Privacy Policy
Last updated on December 2, 2024
At Genki, we take the privacy and security of personal health information very seriously. This policy describes how Genki Technology, Inc. (“we”, “us”, “our”) collects, uses, stores, and discloses Personal Information (PI), Personal Health Information (PHI) and any related data in a private and secure manner on behalf of healthcare practitioners that use our platform. By “healthcare practitioner”, we are referring to health information custodians as outlined in PHIPA guidelines including Optometry Doctors, Opticians and staff within your eye care provider that may have access to your PI, PHI or related data.
Please read this policy carefully to make sure you understand our practices and are comfortable with them. For the purposes of this Privacy Policy, “you” and “your” means you as the users of the Services, whether you are a customer, patient, website visitor, or another individual whose information we have collected pursuant to this Privacy Policy.
Authority
Genki collects, uses, stores, and discloses your personal health information on behalf of your healthcare practitioner for the purposes of providing health services.
When your healthcare practitioner subscribes to Genki, they enter an agreement with Genki Technology, Inc. This permits them to share personal health information on Genki’s electronic medical record (EMR) and associated features (collectively, the “Services”) on the platform, so we can provide our services.
We comply with applicable standards and regulations for the handling of personal health information, including the Personal Information Protection and Electronic Documents Act (PIPEDA, Canada), Personal Health Information Protection Act (PHIPA, Ontario).
What do we do?
Genki Technology, Inc. is a technology company headquartered in Toronto, Ontario. We’ve developed a platform that consists of a secure, web-based software application for Optometry Doctors (ODs), Opticians and staff to manage their businesses more efficiently.
Your healthcare practitioner’s office uses the platform to automate time-consuming administrative and documentation tasks, which frees up ODs and staff to spend more time caring for you. Additionally, the platform makes it easier for you to access care, book appointments, communicate with the healthcare practitioners and staff, and complete tasks related to your care.
Genki enables your healthcare practitioner to contact you via text, email, or automated voice call and allows you to declare your preference for communication directly with their office.
What information do we collect?
For healthcare practitioners, we collect their contact and billing information as well as IT information relating to on-premises hardware, software or devices that are connected to or otherwise communicate with the Genki platform.
For patients, we collect registration information as well as diagnostic, treatment, and care information. We collect, use, store, and disclose the minimum amount of information required to provide our services, but your clinic ultimately decides which services to use and how they are configured.
Your healthcare provider may configure Genki to collect the following:
Information about you that is stored in your healthcare practitioner’s EMR, such as your name, date of birth, healthcare number, contact details, and appointment information.
Information related to your medical history including physical and / or mental health, as well as your concerns and questions related to your care.
Preferences, such as preferred language or contact method in order to personalize your experience.
Payment data; we may collect data necessary to keep a record of your payments if you make purchases or pay for services, such as your payment instrument number (e.g., last four digits of your credit card) but do not store or process payments through our system. Your healthcare practitioner is responsible for working with PCI compliant payment processors and vendors to manage payments directly with their business.
Information collected automatically: some information such as your Internet Protocol (IP) address and/or browser and device characteristics is collected automatically when you visit or use our services (e.g., online booking). This information does not reveal your specific identity (like your name or contact information) but may include device and usage information including operating system, language preferences, referring URLs, device name, country, location, information about how and when you use our services, and other technical information. This information is primarily needed to maintain the security and operation of our services, and for our internal analytics and reporting and is never disclosed or shared with third parties without your consent.
In rare cases, we may collect additional personal information, as needed, to verify your identity with your consent.
How do we use this information?
We process your personal information and personal health information for a variety of reasons, depending on how you interact with our Services, including:
To create and store patient profile, information and history.
To facilitate the provision of health services including appointment booking, prescription writing, optical dispensing, referral management, medical reports, exam charting, business and accounting management, etc.
To provide and maintain our Services to your healthcare practitioner, including data provisioning and analytics; we may de-identify and aggregate your information for improvement and development purposes in compliance with all applicable laws and regulations. We do not collect any additional information solely for improvement or development purposes.
To establish communication between you and your healthcare practitioner (which may include marketing communications on an opt-in / opt-out basis).
To monitor and prevent fraud and comply with the law.
We may also process your information for other purposes with your consent.
How long do we use and store your information?
We store your data for as long as your healthcare practitioner has an account to access our Services. In some cases, we may need to store your information longer to meet regulatory requirements.
How is your information stored?
Your information is securely encrypted during transmission and storage. Our application and databases are hosted on secure cloud infrastructure, which is monitored and tested. We also keep auditable logs of application and database access and activity.
In addition to these and other technical safeguards, we have put in place comprehensive administrative and physical safeguards to protect the privacy and security of your personal health information.
Despite these best efforts, the risk of security breaches cannot be eliminated, and we cannot guarantee a breach will never occur. Our intention is that this does not happen, which is why we have put comprehensive safeguards in place to prevent it from occurring.
If you have any concerns that your information is being inappropriately handled in any way, please contact us immediately.
Where is your information stored?
Your Personal Information and Personal Health Information is securely encrypted and stored on secure servers located within Canada.
Who will we share your information with?
We will never sell anyone’s data including Personal Information, Personal Healthy Information.
Data may be exchanged with third parties to facilitate communication or provision healthcare services through a private and secure connection if your healthcare practitioner has authorized it.
How can you access information relating to you?
You may contact your clinic or healthcare provider to access, change, or remove information relating to you at any time. Please note, you also have the right to withhold or withdraw consent to the collection, use or disclosure of personal health information or to expressly instruct your clinic or healthcare provider not to use or disclose your personal health information for health care purposes at any time.
How will we update this privacy policy?
Our privacy and security practices are continuously evolving along with our features and in order to take into account the latest standards and regulations, best practices, technologies, and trends.
When we make changes to our privacy policy we will update the date on this page. In the case of substantial updates, we will also notify your clinic or healthcare provider.
How to contact us?
If you have any questions or concerns about Genki’s Privacy Policy, please email us at privacy@hellogenki.io or write to:
Genki Technology, Inc.
Attn: Privacy Officer
613A Mount Pleasant Rd
Toronto, Ontario
M4S 2M5 Canada
Website: www.hellogenki.ca
Email: privacy@hellogenki.io