Privacy policy
Omnimed is a software developer who offers a shareable electronic medical record and generic connectivity platform. These major components enable us to bring stakeholders from different public and private health establishments together, in a transparent manner, through a single window. They ensure the interoperability of various computer systems of establishments from a (given) region in order to promote information sharing, in real-time, between authorized clinicians, with the objective of better continuity of care.
This Privacy Policy sets out Omnimed’s commitment to the protection of confidential information entrusted to them by all of their clients who use their Electronic Medical Record System.
Nature of the confidential information
Omnimed’s Electronic Medical Record System stores all of the information required for keeping medical records. More specifically, the records hold personal information allowing to identify and contact the patient (e.g., last name, first name, date of birth, sex, social insurance number, address[es], telephone number[s], email address, etc.) as well as clinical information (e.g., consultation notes, lab results, lists of problems and diagnoses, information on medications, etc.).
The system also stores information relative to the operations of clinics that are Omnimed clients, including information on appointments, recall and reminder lists, registrations with the Régie de l’assurance maladie du Québec (RAMQ), billing information to the RAMQ, the configuration of each clinic’s system, user licenses, etc.
Also, certain users’ personal information is part of the data used by the system, including the last name, first name, date of birth, sex, specialty, license number, and email address.
Use of and access to confidential information
-
Omnimed pledges to use the confidential information in its custody only to enable its clients to use its Electronic Medical Records System.
-
Omnimed pledges to grant access to the confidential information in its custody only through its applications, which are designed to protect personal information by limiting access to them under certain access rules, based on patient consent and mandates between professionals.
-
Omnimed pledges to allow access to personal information allowing an individual to be identified only through its applications, and with the objective of searching for a single individual’s records.
-
Omnimed pledges to develop all of its client applications in a manner as to restrain access to clinical information, in accordance with the rules of consent between physicians and patients, as well as those for mandates between physicians, or physicians and professionals, or between physicians and members of the secretarial staff.
Protection of confidential information
-
Omnimed and its employees pledge to respect the utmost confidentiality regarding confidential information in its custody.
-
Omnimed pledges to take all necessary means to ensure the physical and logical protection of confidential information in its custody.
-
Omnimed pledges to protect them from any possible material damage or possible disaster in its facilities.
-
Omnimed pledges to limit the use of copies of confidential information in its custody, allowing them only in order to protect the information from the above-mentioned material damage and disasters.
-
Omnimed pledges to ensure the same level of protection for each copy of confidential information in its custody.
-
Omnimed pledges to destroy all personal information, as well as copies of such, that are no longer necessary for the Electronic Medical Record offered to Omnimed clients.
Logging of accesses to confidential information
Omnimed pledges to log all accesses to confidential information by users of the Electronic Medical Record and to retain this access log. These logs can be consulted directly from the Electronic Medical Record application, or Omnimed can give them to an authorized person.
Sharing of confidential information with third parties
At the client’s request, Omnimed can share certain confidential information regarding said client’s operations with a third party offering a service to said client. In this case, the nature of data sharing will be clearly explained to the client. It is up to the client to have a contractual agreement with that third party.
Respect of applicable laws
Omnimed pledges to respect applicable laws and regulations relative to the protection of personal information, within the meaning of the law.
General
Omnimed pledges to enforce this policy in its operations, in the development of its applications, and in its relationships with third parties.
Omnimed pledges to adapt this policy in the event that it would be considered as not being consistent with applicable laws and regulations relative to the protection of personal information, within the meaning of the law.