Our Commitment to Your Privacy

City Healthcare Services is dedicated to safeguarding the confidentiality and privacy of all personal information in its care.

Our Privacy Management Program follows the principles outlined in the Personal Information Protection and Electronic Documents Act (PIPEDA), the Personal Health Information Protection Act (PHIPA), and relevant provincial and professional standards. We also recognize and incorporate guidelines from the European Union’s General Data Protection Regulation (GDPR) where applicable.

We collect, use, disclose, retain, and dispose of personal information solely to deliver high-quality healthcare services. City Healthcare Services ensures that both clients and employees are entitled to the same level of privacy and confidentiality concerning their personal information.

Our Commitment to Your Privacy

At City Healthcare Services, protecting your personal information is something we take seriously. We’re committed to keeping your information safe, secure, and confidential—just as we would want for ourselves and our families.

Our approach to privacy follows the rules set out by the Personal Information Protection and Electronic Documents Act (PIPEDA), the Personal Health Information Protection Act (PHIPA), and other relevant standards. We also follow the principles of the General Data Protection Regulation (GDPR) when they apply.

We collect, use, and share your personal information only when it’s necessary to provide you with the best possible care. We also make sure your information is handled responsibly throughout its entire life cycle—from the moment we receive it to when it’s no longer needed.

And it’s not just about our clients—our team members’ personal information is treated with the same level of care and respect.

What We Collect and Why It Matters

At City Healthcare Services, we only collect the personal information needed to provide you with the right care—nothing more. We regularly review our practices to make sure your privacy is respected.

If you’re receiving personal support services (like help with bathing or mobility), we’ll ask about your daily routines and general health. For nursing services (like wound care or medication management), a more detailed assessment may be needed to meet clinical standards. With services like respite care or companionship, we may ask about your preferences and emotional well-being to provide meaningful support.

We may also ask how you’re managing at home to build a care plan that supports your independence. If we ever need more or different information—or plan to use it for anything other than your care—we’ll always ask for your consent.

We do our best to keep your information accurate while you’re in our care, and we appreciate your help in keeping it up to date. After your service ends, we no longer update your records.

 

Your Consent Matters

Before we begin your care at City Healthcare Services, we’ll ask you to sign a Client Consent form. This gives us your written permission to carry out services like health assessments, care planning, and—if needed—sharing information with others involved in your care. If there’s anyone you don’t want your information shared with, just let us know—we’ll respect your wishes and make note of it.

Your consent remains valid throughout your time with us, unless the situation changes. You can withdraw or update your consent—fully or partially—at any point during your care. If you choose to do so, we’ll explain how that may affect your services.

If you’re unable to give consent yourself—for example, due to age, illness, or cognitive challenges—we’ll obtain permission from a legal guardian, power of attorney, or another authorized representative.

In cases where someone outside your direct care team requests access to your information, we’ll always ask for your permission first, unless it’s for routine care purposes. We also keep records of any such disclosures.

If you ever want to update or withdraw your consent, please contact your local City Healthcare Services office—we’re here to help.

 

How We Use Your Personal Information

At City Healthcare Services, we use your personal information strictly to support your care. It’s only shared with team members directly involved in your service—such as your nurse, personal support worker, or care coordinator—and never with anyone you’ve asked us to exclude. We’ll review this with you at the beginning of your care, and your preferences will be recorded in your Client Consent form.

We may also use your information as part of quality assurance and internal audits, to help us review and improve our services. When this happens, your identity is protected, and personal details are removed whenever possible. We never sell, rent, or trade your information for commercial purposes.

While you’re receiving care, we’ll keep your personal information as accurate as possible. If anything changes—like your health status, contact info, or emergency contact—please let us know so we can update your records and ensure continuity of care.

 

Who We Share Your Information With

When you begin care with us, we’ll talk with you about who is considered part of your circle of care—this could include nurses, personal support workers, physicians, or case managers from other organizations involved in your care. Only those directly involved in your care have access to your information. Other City Healthcare staff who are not part of your care team cannot access your personal records.

If there’s anyone you do not want to have access to your information—either in full or in part—just let us know at any time, and we’ll make sure your wishes are respected.

In rare cases, we may be required by law to release personal information, such as in response to a court order. If that happens, we’ll verify the request is legally valid and only share what’s strictly necessary.

 

How Long We Keep Your Information

City Healthcare Services keeps your personal records even after your care has ended. By regulation, we retain most records for at least 10 years, or longer if required by provincial laws. For children, records are kept until they reach the age of majority plus 10 years.

All records—whether stored at our office or off-site—are securely protected. If we use external storage providers, they are bound by confidentiality agreements and must comply with privacy legislation.

After the retention period is over, your records are securely destroyed to maintain your privacy.

In some cases, if your care was coordinated by a hospital, government-funded program, or research study, your records may be managed by that organization instead. In those situations, we’ll direct any access or update requests to the appropriate health information custodian.

 

Privacy and Safeguards at City Healthcare Services

At City Healthcare Services, we treat your personal health information with the highest level of confidentiality. We have implemented comprehensive safeguards to protect your information, aligning with the requirements of both PIPEDA (Personal Information Protection and Electronic Documents Act) and PHIPA (Personal Health Information Protection Act).

Due to the nature of our work, your information may exist in several forms—digitally, in physical documents, and within the knowledge of our trained staff.

All team members at City Healthcare Services receive privacy training during onboarding and are required to sign Confidentiality and Employment Agreements. Ongoing education around privacy and security practices is provided throughout their time with us, and additional information is available through our internal resources.

We treat all knowledge and information held by our staff as confidential. Staff use this information solely to carry out their duties within City Healthcare Services. If a caregiver is ever approached for client information, they are instructed not to disclose anything and to direct the inquiry to their supervisor.

To protect electronic records, we use secured systems with firewalls, user-specific login credentials, and role-based access permissions.

Our approach to protecting personal information includes:

• Utilizing physical and digital safeguards for secure storage.
• Limiting access to information only to personnel who require it to perform their job responsibilities or deliver care.
• Holding employees and contractors to strict confidentiality and privacy standards.
  
  

Hard copy files are stored in secure areas within our office, with access restricted to authorized personnel. These files are locked up after business hours.

When sending information by fax, we use pre-set numbers to reduce errors and always include a confidentiality cover page with instructions in case of a misdirected transmission.

Emails include confidentiality notices advising unintended recipients on how to proceed if they receive information in error. In such cases—whether via fax or email—recipients are asked to contact our Privacy Officer immediately.

Please note that City Healthcare Services is not responsible for the privacy practices of external sites that may be linked from our website.

 

Access to Your Personal Information

You have the right to access your personal information at City Healthcare Services. To request access or copies of your records, simply submit a written request to your local office. A nurse manager can assist you during the review if needed.

We’re happy to help prepare your request, and we can provide alternate formats or translators if required. To protect your privacy, we may need to verify your identity before granting access.

A reasonable fee may apply for copying or retrieving records. Most requests are processed within 30 days. Some requests may be denied or limited due to legal, privacy, or safety reasons.

Under GDPR, you may also request a secure transfer of your data for use with other services. If access is denied, we’ll explain why and let you know your options.

 

Correcting Your Personal Information

If you believe there is an error or omission in your personal information, you can request a correction by submitting a written request to City Healthcare Services. We will review and, if appropriate, make the correction as soon as reasonably possible. If we are unable to make the change, we will inform you in writing with the reason. Both your request and our response will be kept on file.

In line with GDPR, you also have the right to request the deletion of your personal data without delay—especially if it’s no longer needed, was collected unlawfully, or if you withdraw consent and there are no overriding legal grounds to keep it. We will erase the data as required by applicable laws.

Questions, Concerns, or More Information

Anyone is welcome to reach out to City Healthcare Services with questions, concerns, complaints, or even positive feedback regarding how we handle personal information. Every inquiry is taken seriously and will be thoroughly reviewed. If an issue is found to be valid, appropriate corrective actions will be implemented, which may include updates to our existing privacy policies and procedures. Details of any corrective steps taken will be shared with the person who raised the concern.

All staff at City Healthcare Services are committed to protecting the privacy and confidentiality of your personal health information. If you would like more information about how we manage and safeguard your data, or if you have any concerns, you are encouraged to contact your local City Healthcare Services office.

If your concern cannot be fully resolved at the local level or requires further attention, it will be referred to our Privacy Officer for follow-up. You may also contact the Privacy Officer directly via email at info@cityhealthcareservices.ca, by phone at  +1 (437) 263-2200, or in writing at 450, 111 Queen St E Office 410, Toronto, ON M5C 1S2.

Additionally, you have the right to contact your provincial Privacy Commissioner’s Office if you feel your concern requires external review. While we value the opportunity to resolve your issue directly, we are also happy to assist you in reaching the appropriate privacy oversight authority if needed.

 

Website Analytics

We use Google Analytics to better understand how our website is used. You can opt out by installing the Google Analytics Opt-out Browser Add-On. Learn more in Google’s Privacy Policy.