Effective October 24, 2018
Dialogue Technologies Inc. (“Dialogue”, “we”, “us” or “our”) is a secure telemedicine platform (the “Platform”) that allows users to directly access quality healthcare services via on-demand telemedicine consultations with healthcare professionals (“Consultation”) through our application (the “App”) available on mobile devices and through a web browser.
This privacy policy (the “Policy”) outlines how we collect, use, disclose, manage and safeguard your personal information (“PI”) and personal health information (“PHI”). All employees and contractors working for Dialogue are required to adhere to the protections described in this policy.
For the purposes of this Policy, “personal information” or “PI” means information about an identifiable individual. “Personal health information” or “PHI” means information about an identifiable individual that relates to the individual’s physical or mental health, including name of patient, date of birth, medical history, medical treatment, medical test results, medication list, and health number. PHI may be found in medical records, treatment and examination notes and communications between patients and their healthcare professionals.
Dialogue will collect personal information and PHI from you when you access and use our App, the Platform, the website www.dialogue.co (the “Website”) or our other software products (collectively referred to as the “Services”).
By accessing or using the Services you are agreeing to the terms of the Policy. The Policy should be read in conjunction with the Terms of Use. You must also complete a Telemedicine Patient Consent Form prior to using the Services, which informs you about the benefits, risks and limitations of telemedicine and obtains your consent to care via telemedicine. You should not use the Services unless you fully understand and agree to the Terms of Use, the Telemedicine Patient Consent Form and the Policy.
We take the privacy of our users seriously and are committed to safeguarding your personal information and PHI. If you have any questions about the Policy or our privacy practices, please contact our Designated Privacy Contact with your questions at privacy@dialogue.co.
Dialogue will collect the following information from you when you register for an account with Dialogue (“Account”) or use the Services:
Registration and Health Information
When you register for an Account, in order to identify you properly and contact you when needed, we will collect identification and contact information, such as name, date of birth, email address, phone number, mailing address and a photo of your provincial health insurance card.
When you use the Platform, we will collect and store personal health information, such as symptoms, medical history, clinician observations, appointment history, diagnosis, investigation results and treatment information.
Payment Information
When you make or receive a payment through our Services, we will collect and use your credit card or banking information or other financial data in order to process the payment.
Log and Website Information
When you access and use the Services, we may automatically collect certain technical information about your visit, including the date, time, browser type, your internet service provider, your IP address, device information (including device identifiers), geo-location information, computer and network performance data, the URL that you are coming from and your navigation history in order to customize and personalize your experience on the Services, improve our Services and for statistical research purposes.
Information from Consultations
Data obtained from Consultations will be anonymized and de-identified before being analyzed and used by Dialogue for product development and research purposes.
Consultations and Healthcare Services
We will use the personal information and PHI that we collect from you to schedule, administer and personalize your Consultations, update your patient record and to provide you with healthcare services.
We may disclose your personal information, including PHI, to third-party healthcare professionals involved in providing you with healthcare services, such as a specialist physician, pharmacist, physiotherapist, psychologist, nutritionist or lab technician. When the disclosure is part of a care plan that you have agreed to, we will consider the agreed care plan to constitute implied consent. For all other disclosures to a third-party not associated with Dialogue, we will only make the disclosure after obtaining your express consent.
Only healthcare professionals and their delegates involved in providing you with healthcare services can access your PHI. All delegates who are not regulated healthcare professionals sign strict and durable confidentiality agreements.
Access to your information is logged and we perform regular audits in order to ensure that any access is authorized and that information is only accessed on a ‘need to know’ basis.
We may share with selected third-parties demographic and contact information about you (including but not limited to name, date of birth and any email addresses or phone numbers) by email, SMS, instant messaging or any other means necessary, for reasons including but not limited to: verifying your identity, medical follow-up, scheduling appointments, confirming appointments, customer support and technical support.
Third-Party Service Providers
We may transfer your personal information, including PHI to a third-party service provider for processing and storage in Canada. Whenever we engage a third-party service provider, we ensure that the information is properly safeguarded at all times at a comparable level of protection the information would have received if it had not been transferred.
Legal Issues
We may use your personal information to detect, investigate, address and prevent fraudulent or illegal activities. We reserve the right to disclose your personal information as required by law, when we believe that disclosure is necessary to comply with a judicial proceeding, court order, or legal process served on us and to defend against legal claims.
These situations may include, but are not limited to, disclosing potentially life saving information during medical emergencies and reporting infectious diseases or fitness to drive.
Corporate Matters
We may disclose and share your personal information to explore and/or undertake a corporate transaction, including a merger, acquisition, amalgamation, IPO, reorganization or sale of Dialogue. Your personal information relevant to the transaction, such as billing information, can be used and disclosed solely for the purposes related to the transaction and will be protected by security safeguards appropriate to the sensitivity of the information.
Your PHI will not be disclosed and will remain confidential.
Accessing the PHI held by Dialogue
You have the right to access your patient record. If you request a copy of your patient record, it will be provided to you, subject to a reasonable fee. You can request access to your patient record by contacting us at privacy@dialogue.co.
Limitations on access
You may be temporarily denied access to your patient record if providing access would create a significant risk to your health. You will also be denied access to your patient record where disclosure would be likely to reveal personal information about a third person or the existence of such information and the disclosure may seriously harm that third person, unless the third person consents or in the case of an emergency that threatens the life, health or safety of the person concerned.
Accuracy
We use reasonable means to ensure that information in your patient record is accurate. If you identify any inaccuracies, you can request that a note be made on the file indicating the inaccurate information.
When conducting product development, research, advertising and marketing, we will only use anonymized, de-identified and aggregated information.
If you want us to close your Dialogue account, please send an email to support@dialogue.co. We will ensure it is done in a reasonable time after receiving the request. For billing purposes, we will notify your employer that your account is closed but not disclose the reason for the account closure.
We will retain any and all personal information that we are required to retain under any applicable laws and regulations for the full duration of time required under those laws and regulations. We may also retain any anonymized and de-identified information and continue to use this information in accordance with this Policy.
Dialogue is committed to information security and protects personal information and PHI through integrated, physical, technological and administrative safeguards:
There is no guarantee against data breaches. However, Dialogue has taken reasonable measures to prevent a breach, as described above. In the event of a data breach, Dialogue will:
If we decide to make material changes to the Policy, we will notify you and other users by placing a notice on our Website and App. You should periodically check the Website and the App for updates.
To ensure meaningful consent by patients, Dialogue provides information about privacy practices in this Policy, as well as through our Designated Privacy Contact at privacy@dialogue.co.
If you believe that we have not adhered to this Privacy Policy, please contact our Designated Privacy Contact at privacy@dialogue.co.
If we are unable to resolve your issue to your satisfaction, you can file a complaint with the privacy commissioner in your province or territory, or with the Office of the Privacy Commissioner of Canada.