What personal information is being collected on the Immunity Passport?
The following explicit data set will be used in the Immunity Passport Application:
1.1 Personal Identifiable Information (PII) consists of Name; Date of Birth; Province, email, phone, payment information and address.
1.2 Personal Health Information (PHI) related to your COVID-19 immunity includes details of your vaccination and your antibodies test results.
Who will access my personal information?
You must provide consent to use the app personally or to use a sharepoint or to allow EHC/IHG access to the Immunity Passport application.
2.1 You as an individual you are able to access your information (PII & PHI).
2.2 The clinical teams at EHC/IHG and at the testing laboratory.
Will my information be disclosed to any third parties?
EHC/IHG will not disclose, trade or otherwise transfer any personal information, without prior consent, except as otherwise outlined in providing the services (described below) under the Immunity Passport.
In the course of providing laboratory services, we use PHI internally and disclose it to health care providers (health care professionals requesting services, laboratory personnel involved in ordering services), insurers, payors, third party service providers and their respective agents. EHC/IHG may use aggregated non-identifiable information to provide better services or for statistical/research purposes.
What will my information be used for?
Data collected will be used explicitly for the following purposes:
4.1 To store an electronic record of your vaccinations and antibody test results for COVID-19. By taking a test and returning the samples, you give consent to make these results available to whom you choose to show in the Immunity App.
4.2 To provide you with EHC/IHG’s health services, billing and accounting, research and statistical analysis and to meet legal and mandatory requirements.
How is my information kept secure?
Your account information is protected by the password you use to access your online account. We offer customers strong encryption of your content. The application will be housed within AWS facilities in Canada and your data is encrypted in the COVID-19 Immunity Passport database, as well as when it is being retrieved (data in transit). A full threat risk assessment has been conducted by an independent party on the technology security (posted on the web page) and can be requested.
Who is responsible for the accuracy of my data, and can I correct it?
As an individual, in providing consent you will be responsible for providing and updating your personal information. You are solely responsible for all data that you transmit or that relates to any activity you have undertaken using the application.
Who can I contact about compliance with the applicable Privacy laws?
Chief Privacy Officer – Dr Elaine Chin – Innovation Health Group; 4120 Yonge St. #306
Toronto, Ontario, Canada, M2P2B8