This privacy policy governs your use of the software application bant (“Application”) for mobile devices that was created by the Centre for Global eHealth Innovation and the University Health Network (UHN). bant is a smartphone app designed to facilitate the self-management of diabetes through self-monitoring and behaviour change driven approaches. It is not intended to replace your current care, but to supplement it with additional support.
Our Commitment to Privacy
This Privacy Policy gives you information on how bant collects, manages, and protects your data, including any Personal Health Information, which you share within the Application. It further describes which specific data may be shared with others, as well as what data will not be shared, and how you are able to control and manage this sharing.
When you choose to create an account bant, you will need to agree to this Privacy Policy. By agreeing to the Privacy Policy, you are providing consent for your Personal Health Information to be stored and used by bant as presented below.
What information does the application collect and how is it used?
User-Provided Information
When you register and use the Application, you generally provide your name, email address, password and other registration information. This information is used to provide you with access to the services the Application provides. We may also use your contact information to share important information about the app and updates.
As you use the Application, you may also access, provide, or modify patient personal health information. This information is collected and used to support the self-management of diabetes. The Application collects and stores information including blood glucose, weight, meals, and insulin readings. It is stored on a secure bant server only if you create an account and provide consent. If you are enrolled in the study features of the application, additional exercise data collected for the study will only be shared with the study team under a separate consent process required for study participation. If you are enrolled to a bant program with a participating clinic, the information will be shared with your healthcare team.
If you provide permission in the Application, data from Google Fit or Apple Health App are displayed, but not stored in the Application or server. For Google Fit, the data include physical activity (steps). The use of information received from Google Fit APIs will adhere to the Google Fit Developer and User Data Policy, including the Limited Use requirements. For Apple Health App, the data include blood glucose, weight, meals (carbohydrates), insulin readings, and physical activity (steps).
You may also provide us with information when you contact us for technical help with the application. This information is used to provide you with support.
Automatically collected information
bant collects certain information from you automatically, which is limited to analytics around the Application features you use. This automatically collected data will only be used by the administrative team within UHN responsible for maintaining the Application, and for hosting the data submitted to the Application. It may also include third party agents of UHN, acting solely on UHN’s behalf (“UHN Administrative Team”) and will only be used for system administration purposes, with access to such data limited to diagnosing problems with servers (such as software bugs), if any; to monitor traffic patterns; to determine which services are used most frequently; to assess site usage and to help to improve the usability of bant.
By creating an account with bant you are agreeing to the automatic collection of the data listed above, solely for use by the Administrative Team.
Does the Application collect precise real time location information of the device?
This Application does not collect precise information about the location of your device.
Data Transfer
If you are using the Application and its services from outside Canada, please be aware that you are sending information (including Personal Data) to Canada where our servers are located. Data protection laws vary among countries, with some providing more protection than others. Regardless of your country of residence, the collection, storage, and use of your data will at all times continue to be governed by this Privacy Policy. Ontario and Canadian laws apply.
Do third parties see and/or have access to information obtained by the Application?
Only aggregated, anonymized data is periodically transmitted to external services to help us improve the Application and our service. We will share your information with third parties only in the ways that are described in this privacy statement.
We may disclose User Provided and Automatically Collected Information:
- As required by law, such as to comply with a subpoena, applicable law, regulation, legal process or enforceable governmental request;
- With our trusted services providers who work on our behalf, do not have an independent use of the information we disclose to them, and have agreed to adhere to the rules set forth in this privacy statement and the Personal Health Information Protection Act, 2004 and any subsequent amendments.
Use of your Information in Research Studies
Only users who have consented to participate in the research study will have their information shared with their research study team. This is conducted separately under the consent process required for study participation. These users are required to enter a unique code to enable study-specific features of the bant application. If a user has not consented to participate in the research study, no information will be shared with the research study team.
Use of your Information by your Health Care Team
The information you enter into this app will not be provided to your healthcare team and is not part of your medical record. If you are enrolled to a bant program with a participating clinic, the information will be shared with your healthcare team.
What are my rights?
You can always review and update your information by visiting the Application. You can stop all collection of information by the Application easily by logging out of the Application. If you want a copy of your information or want to correct, restrict, or remove your information, you can contact the bant team.
Data Retention Policy, Managing Your Information
We will retain User-Provided data for as long as you use the Application. For the purposes of the research study, your data and any patients will be stored for 10 years as per the Records Retention and Destruction Policy at the various research institutions.
How We Keep Your Data Secure
bant has implemented security measures intended to protect your PHI both online and offline, including measures intended to restrict unauthorized persons from accessing PHI. Encryption technologies are used when transferring and receiving data provided through bant. We also have security measures in place at our physical facilities to protect against the loss, misuse, or alteration of PHI stored in bant. We also have restricted access to the servers to the Application team, and have the ability to audit who accesses your data and when. Although we have implemented various measures to protect your information, bant does not and cannot guarantee the absolute security of any information.
Theft, Loss or Unauthorized Access of your Information
Modifications and Updates to the Privacy Policy
This Privacy Policy may be updated from time to time for any reason. We will notify you of any changes to our Privacy Policy by posting the new Privacy Policy here and informing you via the application. You are advised to consult this Privacy Policy regularly for any changes, as continued use is deemed approval of all changes.
Applicable Law
Contact us
For information, questions, or complaints, please write to:
Centre for Global eHealth Innovation
Toronto General Hospital
University Health Network
200 Elizabeth Street
Toronto, ON M5G 2C4
Telephone: 416-340-4800 x 4765
Email: feedback@bantapp.com
For more detailed information about who sees your information and about your choices, contact the Privacy Office.
University Health Network Privacy Office:
Telephone: 416-340-4800 ext. 6937
Email: privacy@uhn.ca
Website: UHN Privacy Office
Complaints
If you have complaints about UHN’s compliance with this privacy policy or PHIPA, please contact the institution’s Privacy Offices at the above contact information. Further questions and concerns can be directed to the following Offices:
Office of the Information and Privacy Commissioner of Ontario
2 Bloor Street East
Suite 1400
Toronto, ON,
M4W 1A8
Phone: 1 800 387 0073
Website: www.ipc.on.ca
bant is built by eHealth Innovation @ UHN www.ehealthinnovation.org
200 Elizabeth Street, 4th Floor, Toronto, Ontario M5G 2C4
©2019-2021 bant. All rights reserved
bant is built by eHealth Innovation @ UHN www.ehealthinnovation.org 200 Elizabeth Street, 4th Floor, Toronto, Ontario M5G 2C4
©2019-2021 bant. All rights reserved