Application/Updating of this Policy
Sunrise’s collection, use and disclosure of personal information
Sunrise collects, uses, and discloses personal information to the extent required for the following purposes and activities.
(1) In connection with the provision of services, for purposes that include but are not limited to:
- Processing applications for clients and creating a file for each client;
- Keeping a record of the services provided to a client including maintenance and repairs and any concerns of a client in connection with services, supplies, equipment, programs and facilities;
- Keeping a record of expenses incurred by a client and billing;
- Keeping a record of all services to clients
(2) In connection with health care, for purposes that include but are not limited to:
- Coordinating, providing and/or managing health care, including identifying health care needs and client preferences and instructions;
- Monitoring and evaluating health care received by a client;
- Communication with a client health care providers for purposes including consultation and referral of the client to the providers;
- Contacting a client’s substitute decision maker or family;
- Determining eligibility and coverage for insurance and other benefits;
- Obtaining payment or reimbursement for health care and therapy;
- Keeping records required by law; and
- Responding to inquiries from governmental programs or authorities.
(3) In connection with our business administration, for purposes that include but are not limited to:
- Complying with regulatory and other legal requirements;
- Maintaining required certification, licenses and accreditation;
- Quality assurance activities including evaluating the performance of our subcontracts;
- Corporate planning, risk management, resource allocation;
- Audits, inspections and investigations;
- Legal and other proceedings;
- Obtaining and maintaining insurance coverage and making claims; and
- Any contemplated or actual restructuring or reorganization of our business or operations, including an assignment, sale, merger or other transaction involving all, substantially all or a part of our business or operations and the due diligence required to determine whether to proceed with any such transaction.
Sunrise’s use of external service providers
Sunrise transfers or permits access to personal information to external service providers (“Service Providers”) where their services require its use. Sunrise uses Service Providers to take advantage of their specialization and expertise. Sunrise may also engage its parent company (including affiliates and subsidiaries of its parent) to assist it in providing the activities described in paragraphs 1 through 3 above. Sunrise selects its Service Providers with care and requires them, through contracts, to protect and restrict their use of personal information. Personal information made available to such Service Providers will be subject to non Ontario as well as Ontario law and may be disclosed pursuant to either or both laws, including to governments in either or both proveniences and their agencies.
The kinds of Service Providers Sunrise may use include the following:
- Cloud hosting and data storage
- Information technology management and maintenance
- Accounting and payment processing
- Human resources and communications
- client services (including food, healthcare, cleaning, supplies, equipment, programs and facilities services)
Protection of personal information
Sunrise employs a variety of means to protect personal information; some protect our physical facilities, others impose rules and procedures on our staff, subcontractors and Service Providers, and still others protect our electronic information technology systems and records. Our security measures may vary from province to province to address the requirements of particular facilities, although the following safeguards apply across our company in Canada.
Access and correction of personal information
We ask that requests for access be made in writing to permit us to keep a record of the release of personal information (including to the client to whom it relates). Staff will assist clients in making a written request if asked to do so. In the event that Sunrise refuses a request for access, Sunrise will provide its reasons for doing so. As set out below, clients may ask the privacy commissioner who administers the law applicable in their province to review the refusal. The rules differ from province to province, but where there will be a fee for duplication of records, Sunrise will tell you and will provide an estimate prior to processing the request.
Sunrise will correct or update personal information in its records where it agrees that there is a need to do so. Sunrise is not required and will not make changes to information that reflects the observations or professional judgment of a health care provider, except with the provider’s written approval, as maintaining the integrity of such information may be critical to protecting a client and the members of the client’s health care team.
Sunrise will process requests for access and correction as quickly as possible and except in usual circumstances to which Sunrise will alert the resident, within 30 days of receiving a request.
Retention of personal information