1. SUMMARY
This policy establishes the acceptable use requirements for Ontario Health products and services, as well as the technology infrastructure used by Ontario Health to provide such products and services. Ontario Health may revise this policy from time-to-time in its sole discretion, and any revisions will be posted at www.ehealthontario.on.ca. Notice of any revision will be given to you in accordance with the agreement pursuant to which Ontario Health provides products or services to you.
2. SCOPE AND APPLICATION
This policy applies to all users. Any person who accesses or uses the technology infrastructure or uses a product or service provided by Ontario Health is a “user”. A “person” includes any individual, person, estate, trust, firm, partnership or corporation, government or any agency or ministry of any government, and includes any successor to any of the foregoing. Where the word “including” is used it means including but not limited to.
3. ACCOUNTABILITY
Each client organization is responsible for:
a) Any access or use of the products, services or technology infrastructure of Ontario Health made by any user who is an individual and who obtained his or her passwords, secure tokens, digital certificates and any other identifiers (“credentials”) to access the technology infrastructure and any product or service provided by Ontario Health from that client organisation or at the direction of that client organization;
b) Reviewing all active accounts and enrollments with access to the products, services or technology infrastructure of Ontario Health at least annually; and
c) Maintaining (update/suspend/revoke/reinstate) users’ access in alignment with current circumstances, e.g. revoking access when it is no longer required or authorized.
4 ACCEPTABLE USE
Users are permitted to use the products, services and technology infrastructure of Ontario Health solely for health care-related business activities.
5 Inappropriate and Unacceptable Uses
Users must not use the products, services or technology infrastructure of Ontario Health in any manner that constitutes an inappropriate or unacceptable use, including:
a) The creation, collection, transmission, storage or exchange of any material in violation of applicable laws;
b) Defaming other persons (e.g. spreading false allegations or rumours about others);
c) Accessing, using, collecting, destroying, encrypting, altering or disposing of information in violation of any applicable laws;
d) Making, possessing or distributing computer programs that are designed to assist in obtaining access to computer systems in violation of applicable laws;
e) Promoting hatred against any identifiable group or individual by communicating such statements in violation of applicable laws;
f) Harassing other persons electronically (e.g. making threats to a person’s safety or property);
g) Possessing, viewing, downloading, transmitting, or storing any pornography or any involvement whatsoever with the traffic of such material;
h) Using another user’s password, secure token, digital certificates, or any other identifier to engage in any activity in violation of applicable laws;
i) Breaching copyright, trade secret, or other intellectual property rights (e.g., breaching software licences, pirating recorded music or movies or stealing trade secrets);
j) Wilfully bypassing or subverting the physical, logical or procedural safeguards of Ontario Health, such as firewalls, web-filtering software or other access controls;
k) Vandalism, which is defined as any malicious attempt to harm or destroy the information of another user, the Internet or other networks;
l) Harassment, including persistent non-work related contact with another user when such contact is unwelcome or creating a poisoned work environment by accessing, displaying, storing, downloading or transmitting any content which is offensive;
m) The sending of unwanted email or unsolicited commercial or advertising material to any other person;
n) Deliberate unauthorised access to information, facilities or services accessible through the Ontario Health infrastructure;
o) Unauthorised use, collection, disposal, destruction, encryption, alteration or disclosure of any personal information, business trade secrets, or sensitive information provided by or obtained from Ontario Health;
p) Sending anonymous messages or impersonating any other person;
q) Selling, sharing or otherwise redistributing Ontario Health products or services without written authorization from Ontario Health;
r) Electronic gambling over the Internet; and
s) Any other activity that may expose Ontario Health to civil liability.
6 SECURITY
6.1 Each user must ensure that any credentials used by the user to directly or indirectly gain access to the products, services or technology infrastructure are safeguarded.
6.2 Each user must immediately notify their client organisation help desk or system administrator if they suspect or know that any credentials have been or may be breached or compromised.
6.3 Client organisations that suspect or know any credentials have been or may be breached or compromised must notify Ontario Health.
7 Acceptable Use
7.1 Users and client organisations must report all breaches of this policy of which they are aware to Ontario Health. Each user must do so through the help desk from which they receive technical support, and client organisations must contact Ontario Health directly.
7.2 Ontario Health reserves the right to investigate suspected breaches of this policy, and all users and client organisations will cooperate when asked to assist in any such investigation.
7.3 Ontario Health may, in its sole discretion, suspend or revoke a user’s access to the products, services, or technology infrastructure of Ontario Health should such user breach this policy.
7.4 Client organisations will cooperate with Ontario Health on the management of breaches of this policy. This responsibility includes, but is not limited to, assisting with the development and distribution of communications regarding breaches or incidents.
7.5 Breaches of this policy may result in criminal prosecution or civil liability.
7.6 Although Ontario Health is not obligated to monitor content and assumes no responsibility for any information or material that is transmitted by users of the products, services, technology infrastructure of Ontario Health or the Internet, Ontario Health reserves the right, subject to all applicable laws relating to the protection of personal information, to investigate content posted to or transmitted over the technology infrastructure of Ontario Health and may block access to, refuse to post, or remove any information or material that it deems to be in breach of this policy.
7.7 Ontario Health may report breaches of this policy committed by a user to the client organisation responsible for that user’s actions.
7.8 Ontario health assumes no liability for enforcing or not enforcing this policy, and any failure by Ontario Health to enforce any part of this policy shall not constitute waiver by Ontario Health of any right to do so at any time.
7.9 If any provision of this policy is found to be invalid or unenforceable, then that provision will be enforced to the extent permissible, and all other provisions will remain in full force and effect.