PLEASE READ THESE TERMS AND CONDITIONS BEFORE ACCESSING OUR SECURE WEBSITE OR ENGAGING IN ANY TELEHEALTH SESSIONS WITH A HEALTHCARE PROVIDER (“PROVIDER”)
Plain Language Overview
At The Live Network Inc. (“TLN”), we take privacy very seriously. Many of us who work here were concerned about privacy and ethical data usage long before it was in the news. To that end, this document and our associated privacy documents spell out how we collect and use data when you visit one of our Sites or use our Services The short version is that we use such data to provide the services that you are seeking, optimize the services that you are seeking, and let you know about other services that might be relevant to you. While our general public websites are fairly straightforward, our secure Telehealth Services portions are held to even higher standards with regard to security and privacy. TLN provides a platform for Healthcare Providers as defined in the User Consent (often called “health information custodians”, “custodians”, “trustees”, or healthcare professionals) and healthcare clients (often called “patients,” “clients,” or “users”) to meet and offer or receive counseling services that are provided electronically via the platform (“Telehealth Services”). In order to make that happen, TLN must collect, create, use, transmit and store data, including personal health information (PHI), which is defined to include all personal information that is considered personal health information/health information under applicable privacy laws and that is provided or generated via use of the Telehealth Services In particular, the Site and Software provide a platform that Healthcare Providers can use to collect PHI about you, store PHI about you, and to use and disclose the PHI collected and stored on the Site and Software. This data is accorded the highest forms of protection and TLN and other professionals using the platform are required to keep it safe, protected, and private. At TLN, we have legal, professional, and contractual obligations to protect your data. In the event a data breach were to occur, we or our Provider professional partners would typically be required to let you know.
WHEREAS, one or more Providers has retained The Live Network, Inc. (“TLN”, “Agent”) to provide certain services to be performed for or on their behalf which are described and set forth in one or more separate agreements for services between the Parties, order form(s), and/or statement(s) of work (collectively, “Service Agreement”) so that they can provide Telehealth Services through the Site and comply with applicable privacy laws;
WHEREAS, receiving Telehealth Services through the Site and Software which requires the collection, use, storage, and disclosure of your PHI by TLN and the Provider;
NOW THEREFORE, in consideration of these premises and the mutual promises and agreements set forth TLN describes its role and responsibilities with respect to the Telehealth Services and the collection, use, storage, and disclosure of PHI in the course of providing Telehealth Services:
RESPONSIBILITIES OF TLN
TLN has various duties and responsibilities related to the collection, use, storage, and disclosure of your PHI. An overview of most of the specific details of these responsibilities of TLN is given below:
1.1 Permitted Uses and Disclosures. TLN agrees to collect, use, store or disclose PHI only as necessary to enable you to receive and the Providers to provide Telehealth Services to you. TLN will not use or disclose PHI for purposes other than the provision of Telehealth Services and/or other than as permitted or required by this agreement, as required by law, or with your consent.
1.2 Safeguards. TLN agrees to implement and use appropriate administrative, physical, and technical safeguards to (a) prevent unauthorized use or disclosure of PHI; and (b) reasonably protect the confidentiality, integrity, and availability of the PHI that TLN collects, uses, creates, receives, maintains, or transmits on behalf of the Provider. Such safeguards include a written information security policy, a response plan for Security Incidents, periodic security awareness training, and confidentiality/nondisclosure agreements with employees, and those independent subcontractors and consultants with which TLN has delegated duties under this agreement. In particular, TLN subcontracts with IBM to provide services and Stripe to process payments for services. The services provided by IBM and the Security safeguards used by TLN are detailed in Schedule A.
1.3 Reporting a Breach. TLN agrees to promptly report to the Provider if there is any unauthorized access, use, disclosure, loss or theft of PHI of which it becomes aware and any Security Incident of which TLN becomes aware. The Provider will be responsible for informing you of any Breach or Security Incident involving your PHI.
1.4 Disclosure Accounting. TLN agrees to document such access or disclosures of PHI and information related to such access and disclosures as would be required for Provider to respond to your request for an accounting of access or disclosures of PHI. In addition, within twenty (20) days after receiving a written request from Provider, TLN will make available to the Provider the information necessary to make an accounting of access and disclosures of PHI.
1.5 Subcontractors. TLN will require its subcontractors to provide reasonable assurance, evidenced by written agreement, of compliance with the same privacy and security obligations, restrictions, and conditions with respect to PHI as applies to TLN through this agreement. TLN currently only subcontracts with IBM to provide services a set out in Schedule A and with Stripe to process payments for services.
1.6 Availability of Information. TLN agrees to provide access to Provider, within twenty (20) days after receiving a written request from Provider, to PHI about an Individual, sufficient to allow Provider to provide access to such Individual to his or her PHI, in compliance with the requirements of the applicable privacy law in the Provider’s jurisdiction.
1.7 Amendment of Information. Within twenty (20) days after a written request by Provider, TLN will make PHI available to Provider as reasonably required to fulfill Provider’s obligations to amend such PHI pursuant to applicable privacy law, and TLN, as directed by Provider, incorporate any amendments to PHI into copies of such PHI maintained by TLN.
1.8 Requests for your PHI – any request made to TLN with respect to your PHI will be promptly redirected to your Provider who will respond to your request.
1.9 Prohibited Communications. TLN will not knowingly make or cause to be made any communication about a product or service that is prohibited by applicable privacy laws.
1.10 Mitigation of Damages. TLN agrees to mitigate, to the extent practical, any harmful effect that is known to TLN of the use or disclosure of PHI by TLN in violation of the requirements of these Terms of Service.
PERMITTED USES AND DISCLOSURES OF PHI
As set out in the Consent, you agree that TLN may use and disclose PHI for the following purposes:
2.1 Make any and all uses and disclosures of PHI necessary to provide the Telehealth Services through the Site and Software or to carry out the legal responsibilities of TLN.
2.2 Use and disclose to subcontractors and agents the PHI in its possession for its proper management and administration of the provision of Telehealth Services.
RESPONSIBILITIES OF PROVIDERS
Providers function independently and discharge their own legal responsibilities to Users, and do not have any employee/employer relationship with TLN. The following describes some (but not all) of the responsibilities of a Provider:
3.1 Any and all Providers are obligated to comply with all of their individual obligations under the applicable laws in the province or territory where they are practicing including that they are qualified and licensed to offer the Telehealth services to you.
3.2 The Provider alone is acting in the capacity as a Healthcare Provider and is responsible for all of the functions associated with clinical and professional practice including without limitation: assessment, diagnosis, treatment, and discharge. TLN is neither an employer nor employee of any Provider nor a provider of health services itself. TLN is not engaged in the practice of medicine, psychology, or any other regulated profession, but rather serves as a service provider duly appointed by professionals seeking to engage in activities that are a part of their typical and proper duties. TLN does not exercise any managerial or other direct oversight over any of the Professionals/Providers and does not assume any responsibility for their actions (including omissions and commissions related to the practice of any profession).
3.3 Any requests for PHI should be directed to the Provider in question rather than TLN.
3.4 Relevant privacy practices and management of PHI not immediately maintained by TLN will be the responsibility of the Provider in question. TLN is neither responsible for such practices or maintenance or making any kind of warranty as to their fitness for any purposes.
RESPONSIBILITIES OF THE USER / CLIENT
Even the strongest encryption and technical safeguards cannot guarantee privacy if our platform is used poorly. As such, it is incumbent upon Users of the Site to also cultivate good privacy habits and engage in good privacy practices.
4.1 Encryption. TLN offers and requires encryption related to the transmission of data for the provision of Telehealth Services to you by Providers. If a Provider or Site User does not use the encryption available on the Site for the collection, use, disclosure or storage of PHI (for example by publicly posting PHI), Provider or Site User is fully responsible for any resulting liability caused by failing to encrypt information such as PHI. User acknowledges that such an action will constitute a material breach of these Terms and that the User or Provider will assume full liability for such a breach and hold TLN and its employees and officers harmless for any damages resulting from such a failure to encrypt.
4.2 Passwords. TLN requires the use of strong passwords related to the provision of Telehealth Services set forth in a Service Agreement and these Terms. The User agrees that they are responsible for maintaining the integrity of such passwords and must take reasonable measures to prevent them from being disclosed to third parties. Any actions taken by third parties given such a password by the User shall be as if the User had taken the action. In such a case, the User agrees to assume full liability and to hold TLN and its employees and officers harmless for any damages resulting from such a grant of access.
4.3 Privacy. TLN requires that the User maintain privacy with regard to PHI. User agrees that any remote access of the secure engagement or Telehealth Services portions of the Site or areas that have any PHI or can be reasonably expected to have PHI be done in a manner that does not compromise the privacy or the integrity of the PHI. This includes, but is not limited to: only engaging in Telehealth Services sessions or viewing such portions of the Site in a secure (non-public) environment, logging out of sessions when done, taking precautions against spyware and malware, only logging in from trusted devices and locations, avoidance of negligent privacy practices, resetting of passwords if there is any concern about them being compromised, the selection of strong passwords, and general discrete comportment. If you compromise privacy in ways beyond the control of TLN, TLN will not be held responsible for such disclosures or breaches. You agree to hold TLN and its employees and officers harmless for any damages caused by your breach of provisions contained herein or applicable law with regard to privacy.
BILLING, CHARGES, AND DISPUTES
At TLN, we try to promote good business practices in every aspect of our operations. Still, we may be constrained in some of our behaviours by existing agreements and the nature and scope of our operations. TLN is not a bank; we do not keep cash reserves on hand to handle financial transactions directly or to loan money for even short periods of time. While we will make reasonable efforts to assist in straightening out billing problems or disagreements that might arise from the use of the Site, we may be limited in the remedies available to us. This section outlines the basic billing procedures and practices of the Site.
5.1 Because of our use of a third party payment processing service (Stripe), we may be limited in our ability to immediately cancel or reverse a payment. If you have a billing problem and contact us within 24 hours of the charge, we may be able to effect a speedy resolution (though we are not specifically obligated to do so). If you have a billing issue with a Provider or the payment processor, you may have to take it up directly with them should you pursue an adjustment or other remedy after the first 24 hours. You can see a much more detailed description of Stripe’s policies and practices at: https://stripe.com/us/connect-account/legal
5.2 Fees charged by Providers are set and maintained by them. We do not have a direct employer/employee relationship with them in either direction. If you have a dispute with one or the Providers, you may need to take it up with them directly. The platform allows the Providers to charge a range or differing fees for differing services. Any given Provider may have payment policies and practices that are different from those of TLN. It is wise to contact them directly about any additional questions or concerns you might have about their distinctive business practices relating to payment.
CONSENT FOR SERVICES
At TLN, we strive to consistently provide quality Telehealth Services to Site Users, and Providers. By your use of the Site, you consent to the Services provided by TLN and you also acknowledge that any services not provided by TLN are the responsibility of those providing them not TLN, its directors, officers, or employees.
6.1 By your continued use of the Site, you consent to TLN receiving, storing, and using information (including PHI) either directly or on behalf of one or more Healthcare Providers.
6.2 By your use of any Service on the Site, you consent to that Service (including but not limited to Telehealth Services). TLN and Provider will obtain your specific consent to use of Telehealth Services utilizing a consent form to which you will be asked to give your agreement.
6.3 You may be asked to provide additional, specific, consent for services offered by Providers on the Site. Their requirements and your acceptance or refusal of them is a matter to be settled between yourself and the Provider in question. TLN does not specifically endorse their services, nor does TLN warrant that their services and consent procedures are necessarily in accordance with one another.
6.4 You are of course free to quit using the specific Services of TLN at any time. If you elect to continue or discontinue the services of a Provider, you may wish to consider such a course of action carefully and with the support of relevant and competent professional opinion. You acknowledge that any choices you make in this regard are of your own volition and are ultimately your own responsibility.
6.5 You may withdraw your consent by communicating in writing with TLN to email@example.com If you withdraw your consent you may not be able to receive further Services through the Site or Software. Your PHI will be securely transferred to your Provider so that they can comply with applicable privacy laws.
7.1 Interpretation and References. Any ambiguity in these Terms shall be resolved to maintain compliance with applicable privacy laws.
7.2 Governing Law. The these Terms shall be governed by and construed in accordance with the law of the Province of Ontario and the federal laws of Canada applicable in the Province of Ontario. Each Party irrevocably and unconditionally attorns to the exclusive jurisdiction of the Courts of the Province of Ontario.
7.3 No Third Party Beneficiaries. The Parties agree there are no intended third party beneficiaries under these Terms. Nothing express or implied in these Terms is intended to confer upon any person, other than the Parties and their respective successors or assigns, any rights, remedies, obligations, or liabilities whatsoever. This provision shall survive termination of the Terms.
7.4 Citizens of the EU. While TLN consistently strives to meet or exceed best practices in the areas of privacy, reliability, and ethical conduct, the site was not specifically designed for use in the European Union or its jurisdictions.
Telehealth Services and Personal Health Information
USER CONSENT TO RECEIVE TELEHEALTH SERVICES AND TO THE COLLECTION, USE, STORAGE AND DISCLOSURE OF PERSONAL HEALTH INFORMATION (PHI)
I the user hereby consent on today’s date in this agreement:
This consent is effective from the date of acceptance until such date as consent is withdrawn by the user.
The Live Network Inc. (“TLN”) provides a platform for Healthcare Providers as defined below (often called “health information custodians”, “custodians”, “trustees”, or “healthcare professionals”) and healthcare clients (often called “patients,” “clients,” or “users”) to meet and offer or receive counseling services that are provided electronically via the platform (“Telehealth Services”). The Site and Software allow you to select from a number of Healthcare Providers who offer Telehealth Services. In order to make that happen, TLN must collect, create, use, transmit and store data, including “Personal Health Information” (PHI), which is defined to include all personal information that is considered personal health information/health information under applicable privacy laws and that is provided or generated via use of the Telehealth Services. In particular, the Site and Software provide a platform that Healthcare Providers can use to collect PHI about you, store PHI about you, and to use and disclose the PHI collected and stored on the Site and Software. Such PHI may include your contact details and other information you choose to share with the Healthcare Provider, such as family or biographical information, and information exchanged during your counseling session including the information you share with your Healthcare Provider and their questions, feedback and responses. This data is accorded the highest forms of protection and TLN and other professionals using the platform are required to keep it safe, protected, and private. At TLN, we have legal, professional, and contractual obligations to protect your data. TLN is committed to the protection of your PHI.
You have selected a Healthcare Provider and wish to receive Telehealth Services from this Healthcare Provider through the Site and Software provided by TLN and you agree as follows:
You consent to receiving Telehealth Services from your chosen provider(s) (“Healthcare Provider”) through the Site and Software.
You consent to and authorize your Healthcare Provider and TLN to collect, use, store, and disclose your PHI as required for you to receive Telehealth Services through the Site and Software including the following:
- authorizing TLN to provide the Healthcare Provider with access to and the ability to download my PHI from the Site and Software;
- allowing TLN to use and disclose PHI solely on behalf of the Healthcare Provider chosen by you to deliver Telehealth Services;
- allowing TLN to use or disclose PHI to carry out the legal responsibilities of TLN and the Provider under applicable privacy laws;
- authorizing TLN to use and disclose to subcontractors and agents your PHI in TLN’s possession solely to manage and administer the provision of Telehealth Services to you and to carry out the legal responsibilities of TLN;
- authorizing TLN and your Healthcare Provider to retain your PHI, in the case of TLN for three months following the deactivation of your profile, and in the case of your Healthcare Provider, as required by law and in accordance with any privacy notices, policies or statements of privacy practices maintained by your Healthcare Provider.
- storing your PHI only on servers located in Canada;
- permitting TLN personnel located in the United States and Israel to have time-limited access to the PHI located on the servers in Canada to provide IT support limited access on an as needed basis;
You consent and agree to the terms and conditions set out in the Healthcare Client (“User”) Terms of Service;
You consent and agree that your Healthcare Provider will treat your PHI in accordance with this consent, and any additional privacy notices, policies or statements of privacy practices maintained by your Healthcare Provider, which you may request from your Healthcare Provider.
You acknowledge and understand that no electronic platform is 100% secure, and that there is always a risk that your PHI may be subject to unauthorized use or disclosure. You acknowledge and understand that there may be system outages or other disruptions in the provision of Telehealth Services that will result in a loss of access to your Healthcare Provider, and that you may no longer be able to access the services of a particular Healthcare Provider through Telehealth Services if the Healthcare Provider no longer has access to the Telehealth Services platform for any reason.
You understand that you can withdraw your consent to the further use of Telehealth Services at any time and also can withdraw your consent for the further collection, use and disclosure of your PHI by your chosen Healthcare Provider, subject to legal and contractual restrictions by writing to firstname.lastname@example.org. You understand that if you withdraw consent your Healthcare Provider may not be able to continue to provide you with Telehealth Services.
You agree that TLN may send discrete contact reminders via SMS or email to you on behalf of the Provider and that any information is substantially limited in that it only contains a prompt to log in to the system to read a pending message or to view a pending event or similar, substantially limited purpose and that such reminders contain no PHI or identifiers beyond the number or email given by you for such a purpose.
Effective as of March 1, 2020