Frequently Asked Questions

Below are answers to frequently asked questions about our Privacy Policy. To review our Privacy Policy, click here.

The Encompas Care Management Team needs to collect some information about you in order to develop an individualized plan of care that supports your specific mental health and wellness needs and goals. This information may include the following:

  • Name
  • Date of birth
  • Employee number (e.g., WIN or Client ID); verification of Encompas eligibility
  • Contact information (e.g., address, telephone number, email address, etc.)
  • Emergency contact (e.g., name, relationship, contact information)
  • Extended health benefit coverage information (e.g., Canada Life)
  • Other benefit coverage information (e.g., LTIP coverage, WSIB coverage, etc.)
  • If off work due to a STSP, WSIB or LTIP claim, length of time off work
  • Therapist preferences (e.g., gender, competencies, location, etc.)
  • Nature of challenges

Your mental health professional will typically need to have access to some of the same information that your Encompas Care Manager has, including the following:

  • Name
  • Date of birth
  • WIN number or Client ID number; verification of Encompas eligibility
  • Contact information (e.g., address, telephone number, email address, etc.)
  • Emergency contact (e.g., name, relationship, contact information)
  • Extended health benefit coverage information (e.g., Canada Life)
  • Other benefit coverage information (e.g., LTIP coverage, WSIB coverage, etc.)
  • If off work due to a STSP, WSIB or LTIP claim, length of time off work
  • Therapist preferences (e.g., gender, competencies, location, etc.)
  • Nature of challenges

This is either confirmed or collected during an initial appointment or telephone call between the mental health services provider and client.

The mental health services provider is obligated by their regulatory college to ensure a record is made of each session. These records may include the date and time of each session, parties present, summaries of the content discussed during the session, and planning for future sessions.

Additional information about the storage and security of your information is contained in the Encompas Privacy Policy, located here: www.encompascare.ca/privacy-policy. In summary:

  • As an Encompas client, your information is stored electronically. Your Care Management record is maintained on a confidential IT platform that is hosted on a secured server, located in a Tier 4 facility that resides in Ontario, Canada. Only the Encompas Care Management Team, the Program Manager, and select administrative staff members have access to this record.
  • You have the right to ask your clinician how they store their data and health records. For instance, should you proceed with clinical services through Dalton Associates (as opposed to an external clinician or organization), your clinical information is maintained on a platform (Intranet) that is hosted on a secured server, located in a Tier 4 facility in Ontario, Canada. This is not connected or affiliated with the Care Management platform. An RSA-key, dual-step authentication process is required to access this electronic health record system, and only the clinician supporting the Encompas client and select administrative staff members will have access to the client’s file.
  • As an Encompas client, your name and a summary of your Care Management Plan of Care is inputted into the Encompas Portal. When you enrol into the Encompas program, your Encompas Care Manager will provide you with a unique username and password to access the Encompas Portal. The Portal contains an internal (Care Manager-facing) and external (client-facing) interface. The Portal contains limited information about you and your plan of care, and is only available after logging in with your unique username and password. Only basic details about you or your plan of care will be available to you on your Portal. This Portal is stored on a secure server, located in a Tier 4 facility located in Ontario, Canada. This is not a shared server and the organization is SOC-certified. Only your Encompas Care Manager, the Program Manager, and select administrative staff members have access to the internal interface for your record. Only you have access to the external interface for your record. Please note that if you share your password with others, they may be able to access your record and the details contained therein.

Additionally, as an Encompas client you have access to the Encompas Self-Assessment Platform (Greenspace) for you to engage in self-assessment of your progress through mental healthcare services, towards wellness. Only you, the Program Manager, the Encompas Care Management Team, and (if applicable) your therapist, has access to this record.

You have the right to a copy of the information collected and stored as part of the Encompas program, barring a few rare expectations.

Your right to confidentiality is respected at all times. None of your information is shared with the association (OPPA) or the employer (OPP), except as part of an anonymized, aggregate report for usage statistics. None of your information will be communicated, directly or indirectly, to any other third party without your informed and written consent, except when mandatory reporting legislation requires, by law, that Encompas Care Managers or your therapist must:

  • Inform a potential victim of violence of a client’s intention to harm them;
  • Inform an appropriate family member, health care professional, or emergency services if necessary, of a client’s intention to end his or her life;
  • Provide a copy of a record when there is a court order, warrant or subpoena to do so;
  • Inform the Children’s Aid Society (CAS) / Family and Children’s Services (FACS) if there is suspicion of a child being at risk of, or in need of, protection due to neglect, or physical, sexual (inclusive of child pornography), or emotional abuse;
  • Report a health professional who has sexually abused a client;
  • Report elder abuse in long term care facilities; and,
  • Share a client’s identifying information to relevant authorities (i.e., public health), if required, with respect to infectious disease control requirements for contact tracing procedures (i.e., should you, your therapist, or another client who receives services at the therapist’s office test positive for an infectious disease).
Encompas uses OnCall Health, a PHIPA-compliant encrypted videoconferencing platform for mental health services (e.g., counselling, assessments, etc.) offered from a distance, which may be required due to inclement weather preventing travel to/from a scheduled appointment, when physical distancing protocols are in place, and/or when physical limitations prevent travel. Consent to Service forms may be shared between clinician and client through this platform, but nothing is stored on OnCall Health.

When documents need to be transmitted externally, email transmission will only be used where the document is sent as a password-encrypted PDF document or if the document is completely anonymized/de-identified.

Transmission by mail is only permitted through registered mail or courier, with signature required by the recipient upon delivery.

We keep your personal information for the duration of your involvement with Encompas, and for a period of 10 years following your last contact with us, or 10 years from the day you turn 18, whichever is later. This is required by our regulatory college. Destruction of paper files and electronic information is performed in accordance with PHIPA guidelines.

A “privacy breach” occurs where information is stolen or lost or is collected, used or disclosed without authority.

If a privacy breach occurs, the Encompas program has privacy breach protocols that are specifically designed to effectively and efficiently contain, manage, report on, and remediate the breach situation. Additional information about Encompas’ privacy breach protocols is contained in the Encompas Privacy Policy, located here: www.encompascare.ca/privacy-policy.

In summary, in the event of a breach, we will take immediate steps to contain the breach, and will notify you at the first reasonable opportunity after we become aware of a breach of your confidential information. We will investigate the cause of the breach and the nature of the information that was breached, and will, if necessary, modify our policies and procedures to address any changes that should be made.

In the event of a breach of your personal information, you have the right to file a complaint with the Information Privacy Commissioner of Ontario (IPC), by visiting their website: www.ipc.on.ca, or contacting them via telephone at: 1-800-387-0073.