Privacy policy
1. Introduction
Three Hive Consulting, Inc. provides evaluation, research, project management and planning, and training services (the “Services”). Our clients include Primary Care Networks, other health organizations, and non-government organizations (NGOs).
Three Hive Consulting is supported by a consulting and support team who work at authorized shared or home office locations in Alberta. Each employee and contractor is bound by confidentiality obligations and trained to understand the importance of safeguarding confidential information and to ensure that technical, administrative, and physical safeguards are followed to ensure that confidential information is properly maintained while working remotely.
This Policy is an expression of the Three Hive commitment to adhere to our privacy obligations. We recognize that our clients may need to comply with the Health Information Act (HIA), Freedom of Information and Protection of Privacy Act (FOIP), Personal Information Protection Act (PIPA), Personal Information and Protection of Electronic Documents Act (PIPEDA), or other privacy legislation. When you share your evaluation, research, or business data with us as part of our Services, we are prepared to meet reasonable safeguards as a business associate, affiliate, or information manager.
The following is our privacy policy (the "Policy"). It guides the way we collect, use and disclose the information that you provide to us and discusses the rules and conditions related to privacy of information while using our Services. This Policy is intended to be complimentary to the Three Hive Consulting Ltd. Information Privacy and Security Manual prepared in July 2017 (the “Manual”). To the extent that any information contained in this Policy conflicts with the Manual, the information contained in this Policy shall govern.
2. Our Privacy Pledge
Three Hive Consulting, Inc. ("Three Hive"/ "We") are committed to safeguarding the personal information entrusted to us by our clients. We manage your personal information in accordance with Alberta’s Personal Information Protection Act (the "Act") and other applicable laws. We take privacy and confidentiality very seriously and we safeguard the personal information of our users in accordance with this Policy.
For the purposes of this Policy "personal information" means personal information about an identifiable individual, this includes an individual’s name, home address and phone number, age, gender, an identifying number, financial information, educational history, and more but excludes business contact information of employees, volunteers and services providers, when used for business communications.
3. How do we safeguard your Personal Information?
We are accountable for all personal information in our possession and control and we take every reasonable effort to prevent any loss, misuse, disclosure or modification of personal information, as well as unauthorized access to personal information. This may include the use of appropriate physical safeguards, appropriate technical safeguards (including the use of passwords for client information), and appropriate administrative safeguards (including ensuring that those with access to personal information have a need to access that information).
We will notify affected clients and the Office of the Information and Privacy Commissioner of Alberta without delay of a security breach affecting personal information if it creates a real risk of significant harm to individuals.
We retain client personal information only as long as is reasonable to fulfil the purposes for which the information was collected or for legal or business purposes.
We render client personal information non-identifying, or destroy records containing personal information once the information is no longer needed.
We use appropriate security measures when destroying client personal information, including shredding paper records and securely deleting electronic records.
4. Consent
We may only disclose your personal information to a third party with your written consent to that disclosure. If you consent to disclosure of your personal information, you may revoke that consent at any time.
By using our Services or by providing your personal information to us, you explicitly consent to the collection, use, retention and disclosure of your personal information by us for the purpose of providing Services to you in accordance with: (a) this Policy, (b) other applicable terms and conditions (c) any other agreement you may have entered into with us, and (d) applicable laws and regulations. It is your responsibility to ensure that we are kept informed of the correct and current contact information for you.
5. Collection and Use of Information
Three Hive will only collect personal information for the purposes that we have identified or as otherwise permitted by law. In addition, we will only collect as much personal information as is essential to carry out the purpose for which we are collecting it.
Your personal information will be collected directly from you, except in the limited circumstances where we are authorized by the Personal Information Protection Act or other privacy legislation to indirectly collect such information.
In providing consulting services to you, we will use your information on need to know basis for the purpose it was collected. Any third-party disclosure of information requires your written consent, unless otherwise permitted by law.
6. Access
You have the right to access your personal information held by Three Hive, subject to limited exceptions as provided by law.
A request to access personal information must be made in writing on forms provided by Three Hive and must provide sufficient detail to identify the personal information being sought. Requests to access personal information should be forwarded to the Privacy Officer, Shelby Corley.
Upon request, we will also tell you how we use your personal information and to whom it has been disclosed (if applicable).
We will make the requested information available within 45 business days (or as otherwise required by law), or provide written notice of an extension where additional time is required to fulfill the request.
Three Hive may charge a minimal fee for providing access to personal information. Where a fee may apply, we will inform you of the cost and request further direction from you about whether or not to proceed with the request.
If a request is refused in full or in part, we will notify you in writing, providing the reasons for refusal and the available recourse, all as provided by law.
7. Information Handling
We recognize that our clients may need to comply with the Health Information Act (HIA), Freedom of Information and Protection of Privacy Act (FOIP), Personal Information Protection Act (PIPA), Personal Information and Protection of Electronic Documents Act (PIPEDA), or other privacy legislation. When you share your evaluation, research, or business data with us as part of our contractual services, we are prepared to meet reasonable safeguards as a business associate, affiliate, or information manager.
8. Changes to Personal Information
An individual who believes that their personal information is incorrect or incomplete may request a correction by Three Hive. This request must be in writing and Three Hive may ask to confirm the requestors identity or request additional information to assist in responding to the request.
9. Changes
We will occasionally update this Policy. You should review this privacy policy from time to time. When we post changes to this policy, we will revise the "Last Updated" date beside the link to this Policy. This update will provide good and sufficient notice of the change to the Policy and your continued use of our Services indicates your acceptance of the changes.
10. More Information
In the event you have a question, complaint or dispute regarding your personal information or our personal information handling practices, contact us at the number(s) or email address(es) as displayed in the "contact us" section of our site. We have designated one or more individuals to be responsible for ensuring that we comply with our privacy obligations.
Last Updated July 14, 2020