Overview of TeleTest Platform
Consent to Use TeleTest
You hereby acknowledge that you have read and fully understand the risks, limitations, conditions of use, and instructions for use of the selected Services. You understand and accept the risks outlined in the “Appendix” to this consent, associated with the use of the Services when interacting with TeleTest physicians and admin staff. You consent to the conditions and will follow the instructions outlined in the Appendix, as well as any other conditions that TeleTest may impose in relation to patients using the Services.
You acknowledge and understand that despite recommendations that encryption software be used as a security mechanism for virtual care tools, it is possible that interacting with the TeleTest “HCPs” or administrative staff using the Services may not be encrypted. Despite this, you agree to interact with the TeleTest physicians or admin staff using these Services with a full understanding of the risk.
Limitations of Virtual Care
TeleTest will use reasonable means to protect the security and confidentiality of information sent and received using the Services. However, because of the risks outlined below, TeleTest cannot guarantee the security and confidentiality of all virtual care tools:
- Use of virtual care tools to discuss sensitive information can increase the risk of such information being intercepted by third parties.
- Despite reasonable efforts to protect the privacy and security of information communicated through virtual care platforms, it is not possible to completely secure the information.
- Employers and online services may have a legal right to inspect and keep electronic communications that pass through their system.
- Virtual care tools can introduce malware into a computer system, and potentially damage or disrupt the computer, networks, and security settings.
- Communications through virtual care tools can be forwarded, intercepted, circulated, stored, or even changed without the knowledge or permission of TeleTest or the patient.
- Even after the sender and recipient have deleted copies of electronic communications, back-up copies may exist on a computer system.
- Communications through virtual care tools may be disclosed in accordance with a duty to report or a court order.
- Some videoconferencing platforms may be more open to interception than other forms of videoconferencing.
If the email or text is used as a virtual care tool, the following are additional risks:
- Email, text messages, and instant messages can more easily be misdirected, resulting in increased risk of being received by unintended and unknown recipients.
- Email, text messages, and instant messages can be easier to falsify than handwritten or signed hard copies. It is not feasible to verify the true identity of the sender, or to ensure that only the recipient can read the message once it has been sent.
Collection of Information
TeleTest obtains information including contact information (email address, phone number, mailing address) and your personal and family health history (including but not limited to previous medical diagnoses, surgeries, medication allergies, current medication list and date of birth). At the time of registration, you we collect your username and password.
“PHI” is stored on our service provider’s data centres (“Microsoft Azure”) and at TeleTest’s office.
Use of Personal Health Information
“PHI” is collected to facilitate the provision of telemedicine care to “Users” by “Health Care Providers”. Health information can be disclosed, with your express consent, to other health care providers (i.e. family doctor) involved in your care at your request.
In some cases, TeleTest is required by law to share health information with public health authorities as stipulated under the Health Protection and Promotion Act R. S. O. 1990, c. H.7 (Regulation 135/18: Designation of Diseases). This includes but is not limited to reporting positive cases of chlamydia, gonorrhea, HIV, Syphilis, Hepatitis C and Hepatitis B.
TeleTest may use also use “PHI” without consent in some limited ways, including risk management, error management, and quality improvements, such as where patient outcomes are reviewed to evaluate the effectiveness of personal practice or programs.
Third Party Services
TeleTest may on occasion retain 3rd party software and service providers to provide operational, marketing or administrative support. For example, TeleTest uses HIPPA complaint software including but not limited to Tiger Connect for encrypted communication, Cogsworth Scheduling for secure online booking and Microsoft Azure for server hosting. On occasion, services providers that TeleTest may contract may operate and store data outside of Canada. When selecting our partners, TeleTest ensures they provide a comparable level of protection to assist in providing services for the purpose of developing or maintaining the electronic health record. "Comparable level of protection" means that the third-party processor must provide protection that can be compared to the level of protection the personal information would receive if it had not been transferred (i.e. remained in Canada). It does not mean that the protections must be the same across the board but it does mean that they should be generally equivalent. Data that is held outside of Canada is subject to the laws of the country in which it is held, and when required by law may be subject to disclosure to governments, courts or law enforcement or regulatory agencies.
TeleTest may host server data in other countries, including but not limited to the United States. This data is subject to regulatory disclosure to governments and/or regulatory agencies.
Disclosure of Information
We will obtain your consent prior to collecting, using and disclosing your Personal Health Information (“PHI”). We will disclose information, as required under Applicable Laws to meet our legal obligations. You may withdraw your consent at any time by providing us with written notice
Retention of information and deletion of information
TeleTest maintains information on our online platform until you notify us in writing you would like to close your account. Once notified, we remove your profile and associated database information from our active server. We do continue to store any collected PHI in our Electronic Medical Record – “Juno EMR”, as required under Applicable Laws. Juno EMR is a Canadian licensed electronic medical record used to store PHI.
Storage of Personal Health Information
TeleTest stores your Personal Health Information at TeleTest’s office or at our service provider’s data centre, located in Toronto, Ontario.
Requesting Personal Health Information
We require you to confirm your identity to access personal health information. This includes authentication of your identity. Information that may be requested includes Legal Name, Given Name, Billing Address, Email Address, Cell Phone, and Home Phone.
If you wish to correct your personal health information, please reach out to us at firstname.lastname@example.org or contact us by phone at (519) 904-5280.
TeleTest has implemented physical, technical and administrative safeguards to protect personal health information from loss, theft and unauthorized access. This includes encrypting information when necessary, using strong passwords and 2 factor authentication (“2FA”), and restricting access to our system on a ‘need to know’ basis.
Cookies and Safeguards
Links to 3rd Party Websites
TeleTest may use a 3rd party to process payment for fees or access other associated health care services and technologies (i.e. Cogsworth for HIPPA complaint booking). You hereby consent to the disclosure of PHI necessary to obtain healthcare or other services.
Changes or Amendments to this Privacy Statement
If you have any questions, comments or concerns please contact our Compliance Officer. We will require your name and contact information to respond.
Attention: Compliance Officer
While the TeleTest will attempt to review and respond in a timely fashion to electronic communications such as emails, secure messages, and instant messages, the TeleTest cannot guarantee that all electronic communications will be reviewed and responded to within any specific period of time. The Services will not be used for medical emergencies.
If your electronic communication requires or invites a response from the TeleTest and you have not received a response within a reasonable time period, it is your responsibility to follow up to determine whether the intended recipient received the electronic communication and when the recipient will respond.
Virtual care is not an appropriate substitute for in-person or over-the-telephone communication or clinical examinations, where appropriate, or for attending the Emergency Department when needed. You are responsible for following up on the TeleTest’s electronic communication and for scheduling appointments where warranted.
Electronic communications or recordings of virtual encounters concerning diagnosis or treatment may be printed or transcribed in full and made part of your medical record. Other individuals authorized to access the medical record, such as staff and billing personnel, may have access to those communications and recordings.
TeleTest may forward electronic communications or recordings to staff and those involved in the delivery and administration of your care. TeleTest might use one or more of the Services to communicate with those involved in your care. TeleTest will not forward electronic communications or recordings to third parties, including family members, without your prior written consent, except as authorized or required by law.
You and TeleTest will use the Services to communicate sensitive medical information about matters included but not limited to those below:
- Sexually transmitted diseases
- Substance abuse including IV drug use
You agree to inform TeleTest of any types of information you do not want sent via the Services, in addition to those set out above.
Some Services might not be used for therapeutic purposes or to communicate clinical information. Where applicable, the use of these Services will be limited to education, information, and administrative purposes.
TeleTest is not responsible for information loss due to technical failures associated with your software or internet service provider.
Instructions for using the Services
To use the Services, you must:
- Ensure TeleTest is aware when you receive an electronic communication from TeleTest, such as by a reply message or allowing “read receipts” to be sent.
- Take precautions to preserve the confidentiality of electronic communications, such as using screen savers and safeguarding computer passwords.
- Withdraw consent only by email or written communication to TeleTest.
- If you require immediate assistance, or if your condition appears serious or rapidly worsens, you should not rely on the Services. Rather, you should call TeleTest’s office or take other measures as appropriate, such as going to the nearest Emergency Department or urgent care clinic.
Other conditions of use in addition to those set out above:
- Reasonably limit or avoid using an employer’s or other third party’s computer.
- Conduct virtual care encounters in a private setting and using a secure device, where possible.
- Obtain TeleTest’s consent prior to making any recording of the virtual care encounter.
- Inform TeleTest of any changes in the patient’s email address, mobile phone number, or other account information necessary to communicate via the Services.
If the Services include email, instant messaging and/or text messaging, the following applies:
- Include in the message’s subject line an appropriate description of the nature of the communication (e.g. “prescription renewal”), and your full name in the body of the message.
- Review all electronic communications to ensure they are clear and that all relevant information is provided before sending to TeleTest.