Last updated: November 1, 2021
EmergConnect Inc. (“EmergConnect”, “we”, “us”, or “our”) is pleased to present EmergConnect, our mobile remote triage, intake, individualized emergency department wait-time prediction and clinical direction system (“System”).
To register for use of our System through our Mobile Patient Portal, you must provide your express consent to our collection, use, transfer and disclosure of your Personal Information, and Personal Health Information on behalf of the hospital or healthcare provider as described in this Policy as well as the data that EmergConnect uses for research and analytic purposes, which does not include Personal Information, or Personal Health Information. When you provide us with your express consent and input Personal Information into our Mobile Patient Portal, use our System, or otherwise interact with us, you consent to the collection, use and disclosure of your Personal Information by EmergConnect in accordance with the terms of and for the purposes set out in this Policy.
Please review this Policy each time you use our System, as we may update it from time to time.
This Policy covers the following:
Our mobile remote triage, intake, individualized emergency department wait-time prediction and clinical direction system (“System”) provides individuals with real-time individualized emergency department (“ED”) wait time predictions.
When you use our System, you will access our mobile patient portal to self-navigate through the registration and triage processes, where we collect necessary data to conduct triage and predict your individualized wait time (“Mobile Patient Portal”).
In our secure backend System, we temporarily store and analyze your Personal Information, and Personal Health Information in order to conduct remote triage and predict individualized wait times. We may send this information to your chosen hospital’s emergency medical record (“EMR”) system or to the EmergConnect Clinician portal to assist clinicians to automatically input your data upon your arrival.
Your Personal Information will be sent to the hospital’s EMR system or to the EmergConnect Clinician portal for interaction with clinicians and all identifiable Personal Information will remain under the custody and control of your healthcare provider within the healthcare environment.
This Policy outlines how your Personal Information will be collected, used, transferred, and disclosed in furtherance of our triage System.
With your express consent provided when you register to use our Mobile Patient Portal, EmergConnect uses your Personal Information with identifiers removed for research and analytic purposes, as outlined in detail within this Policy.
Personal Information means any information, recorded in any form, about an identifiable individual or an individual whose identity may be inferred or determined from such information, and includes personal health information, such as information concerning physical or mental health. Personal Information may or may not include business contact information, depending on the jurisdiction.
We interact with Patients on behalf of hospitals via our Mobile Patient Portal. The Mobile Patient Portal is a self-guided triage System which asks you to respond to a series of questions to allow for evaluation of the severity of your condition and other factors that impact ER wait time. We will ask you to provide the following personal information:
Upon opening the Mobile Patient Portal, you will be provided with an overview of our System including what it does, how it should and should not be used, and what patients are best suited to use it (i.e. non-life-threatening conditions). You will be provided with an overview of the Personal Information you will need to have available and will need to provide in order to work through our triage System, and in what cases you should immediately go to the in-person ED.
Children: Note that the use of our System is restricted to persons age 18 or older. Patients under the age of 18 may only use this System with the consent of their legal parent or guardian(s).
Please note that it is always your choice whether you provide us with your Personal Information, however, if the Personal Information requested is necessary in order for us to provide our System to you, we will be unable to provide our System without your Personal Information.
The Personal Information we collect will be used for the following purposes:
As part of the registration process, you will need to provide identifiable information in order for us to facilitate registration through the EmergConnect Clinician Portal. As indicated above, identifiable data collected by us on behalf of the hospital will include your first and last name, date of birth, address, postal code, health card number (optionally), email address and phone number.
This data will be sent through a secure application programing interface (“API”) to the Web Hosted EmergConnect Clinician portal. Backend data will be linked using participant ID numbers (specifically, randomly generated visitor and patient ID numbers). All identifiable data and linkers will be destroyed 24 hours following patient registration. Following this, all data is irreversibly anonymized and identified through randomized numbers given to each record.
As part of the registration process, you will need to provide identifiable information in order for us to facilitate registration or create a medical record in the hospital’s EMR. As indicated above, identifiable data collected by us on behalf of the hospital will include your first and last name, date of birth, address, postal code, health card number (optionally), email address and phone number.
This data will be sent through a secure application programming interface (“API”) to the hospital’s local EMR system. Backend data will be linked using participant ID numbers (specifically, randomly generated visitor and patient ID numbers). All identifiable data and linkers will be destroyed 24 hours following patient registration. Following this, all data is irreversibly anonymized and identified through randomized numbers given to each record.
By using our System, you expressly consent to the use of your Personal Information to generate de-identified and/or aggregated data that cannot be linked to you or used to identify you. EmergConnect reserves the right to use anonymized/aggregated data for data analytics purposes in order to assess for accuracy and for further development of the System.
All patient data is automatically anonymized and used only for further development and testing purposes.
Data analysis will be done through the collection and analysis of de-identified patient triage data and analysis system performance. This includes triage, wait-time predictions, and clinical redirections. Triage score (CTAS) consistency, accuracy and distribution (when compared to historic data sets) will be analyzed to make an assessment as to the accuracy of the triage scores assigned. Data surrounding the number of patients with high-risk complaints will also be collected. Demographic information will also be analyzed to assess user populations and characteristics.
We collect your contact information as part of the registration process in order to contact you to provide you important information regarding your ED visit.
Should you not arrive following using the system, the app will notify the user up to three times (an automated email will be sent and two automated text message attempts will be made, to both the user and any outlined emergency contact). If all contact proves unsuccessful, the user will be automatically deregistered from the system, and notified via email and text message.
We will also use the contact information you provide in order to respond to your inquiries, emails or questions.
With your consent upon registration for the study, EmergConnect will use your contact information to send you surveys and seek your input on your experience with our Mobile Patient Portal.
We will use the Personal Information we collect on behalf of the hospital in order to:
We will use de-identified/aggregated data to:
We only share your Personal Information with:
Under certain circumstances, EmergConnect will be obliged or permitted to disclose your information without your consent:
EmergConnect may disclose Personal Information to third parties without your consent for any of the following reasons: (i) to comply with any law, regulation or order of a court, administrative agency or government tribunal; (ii) to cooperate with Government investigations; (iii) to help prevent fraud or to enforce or protect the rights of EmergConnect or its subsidiaries and to pursue available remedies or limit any damages that we may sustain; or (iv) where it is necessary to protect the rights, privacy, safety or property of an identifiable person or group.
EmergConnect may disclose Personal Information to other third parties without your consent where required or permitted by law, including where: (i) the information is public as permitted by law; (ii) it is necessary to proceed with or complete a “business transaction”, such as purchase and sale of an organization or assets, a merger or amalgamation, making of a loan, charge, lease or licensing, or other prescribed business activity; (iii) it is reasonable for the purposes of investigating a breach of an agreement, or actual or suspected illegal activity; or (vi) it is necessary to identify an individual who is injured, ill or deceased, or (vii) due to an emergency that threatens the life, health or security of an individual.
Where obliged or permitted to disclose information without consent, EmergConnect will not disclose more information than is required. EmergConnect does not disclose your Personal Information to any third party to enable them to market their products or services.
All patient Personal Information collected via our Mobile Patient Portal is sent through a secure API gateway using a certificate to a database on a secure Amazon Web Services (“AWS”) server located in Canada and to the hospital’s native EMR.
No patient identifiable Personal Information is stored in the database for more than 24 hours. Where Personal Information is no longer needed, it will be securely destroyed or permanently anonymized or de-identified.
All data will be owned by the care provider at which the patient elects to receive care.
We have implemented stringent security protocols in an effort to keep information safe from loss, unauthorized access, modification or disclosure, including, but not limited to managing/restricting access to cloud services, implementing infrastructure security, protecting against DoS and DDoS attacks, firewalls, security monitoring and alerts, secure operating systems, data security (i.e. network isolation, application-level threat protection, server-side encryption), and application/API security.
While EmergConnect endeavours to safeguard all Personal Information we hold, you should be aware that no form of internet transmission or network security is guaranteed to be secure against all forms of threat actors or instruction, and your use of our website, Mobile Patient Portal, System and networks is at your own risk.
Subject to certain exceptions in Canadian privacy legislation, you may have the right to access or correct your Personal Information. Again, all identifiable Personal Information, whether stored by us in transitory form for 24 hours or not, is collected by EmergConnect on behalf of the hospital, and is under the custody or control of the hospital. Accordingly, any requests for access or correction should be directed to the hospital in accordance with their policies.
Since EmergConnect regularly reviews all of its policies and procedures, we may change this Policy from time to time. Any changes will be effective upon the amended Policy being posted on the Mobile Patient Portal. We will reflect any such changes or modifications to this Policy on the Mobile Patient Portal and will indicate on the first page of this Policy the date this Policy was last amended. Your continued access to and/or use of our System after any such changes constitute your acceptance of, and agreement to be legally bound by this Policy, as revised. We encourage you to review this Policy each time you use our System.
RESOLVING PRIVACY CONCERNS
EmergConnect will work with you to resolve any concerns you may have about this Policy or our privacy practices.
If we are unable to resolve your privacy concerns, you have the right to complain to the Office of the Privacy Commissioner of Canada. You may also direct your inquiry/complaint to the relevant Information and Privacy Commissioner in your jurisdiction of residence.