to act on your behalf, or from third parties such as physicians, insurers, employers, or other health-care providers where permitted by law or with your consent. We collect only the information reasonably necessary to provide physiotherapy and related health services.

Health Care Services

We may use and disclose your Personal Information for purposes related to your assessment, treatment, care planning, follow-up, and communication with other members of your health-care team. This may include sharing relevant information with physicians, specialists, allied health professionals, laboratories, insurers, or referral sources when needed to support your care or process benefits.

We may also use your information to contact you about appointments, treatment plans, billing, claims, and other administrative matters related to your care. Where appropriate, we may contact your family member or substitute decision-maker if necessary for your care or in an emergency.

Consent

Your consent is required for the collection, use, and disclosure of your Personal Information except where otherwise permitted or required by law. You may refuse to provide some or all of the information we request, or withdraw consent for certain uses or disclosures, subject to legal and clinical limits. In some cases, limiting access to information may affect our ability to provide complete care.

If we need to use or disclose your information for purposes other than providing care, we will explain the purpose and seek your consent where required. The form of consent may vary depending on the circumstances and the sensitivity of the information.

Payment and Insurance

We may use and disclose your Personal Information to bill for services, confirm eligibility for coverage, submit claims, coordinate payment with insurers or third-party payors, and manage financial administration. This may include sharing necessary information with insurance companies, benefits administrators, or workers’ compensation entities where applicable.

Operations and Quality Assurance

We may use your Personal Information for internal administrative purposes, quality improvement, staff training, documentation, scheduling, risk management, fraud prevention, and security. We may monitor or record calls for training, documentation, and quality assurance purposes, and we may use video surveillance in public areas of our premises for safety and security.

Legal and Regulatory Disclosure

We may disclose Personal Information where required or permitted by law, including in response to a court order, warrant, summons, regulatory request, or other lawful inquiry. We may also disclose information when necessary to investigate or prevent actual or suspected harm, loss, fraud, or illegal activity.

We do not sell Personal Information. If we are involved in a merger, acquisition, reorganization, or similar corporate transaction, information may be transferred as part of that process, subject to applicable privacy protections.

Storage and Service Providers

Your Personal Information may be accessed, stored, transmitted, or processed by trusted third-party service providers that support our operations, such as electronic medical record systems, payment processors, communication tools, and data storage providers. We take reasonable steps to ensure these service providers protect your information appropriately.

Where Personal Information is transferred to a service provider, we use contractual and other safeguards to require confidentiality and protection against loss, misuse, unauthorized access, disclosure, or alteration.

Safeguards

We use reasonable administrative, technical, and physical safeguards to protect Personal Information against theft, loss, unauthorized access, use, disclosure, copying, modification, or disposal. These safeguards may include access controls, passwords, secure record systems, staff confidentiality obligations, privacy training, and secure storage practices.

Retention

We retain Personal Information only as long as necessary for the purposes for which it was collected and as required by applicable law, professional standards, and record-keeping obligations. Health records are kept for the legally required retention period and then securely destroyed or anonymized.

Access and Correction

You have the right to request access to your record and to ask for correction of information that you believe is inaccurate or incomplete. Requests for access or correction should be made in writing. We will respond within the time required by law, which is generally 30 days, subject to permitted extensions.

We may refuse access or limit disclosure in limited circumstances, such as where disclosure could reasonably be expected to cause serious harm, violate another person’s privacy, or is otherwise prohibited by law. If we do not make a requested correction, we may note the request in the record where appropriate.

Artificial Intelligence

If PhysioVeda uses artificial intelligence tools in clinical or administrative workflows, we will inform patients and staff when AI is involved in care, documentation, or decision support. Where AI contributes to assessments, recommendations, or documentation, informed consent will be obtained where required, and individuals may ask questions or decline AI involvement where reasonably possible without negative impact on their care.

Complaints and Questions

If you have any questions about this Privacy Policy, wish to access or correct your records, or believe your privacy rights have not been respected, please contact PhysioVeda’s privacy contact:

Privacy Officer
PhysioVeda - info@physioveda.ca

If you are not satisfied with our response, you may contact the Information and Privacy Commissioner of Ontario (IPC), which oversees privacy matters for Ontario health organizations. The IPC accepts privacy complaints and provides contact information for submissions on its website.

Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, or legal obligations. The most current version will always apply. The effective date should be updated whenever this policy is revised.

Privacy Policy