Fort St. John Hospital Foundation

(the “Foundation”)

PRIVACY POLICY

A.        Background

The Fort St. John Hospital Foundation is a registered charity that collects, raises, and distributes funds for the benefit of the Fort St. John Hospital and Peace Villa Facility. The Foundation does need to collect personal information in order to fulfill its mandate.

B.        Purpose of this Policy

The Foundation has developed this Privacy Policy for implementation beginning March 1, 2010. This Policy describes the way that the Foundation collects, uses, retains, safeguards, discloses and disposes of the personal information of current and past donors, prospective donors and individuals associated with businesses and organizations who have, are or may be donors and of individuals other than donors.

The Donor Privacy Policy describes the way that the Foundation will, subject to applicable legal requirements, adhere to all relevant federal and provincial legislative privacy requirements. The Foundation will strive to meet or exceed federal and provincial legislative requirements and will ensure that it remains current with changing technologies and laws. Any and all changes will promptly be posted to the Foundation web site and be made available through other means upon request.

C.        Policy

  1. Accountability
    1. The Foundation will appoint a staff person (the “Privacy Officer”) whose responsibilities will include those of the implementation and monitoring of the Foundation’s Privacy Policy. The Privacy Officer will be responsible for the Foundation’s compliance with privacy principles. This person will also be responsible for responding to access requests in accordance with this Policy. The Privacy Officer will report to the Board of Directors and the ultimate responsibility for Privacy issues will rest with the Board of Directors. The Privacy Officer may at his/her discretion enlist assistance from other staff members and/or volunteers within the organization. This will not in any manner mitigate his/her responsibility for Privacy issues.
    2. The Privacy Officer’s identity will be fully disclosed and publicly accessible to the Foundation’s members and the public in general.
    3. The Foundation’s Privacy Officer will ensure that the Foundation manages all personal information in its possession in accordance with this Policy including that which may be transferred to a third party. Third party organizations who handle information on behalf of the Foundation shall be contractually obligated to adhere to the standards of the Foundation.
    4. The Foundation will implement internal policies which will facilitate adherence to this Privacy Policy including but not limited to the following:
  • Security measures at all levels designed to protect personal information in our possession.
  • Implementing procedures designed to respond to complaints and/or inquiries.
  • Staff training in all facets of information management, including awareness of the Foundation’s Privacy Policy and policies and procedures developed in accordance with the Policy.
  1. Identifying Purposes, Type of Information Collected and Website
    1. The Foundation shall only collect personal information reasonably necessary to conduct ongoing charitable work including but not limited to approaching individuals, by mail, telephone, email or in person regarding donation and recognition possibilities.
    2. The Foundation collects personal information from donors, prospective donors, publications and affiliate organizations for the purposes of fulfilling its charitable mandate. Specifically:
  • A donor or prospective donor’s name, marital status, address, telephone number, fax number, email address, donation amount and donation designation are collected in order to issue and track numbered tax receipts and keep a record of donation histories. Addresses, telephone numbers, fax numbers and email addresses may refer to home, mailing and/or business.
  • Banking information and credit card information may be collected from individuals only with their express consent to facilitate timely donations and/or pre-approved payments.
  • Historical information concerning donations to other organizations (if publicized), birth date, date of decease, past address information, previous names, spousal information, family information, educational information, employment information, past donation history to the Foundation, recognition received for donations, affiliations with business and organizations, information on volunteerism and newspaper and periodical items may be collected in order to maintain and increase relationships with donors.
  • Information as to a donor’s parents’ names, children’s names, addresses, telephone numbers and email addresses may be collected in order to facilitate contact information as well as to maintain and increase relationships with donors.
  • E-mail addresses, home addresses, business addresses, telephone numbers and facsimile numbers may be collected for the purposes of facilitating communication related to upcoming events, programs and donation possibilities.
  • Personal information collected for the purposes above may also be used for specific research purposes including but not necessarily limited to demographic type research.
  1. Partnerships: The Foundation has, from time-to-time, partnership arrangements with for-profit businesses and corporations. The Foundation will only disclose the following information to these partners: name, name of spouse, mailing address, telephone number, last donation date, donation amount (in ranges of $100 increments only) and email address unless otherwise authorized by the individual.
  2. The Foundation will endeavour throughout its normal course of activities to advise donors and potential donors of the purpose for the collection of the data requested at the time of collection or by reference to our web site at www.fsjhospitalfoundation.ca. We will further endeavour to ensure that all collectors of the personal information are familiar with the potential use of the personal data. All personal data collected by the Foundation shall be maintained in its office listed on our web site or a secure location approved by the Board of Directors.
  3. The Foundation will request individual permission for the use of any personal data collected which is extraneous to that which has been identified above, unless said the use is authorized by law.
  4. The Foundation may also use information about an individual who accesses secure areas of Information requested to provide during use of the Foundations web site may include names, addresses, e-mail addresses. All such personal information will be treated according to the same principles as other personal information collected by the Foundation through other means. It is always the individual’s choice to provide information in certain fields although failure to complete certain sections may inhibit the indiviuals ability to fully access all areas of the web site. The Foundations web site also collects non-identifiable information about users such as the users IP address, the sections of the web site visited and the information downloaded. The Foundation may use this non-identifiable information and disclose it to service providers, for system administration purposes and to improve the web site.
  1. Consent
    1. The Foundation will use the personal information for the uses specified above in section 2 and in Sections 3b and 5a below. By consenting to provide information to the Foundation, individuals are deemed to consent to the information for the purposes of listed in Section 2 of this Privacy Policy and to disclosure of the information to other associated organizations and third parties for the same purpose.
    2. In addition to using personal information for the above charitable purposes, the Foundation may from time to time wish to use donor name, address and contact information for the purposes of providing promotional opportunities, including by providing the information to other third parties who the Foundation believes provide services or goods that may be of interest to you. The Foundation and any such third parties may contact you to with promotions or to provide further information and communications updates. The Foundation will provide an opportunity for the member to consent to these opportunities during the Foundation’s ongoing activities. If you consent but later wish to opt out of this use of information later, you may do so by contacting us as described at Section 3d below.
    3. The Foundation does not request, collect or have access to medical records, medical history or medical forms of individuals collected by the Fort St. John Hospital and Peace Villa Facility.
    4. If at any time you wish to withdraw your consent to the use of your information for any purposes, you may do so by contacting the Privacy Officer for the Fort St. John Hospital Foundation. We will do our best to accommodate your request in a timely fashion without diminishing the services we provide to you. We will explain to you the impact of your withdrawal on any services we provide to you.
    5. The Foundation may collect personal information without consent where reasonable to do so and where permitted by law.
  1. Limiting Collection
    1. All information shall be collected fairly and lawfully within the criteria as set forth in our Privacy Policy.
    2. The Foundation shall not indiscriminately collect information. The amount and type of information we collect shall be limited to that which is required to fulfill our identified purposes.
    3. The Foundation will not use any form of deception in gaining personal information from its members.
  1. Limiting Use, Disclosure and Retention
    1. Subject to applicable legislation, the Foundation shall limit use of personal information it collects to purposes that we have disclosed in Sections 2 (Identifying Purposes) and 3b, Consent.
    2. The Foundation shall maintain documents for certain periods of time dependant upon necessity. More specifically:
  • The Foundation will normally keep paper records for a three-year period. Electronic records are kept indefinitely.
  • The Foundation may from time to time enlist the services of third party vendors in order to provide programs, technical and support services. Prior to enlisting the services of these firms we will contractually commit them to treat your personal information consistent with the Privacy Policy of the Fort St. John Hospital Foundation.
  • The Foundation may at some point be involved in the merger, transfer or reorganization of its activities. We may disclose personal information to the other party in such a transaction. The Foundation will ensure that we contractually obligate the other party to treat this information in a manner consistent with our Privacy Policy.
  • The Foundation may disclose your personal information to a government authority that has asserted its lawful authority to obtain the information or where the association has reasonable grounds to believe the information could be useful in the investigation of an unlawful activity, or to comply with a subpoena or warrant or an order made by the court, person, or body with jurisdiction to compel the production of the information or otherwise as permitted by applicable law.
  • The Foundation may at its discretion release personal information for the purposes of collecting debts which may be owed to the Foundation.
  1. Certain documents may be subject to legislated retention periods either federally or provincially and these will be respected at all times by the Fort St. John Hospital Foundation.
  3. Accuracy
    1. The Foundation shall strive to ensure to the extent it can that the information entrusted to us is maintained in an accurate manner. We shall try to maintain the interests of the individual and attempt to ensure that decisions are not made for or about an individual based on personal information that is flawed.
    2. The Foundation may from time-to-time update information to ensure accuracy.
  1. Safeguards
    1. Security safeguards have been implemented to ensure your personal information is protected from theft as well as unauthorized access, disclosure, copying, use or modification thereof.
    2. The level of safeguards employed shall be directly related to the level of sensitivity of the personal information collected. The more sensitive the information, the higher the level of security employed.
    3. Methods of protection and safeguards to be employed shall include but are not limited to, locked files, offices and storage areas, security clearances and need to know access as well as technological measures such as passwords and encryption.
  1. Openess
    1. The Foundation publicly discloses the methods by which we handle your personal information. This information is readily available through our Privacy Policy, on our web site or upon request by contacting the Foundation Privacy Officer.
    2. The information available includes:
  • The name address and phone number of the Foundation Privacy Officer.
  • The forms (attached) which you may use to access your information or change your information.
  • A description of the type of personal information held by the Foundation and our general uses thereof (as described in Section 2 and section 3b above).
  1. Individual Access
    1. Subject to applicable legislation, upon request by the individual concerned, the Foundation shall disclose whether or not it actually holds personal information on an individual. We shall disclose the source of this information (if known) when requested and provide an account of third parties to whom the information may have been disclosed.
    2. The Foundation may request sufficient information to confirm your identity before releasing your personal information to you.
    3. Subject to applicable legislation, the Foundation shall endeavour to provide this information within 30 days of receipt of the information requested and only charge nominal fees for the purpose of off-setting its expenses incurred in supplying the requested information. This information shall be provided in an understandable format.
    4. Any inaccurate information that is brought to our attention shall be corrected by the Foundation as quickly as possible and any pertinent third parties shall be appraised of the corrections in due course.
  1. Challenging Compliance
    1. The Foundation has in place procedures for the resolution of grievances in the administration of its Privacy Policy.
    2. Upon receipt of a complaint the Foundation shall make available the complaint procedures which will be simple and easy to access.
    3. The Foundation shall investigate all complaints. If the complaint is deemed justified the Foundation shall take the appropriate steps to ensure that compliance is achieved and will make changes to its policies to allow for compliance in the future.
    4. All complaints shall be addressed to the Foundation Privacy Officer

Policy Approved:         October 19, 2010

Policy Revised:            March 8, 2014

Policy Last Reviewed: March 8, 2014