Privacy Policy

What Information We Collect

We collect the minimum necessary personal and health information required to deliver our electronic patient-reported outcomes (ePRO) service, including:

• Unique patient identifiers
• Questionnaire responses related to your health
• Assigned healthcare provider or staff details
• System usage data (e.g., login dates/times, IP addresses)

How We Use Your Information

We use your information solely to:

• Provide accurate health assessments through ePRO questionnaires
• Share your reported outcomes securely with authorized healthcare providers
• Improve patient care and health services
• Maintain system security and integrity

How We Protect Your Information

We adhere strictly to FIPPA and HIPAA regulations by implementing strong security measures, including:

• Secure data transmission using TLS 1.3 encryption
• Encryption of stored data (AES-256-CBC)
• Role-based access control
• Regular data backups stored securely
• Comprehensive monitoring and logging

Data Sharing and Disclosure

We will disclose your information only:

• To authorized healthcare professionals directly involved in your care
• When required by law, regulation, or court order
• To respond to public health or safety emergencies

CAMS ePRO System reserves the right to anonymize, aggregate, or otherwise de-identify the personal and health information collected through the CAMS ePRO platform. Such anonymized or aggregated data may be used or shared with third-party healthcare providers, institutions, research organizations, regulatory bodies, or other entities for purposes including, but not limited to, research, healthcare improvement, benchmarking, analytics, or related health services enhancement. In all such cases, the data will be anonymized or aggregated so that individual patients cannot reasonably be identified or re-identified.

Your Rights

You have the right to:

• Request access to your personal health information
• Request corrections if you identify inaccuracies
• Receive information on how your data is used
• File a privacy complaint if you believe your data was misused or improperly disclosed

To exercise any of these rights, please contact our Privacy Officer.

Incident Response

In the event of a privacy breach or security incident, we:

• Immediately investigate the issue
• Notify affected parties and regulatory authorities within legally required timelines
• Take appropriate measures to resolve the issue and prevent recurrence

Contact Information

How long do you keep my data?

We retain your personal health information for the period required by applicable healthcare regulations and laws. This typically includes the duration of your care plus a legally mandated retention period after the conclusion of treatment.

Is my data shared internationally?

No. All patient data is stored on secure servers located within Canada and complies with Canadian privacy legislation, including FIPPA.

How secure is the mobile app?

Our mobile application utilizes the same high security standards as our web platform, including end-to-end encryption, secure authentication, and automatic session timeouts to protect your information.