Privacy Policy
Effective December 1, 2021
Introduction
- specialty patient support programs
- pharmaceutical distribution and wholesale
- business services focused on various pharmaceutical and pharmacy supply specialties such as clinic & nursing services, specialty pharmacy, specialty distribution & 3PL, strategic consulting, market access and reimbursement.
Purpose & Scope
Part A of this Policy applies to personal information that Innomar collects, uses, discloses and maintains for its own business purposes and in the course of providing services, with the exception of:
- the information and information handling specified in Part B and C; and
- personal information related to human resources.
Part B of this Policy applies to personal information that Innomar is required to collect, use and disclose for the purpose of services it is providing to a Client (as defined below).
Part C of this Policy applies to all personal health information collected, used, and disclosed by Innomar Healthcare Providers (as defined below) when providing healthcare services and business operations independent of the services Innomar provides to a Client.
“Client Personal Information” means information in any format about an identifiable individual that Innomar collects, uses and/or discloses as required for, or as part of, providing its services to a Client.
1. Purposes for Collection, Use and Disclosure
Where we do not collect Personal Information directly from you, we will keep a note of the source of the information. We process and store our records of personal information in Canada by one of Innomar’s affiliates or service providers. Upon request in writing to our Privacy Officer, you may request up to date information regarding the location where we are storing your Personal Information. Instructions on how to request access to, or correct, your Personal Information are provided in Part A.9 below.
Innomar is accountable for the information it collects, uses and discloses for its own business purposes. Innomar retains your Personal Information only for as long as is necessary for the purpose for which it was collected. When your Personal Information is no longer required, it will be destroyed or de-identified.
2. Service Providers
Innomar may use external service providers (“Service Providers”) for services that require the use of your Personal Information and/or Client Personal Information. We use Service Providers to support our business (e.g., internet service providers, hosting companies, data processing and storage, fulfillment services, technical support, delivery services, and financial institutions).
3. De-Identification
4. Cookies
This technical data is aggregated and used to measure and improve the effectiveness of our website and our services. We may share this non-identifying information in aggregate. We do not attempt to combine technical information with Personal Information we collect. You can block the use of cookies by activating the settings in your browser but if you choose to withhold consent, or subsequently block cookies, you may not be able to access all or part of the content of our website.
5. Notice and Consent
Innomar will not use or disclose your Personal Information for purposes other than those for which it was collected, except with your consent or as required or permitted by law.
6. Safeguarding Information
Security
Innomar uses commercially reasonable physical, technological and administrative safeguards to protect your Personal Information and Client Personal Information against theft, loss and unauthorized access, use (including copying and modification), disclosure and disposal while at rest and in transit.
The nature of the safeguards we use varies depending on the sensitivity, format, and the scope of the required distribution of the information, however they include:
a) by way of physical measures, safe storage of records, locked filing cabinets, and restricted access to offices;
b) by way of administrative/organizational measures, limiting access of Personnel; and
c) by way of technological measures, the use of passwords for access to our network systems, encryption and audits.
Personnel
Innomar will be responsible for the acts and omissions of its employees and contractors in connection with your Personal Information and Client Personal Information.
Innomar will only assign access to your Personal Information and/or Client Personal Information to Personnel who have received training in the permitted collection, use and disclosure of Personal Information and Client Personal Information, as applicable, and have agreed to manage the information in a manner consistent with Innomar’s privacy obligations and to those of its Clients.
Innomar will take reasonable steps to ensure compliance of Personnel with applicable privacy requirements, including through the use of written agreements, investigation of reports of suspected or actual non-compliance, suspension or termination, and reports to the applicable health regulatory body where appropriate. Innomar will take reasonable steps to terminate Personnel access to Personal Information as required, where access is no longer needed for business purposes, or on termination of Personnel’s employment or affiliation with Innomar.
Access to an Innomar electronic information system will be by way of a unique set of credentials to facilitate audit of access by Personnel.
Individuals and Clients may report any concerns regarding Personnel in connection with Personal Information and/or Client Personal Information to our Privacy Officer.
7. Notice of Unauthorized Collection, Use, and Disclosure
In the event that your Personal Information is stolen, lost, or accessed by unauthorized persons, Innomar will notify you as required by law and, even where not legally compelled to give notice, where we have reasonable grounds to believe that there exists a real risk of significant harm to you and there are steps that can be taken by you to mitigate that harm.
8. Access, Inquiries, and Correction
Except in the limited circumstances established by law, you may obtain access to your Personal Information. You may also request that we correct your Personal Information where you believe it to be out of date or otherwise inaccurate. Requests for access or correction must be made in writing and should be addressed to our Privacy Officer.
We will assist you if you inform us that you need assistance in preparing a request concerning your Personal Information. Administrative charges may apply.
You may obtain more information about how we manage your Personal Information by contacting our Privacy Officer.
9. Contact Information for Privacy Officer
The Privacy Officer, who is the Chief Canadian Counsel, may be contacted at:
3470 Superior Court, Oakville, Ontario, Canada L6L 0C4
Tel: 905-847-4364
Toll free: 1-888-420-5457
Email: privacy.officer@innomar-strategies.com
Part B: Client Personal Information
1. Ownership of Client Personal Information
2. Purposes for Collection, Use and Disclosure
3. Innomar Personnel
4. Segregation, Return and Destruction of Client Personal Information
5. Reporting and Assistance
Part C: Innomar Health Services
1. General Information
2. Custody of Personal Health Information
As between you and Innomar depending on the healthcare service provided, Innomar maintains custody and control of your Personal Health Information collected directly from you, your authorized representative, or your physician. Further, this includes your Personal Health Information that is collected independent of Innomar’s relationship with a Client, through the use of any of the Innomar health services provided by Healthcare Providers and includes any information that identifies or can identify you and relates to the state of your health or the treatment that you are receiving.
3. Consent
If you choose not to provide a Healthcare Provider with certain personal health information, or if you withdraw consent, you may not be able to receive certain healthcare services. You should withdraw consent directly with your Healthcare Provider.
4. Purposes for Collection, Use and Disclosure
Depending on the healthcare service provided, your Personal Health Information collected may include your name, date of birth, home address, phone number, height, weight, health conditions, prescription and medical history, the type of healthcare service received, name and contact information of prescribing or referring physician and name and contact information of any authorized agent acting on your behalf.
Your Personal Health Information collected is used in connection with providing healthcare services to you, which may include:
a) Dispensing your medications either in the pharmacy and providing initial and, where appropriate, on-going counseling with respect to your drug(s);
b) Delivering pharmacy professional services and, where appropriate, providing knowledge, information and counseling in connection with such services, such as immunization information, adaptation of prescriptions, initiation of prescriptions, medication reviews, etc.;
c) Communicating with you to advise you of prescription refills and other health-related information and services that may be of assistance or interest to you;
d) Delivering other professional services and treatments, including medication administration;
e) Consulting physicians and other healthcare professionals as needed;
f) Responding to requests made by, or on behalf of, your insurance provider to review your insurance claim(s);
g) Recommending programs, products, services or events to manage healthcare needs;
h) Managing your patient record, including medications dispensed and services or treatments provided;
i) Obtaining and processing payments for prescriptions and healthcare services;
j) Monitoring and investigating incidents and managing claims;
k) Performing our obligations in accordance with, or complying with, applicable healthcare-related professional, legal or regulatory requirements.
When you are provided with healthcare services, your Personal Health Information may be shared with your physicians and authorized representative(s). Your Personal Health Information may also be shared with others but only with your consent or as detailed in the Part A of this Policy.
Canadian law permits or requires the use or sharing of Personal Health Information without consent in specific circumstances, including situations when necessary to protect healthcare providers, employees, customers, or others.