Privacy Policy

Guiding Principle

The Foundation is committed to protecting the privacy of the personal information of its constituents (employees, donors and other stakeholders). The Foundation has taken the necessary actions to ensure that information in any format (paper or electronic) is protected so that the relationship of trust between the constituent and the Foundation is upheld. The Foundation recognizes, and adheres to, the Corporate Privacy Policy.

The Foundation Privacy Policy serves to outline the rules for the collection, use, disclosure and retention of personal information. The Policy is based on ten (10) internationally recognized privacy principles.
  1. Accountability for Personal Information.
  2. Identifying Purposes for the Collection of Personal Information.
  3. Obtaining Consent for the Collection, Use or Disclosure of Personal Information.
  4. Limiting Collection of Personal Information.
  5. Limiting Use, Disclosure, and Retention of Personal Information.
  6. Ensuring Accuracy of Personal Information.
  7. Ensuring Safeguards for Personal Information.
  8. Openness Concerning Policies and Practices.
  9. Access to Personal Information.
  10. Challenging Compliance.
1. Accountability for Personal Information.
The Foundation has a Privacy Officer who is accountable for the Foundation's overall compliance with its Privacy Policy and acts as the primary contact person on information privacy and security matters. The Privacy Officer reports directly to the President of The Foundation and can be reached at: 450-431-8484

The Privacy Officer has established a cross-departmental Privacy Committee that meets on an ongoing basis to discuss privacy issues as they occur. The Privacy Officer will conduct privacy audits and privacy training on a regular basis to ensure that practices conform to the Foundation's Privacy Policy. A Privacy Impact Assessment is required for the creation of new personal information systems and for significant changes to existing information systems at the Foundation to identify potential risks for privacy.

2. Identifying Purposes for the Collection of Personal Information.
When the Foundation collects personal information directly from its constituents, the Foundation will identify the purposes for which personal information is collected at or before the time of collection. These purposes include: donor recruitment, that which is necessary for the administration of a donor's interests and compliance with legal and regulatory requirements.

3. Obtaining Consent for the Collection, Use or Disclosure of Personal Information.
The knowledge and consent of a person is required for the direct collection, use or disclosure of personal information except where required by law.

4. Limiting Collection of Personal Information.
The Foundation will limit the collection of personal information to that which is necessary for the purposes identified. Information will be collected by fair and lawful means. The Foundation does not collect any personal health information, other than that which is volunteered directly by the constituent.

5. Limiting Use, Disclosure, and Retention of Personal Information.
Personal information will not be used or disclosed for purposes other than those for which it was collected, except with the consent of the person or as required by law. Personal information will be retained only as long as necessary for the fulfillment of those purposes. The Foundation does not trade, rent or sell any personal information to third parties. The Foundation's web page contains online forms that allow visitors to make a donation. The personal and credit card information provided on these forms is used only to process these donations. Online donations to the Foundation are processed through a third party. The security and privacy policies of this third party are available by clicking on the “Security and Privacy Policy” icon on the online donation form.

6. Ensuring Accuracy of Personal Information.
The Foundation ensures personal information is accurate, complete and as up-to-date as necessary for the purposes for which it is to be used. To change or modify any personal information previously provided to the Foundation, write to the Privacy Officer at: Saint-Jerome Hospital Foundation, 290, de Montigny, Saint-Jerome, QC J7Z 5T3 

7
.Ensure Safeguards for Personal Information.
Personal information is protected with security safeguards appropriate to the sensitivity of the information. All Foundation employees and directors must sign a Confidentiality Agreement. In addition, all independent contractors or vendors, that have a working relationship with the Foundation's proprietary database, must sign a Confidentiality Agreement.

8. Openness Concerning Policies and Practices.
A print version of the Foundation's Privacy Policy can be requested from the Privacy Officer, 450-431-8484, or by email at fondation@cdjs.org

9. Access to Personal Information.
Upon request, a person will be informed of the existence, use, and disclosure of personal information of the person and shall be given access to that information. A person can challenge the accuracy and completeness of the information and have it amended as appropriate.

10. Challenging Compliance.
A challenge concerning compliance with the above principles should be made to the Privacy Officer at:  450-431-8484