Privacy Policy

Who we are

Our website address is:

What personal data we collect and why we collect it


When visitors leave comments on the site we collect the data shown in the comments form, to help spam detection.

An anonymized string created from your email address (also called a hash) may be provided to the Gravatar service to see if you are using it. The Gravatar service privacy policy is available here:


If you upload images to the website, you should avoid uploading images with embedded location data (EXIF GPS) included. Visitors to the website can download and extract any location data from images on the website.

Contact forms


If you leave a comment on our site you may opt-in to saving your name, email address and website in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year.



Embedded content from other websites

Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.

These websites may collect data about you, use cookies, embed additional third-party tracking, and monitor your interaction with that embedded content, including tracing your interaction with the embedded content if you have an account and are logged in to that website.


Who we share your data with


How long we retain your data

If you leave a comment, the comment and its metadata are retained indefinitely. This is so we can recognize and approve any follow-up comments automatically instead of holding them in a moderation queue.


What rights you have over your data

If you have left comments, you can request to receive an exported file of the personal data we hold about you, including any data you have provided to us. You can also request that we erase any personal data we hold about you. This does not include any data we are obliged to keep for administrative, legal, or security purposes.

Where we send your data

Visitor comments may be checked through an automated spam detection service.

Your contact information

Is only used internally to contact you if you have requested such contact.

What are the rules regarding the disclosure of personal health information?

As a general rule, you need consent to disclose an individual’s personal health information, unless PHIPA allows the disclosure without consent. You must not disclose personal health information if other information will suffice, and you can only disclose as much personal health information as is necessary to meet the purpose of the disclosure.

For more information about the requirements for a valid consent to disclose personal health information, please see our section on Consent and Your Personal Health Information and our guidance document, Frequently Asked Questions: Personal Health Information Protection Act.

When disclosing personal health information, you need to take reasonable steps to ensure that no information is inadvertently disclosed to unintended recipients. You also need to take reasonable steps to ensure that the information is as accurate, complete and current as is necessary for the purposes of the disclosure or clearly set out the limitations, if any, on the accuracy, completeness or currency of the information.



You may disclose personal health information without an individual’s consent in certain circumstances. However, simply because a disclosure is permitted does not mean it is mandatory, unless it is necessary to carry out a statutory or legal duty.

Here are some examples of permitted disclosures of personal health information without consent:

  • In order for the Ministry of Health and Long-Term Care to provide funding to a custodian for the provision of health care;
  • You need to contact a relative or friend or other potential substitute decision-maker of an individual who is injured, incapacitated or ill and unable to give consent personally;
  • To disclose that an individual is a patient or resident in a facility, the individual’s general health status and the location of the individual in the facility, but only if the custodian offers the individual the option, at the first reasonable opportunity after admission to the facility, to object to such disclosures and the individual has not objected;
  • To disclose personal health information about a deceased individual:
    • for the purpose of identifying the individual;
    • for the purpose of informing any person whom it is reasonable to inform of the fact that the individual is deceased and the circumstances of death, where appropriate; or
    • to the spouse, partner, sibling or child of the deceased individual if the recipients of the information reasonably require the information to make decisions about their own health care or their children’s health care;
  • To eliminate or reduce a significant risk of serious bodily harm to a person or group of persons;
  • When transferring records to the archives for conservation;
  • To a person carrying out an inspection, investigation or similar procedure that is authorized by a warrant or PHIPA or another Act, for the purpose of complying with the warrant or for the purpose of facilitating the inspection, investigation or similar procedure;
  • To determine or verify someone’s eligibility for publicly funded health care or related goods, services or benefits;
  • For the purpose of administration and enforcement of the law by specific professional regulatory colleges and other regulatory bodies;
  • To a prescribed person, listed in the regulations, who compiles and maintains a registry of personal health information for the purposes of facilitating or improving the provision of health care or the storage or donation of body parts or bodily substances;
  • To a prescribed entity, listed in the regulations, for the purpose of analysis or compiling statistical information with respect to the management, evaluation or monitoring of the health system;
  • To the Public Guardian and Trustee, a children’s aid society and the Children’s Lawyer for the purpose of carrying out their statutory functions;
  • To a person conducting an audit or reviewing an accreditation or application for accreditation related to the services of a custodian;
  • For the purpose of legal proceedings, or contemplated legal proceedings, in which the custodian or the agent or former agent of the custodian is, or is expected to be, a party or witness, if the information relates to or is a matter in issue in the proceeding or contemplated proceeding;
  • For the purpose of research, subject to restrictions and conditions;
  • For any purpose as required or permitted by law; and
  • To a custodian (provided that custodian falls within the categories of custodians who can rely on assumed implied consent) if the disclosure is reasonably necessary for providing health care and consent cannot be obtained in a timely manner, unless there is an express request from the individual instructing otherwise.