Privacy Policy

The College of Family Physicians of Canada Policy Statement

The College of Family Physicians of Canada (CFPC) is committed to protecting the privacy of our members and non-members and the security of their personal information under our control. As part of that commitment, we have implemented this privacy policy.

The federal Parliament has passed the Personal Information Protection and Electronic Documents Act (PIPEDA), which sets out 10 privacy principles that apply to all Canadian organizations engaged in commercial activities.

This policy describes how the CFPC collects, uses, and discloses personal information. In some provinces, separate provincial privacy legislation imposes obligations on not-for-profit organizations like the provincial chapters.  Each provincial chapter is required to develop its own policy to meet the standards of applicable provincial law.

The CFPC reviews this policy annually, at a minimum, to ensure that it is relevant and remains current with changing laws and regulations. This policy is current as of September 2012.

Definitions and Privacy Principles

  1. “Personal information” includes all information about an identifiable individual, but does not include the name, title, business address, or business telephone number of an employee of an organization.
  3. “Commercial activity” means any particular transaction, act, or conduct or any regular course of conduct that is of a commercial character, including the selling, bartering, or leasing of donor, membership, or other fundraising lists.
  5. In our effort to protect the privacy of our members and non-members, we observe the following 10 privacy principles:
  8. Accountability: An organization is responsible for personal information under its control and shall designate an individual or individuals who are accountable for the organization's compliance with the following principles.
  10. Identifying Purposes: The purposes for which personal information is collected shall be identified by the organization at or before the time the information is collected.
  12. Consent: The knowledge and consent of the individual are required for the collection, use, or disclosure of personal information, except where inappropriate.
  14. Limiting Collection: The collection of personal information shall be limited to that which is necessary for the purposes identified by the organization. Information shall be collected by fair and lawful means.
  16. Limiting Use, Disclosure, and Retention: Personal information shall not be used or disclosed for purposes other than those for which it was collected, except with the consent of the individual or as required by law. Personal information shall be retained only as long as necessary for the fulfillment of those purposes.
  18. Accuracy: Personal information shall be as accurate, complete, and up-to-date as is necessary for the purposes for which it is to be used.
  20. Safeguards: Personal information shall be protected by security safeguards appropriate to the sensitivity of the information.
  22. Openness: An organization shall make readily available to individuals specific information about its policies and practices relating to the management of personal information.
  24. Individual Access: Upon request, an individual shall be informed of the existence, use, and disclosure of his or her personal information and shall be given access to that information. An individual shall be able to challenge the accuracy and completeness of the information and have it amended as appropriate.
  26. Challenging Compliance: An individual shall be able to address a challenge concerning compliance with the above principles to the designated individual or individuals accountable for the organization's compliance.

Privacy Policy

The CFPC collects, uses, and discloses personal information in accordance with current privacy legislation and this policy. The CFPC’s Privacy Officer is accountable for compliance with this policy.

The CFPC staff is educated and reminded about this policy and the appropriate management of personal information.

Identifying Purposes
The CFPC identifies the purposes for which personal information is collected from members and non-members at or before the time of collection.

The CFPC ensures that members and non-members understand the reasons for collection and use of their personal information.

If the CFPC wishes to use personal information that it has collected for a purpose not previously identified, the CFPC identifies the new purpose and obtains the consent of members or non-members to use their information for that purpose, prior to use, unless the law requires the new purpose.

The CFPC collects personal information to communicate with members and non-members about matters of interest to family physicians, and for the following purposes:
  • Membership applications
  • Membership maintenance and updates
  • MAINPRO® maintenance and updates
  • Certification Examinations in Family Medicine
  • Examinations of Special Competence in Emergency Medicine
  • CFPC library services 
  • Canadian Family Physician journal distribution
  • Family Medicine Forum registrations
  • Self Learning® program and other courses provided by the CFPC
  • National Physician Survey
  • Scientific research projects that are conducted or facilitated  by the CFPC
  • Payment of annual dues
  • Donations to the Research and Education Foundation of the College of Family Physicians of Canada
  • Recipients of Honours and Awards
  • Website visits (see website below)

The CFPC obtains consent from members and non-members for the collection, use, or disclosure of their personal information. Either written or oral consent is obtained for collecting, using, and disclosing personal information. Implied consent is permitted for the ongoing use of personal information, consistent with the purposes for which it was collected.

The CFPC advises members and non-members that they may withdraw their consent to the use of their personal information at any time by notifying the CFPC’s Privacy Officer, subject to legal or contractual restrictions and reasonable notice. The CFPC informs members and non-members of the implications of such withdrawal.

Members and non-members may instruct the CFPC not to disclose their names, addresses, and other personal information to other organizations for the identified purposes.

Limiting Collection
The CFPC collects only as much personal information as is required to provide its services to members and non-members.

Limiting Use, Disclosure, and Retention
The CFPC does not use or disclose personal information for purposes other than those for which it was collected, except with the consent of a member or non-member or as required by law.

Special Uses and Disclosures of Personal Information

Examination Data Processing
The College provides family medicine program directors with a copy of the summary of the examination results that have been sent to each of their residents taking the examination. If, for any reason, a resident does not wish this summary of his or her results to be released to the program director, he or she must indicate this in writing to the College prior to 30 days after the writing of the examination.

The granting of the special designation CCFP (Certification from the College of Family Physician of Canada) to one of our members is public information, which is available through our College or through the provincial and territorial licensing/registration authorities.

Canadian Family Physician
Canadian Family Physician (CFP) uses the name, title, business name, mailing address, telephone and fax numbers, email address, professional qualifications, and demographics in order to:

  • Send the magazine to an individual.
  • Fulfill circulation audit requirements.
  • Renew/re-qualify an individual as a subscriber.
  • Help direct editorial content to satisfy readers’ needs.
  • Ensure advertisers they are reaching their targeted audience.
  • Determine whether an individual qualifies for a complimentary subscription to CFP.

A mailing list is submitted to the CFP mailing house to:

  • Correspond with physicians by mail.
  • Maintain an accurate database for distribution of CFP.

Correspondence may include the Canadian Medical Directory physician order forms and questionnaires used to update the database. The mailing house used is Scotts info Medical Lists. For information on its privacy policy, please visit

The Canadian Library of Family Medicine
CFPC Library Services may use personal information collected from members and non-members to respond to requests.

Payment Data
Credit card information collected by the CFPC is submitted in encrypted format to the CFPC Credit Card Merchant only for payment approval and processing. The Credit Card Merchant for online processing is Chase Paymentech. All other credit card payments are processed through Scotiabank. For information on the privacy policy of Chase Paymentech, please see Electronic credit card information is stored by the CFPC on a secured network and is accessible by only a limited number of the CFPC employees who possess special access rights for its use.


Other Uses

For Members
The CFPC shares information about its members with provincial licensing bodies, its provincial chapters, the Research and Education Foundation of the CFPC, and other health-care related organizations as approved by the CFPC’s Board of Directors (e.g., CMA, CAPER, MCC).

For Non-member MAINPRO® Participants
The CFPC shares information about its non-member participants in the CFPC's CME/CPD Mainpro program with provincial licensing bodies.

The CFPC may send mailings to its members on behalf of insurers, credit companies, and other third parties who deal with us on behalf of our members.

Aggregate data may be shared with sponsors, potential sponsors, and other parties to help them understand the CFPC members and their interests.


Website Use

The CFPC website uses cookies that identify return visitors. A cookie is a piece of data that a website can send to the browsers of visitors’ computers and that may then be stored on the hard drives of their computers. When visitors return to the CFPC website, information can be tailored more readily to suit individual visitors’ preferences. The goal is to improve efficiency and effectiveness and to measure website activity. Browser software allows the disabling of cookie collection if users wish or may inform users when a cookie is being stored on a user’s hard drive.

The operating system for the CFPC website ( may automatically record some general information about visitors such as:

  • The internal domain for visitors' Internet service provider and the IP address of the computer accessing the website.
  • The type of browser visitors are using.
  • The type of operating system visitors are using.
  • The date and time of the visit to the website.
  • The Web pages that visitors viewed on the website.
  • The previous website accessed by visitors (if linked to another site).

Use of Website Information
The CFPC website uses cookies (e.g., the Self Learning program) to allow members to return to the session that was last accessed. The program also keeps track of what questions were answered, the responses to questions, and which volumes they subscribe to. The CFPC uses website information for statistical analysis, to tailor the CFPC website to its visitors.

When Exiting the CFPC Website
The CFPC website contains links to other sites. Once visitors link to another site, they are subject to the privacy policy of the new site. The CFPC encourages its visitors to read the privacy policies of all websites visited, especially if personal information is shared.

The CFPC retains personal information only as long as necessary for the fulfillment of the identified purposes. The CFPC destroys, erases, or makes anonymous personal information that is no longer required to fulfill the identified purposes.

Examination information collected and retained in hard copy format is kept in a secured place for a maximum of two years. Payment information collected and retained in hard copy format is kept in a secured place for a period of seven years.

The CFPC creates and maintains personal information records using the most accurate information available to it. The CFPC updates personal information as required.

The CFPC takes reasonable measures to ensure that personal information is kept safe from loss or theft, unauthorized access, use, copying, disclosure, or modification. A higher level of protection is used to safeguard more sensitive information. The measures the CFPC takes to ensure the security of personal information include:

  • Regular audits of our procedures and measures to ensure that they are properly administered and that they remain effective and appropriate.
  • Internal password and security policies.
  • Deployment of technological safeguards like security software, encryption, and firewalls to prevent hacking or unauthorized computer access.
  • Undertakings by all staff to comply with our policy.
  • Fireproof and locked file cabinets.
  • Restriction of staff access to files on a “need to know” basis.
  • Physical security of our premises.

If the CFPC transfers personal information to a third party for processing, the CFPC uses contractual or other means to ensure that the third party affords an appropriate level of protection to such information during its processing.
The CFPC disposes of personal information with care to prevent unauthorized parties from gaining access to the information.

This policy is available to members and non-members whose personal information is collected by the CFPC. This policy can be obtained by visiting the CFPC website ( or contacting the CFPC’s Privacy Officer.

The CFPC will, upon request, give members and non-members information about the existence, use, and disclosure of their personal information, and access to that information.

Members whose personal information has been collected by the CFPC may access their own information in the “Member Profile” of the “Members Only” area on the CFPC website.   

Members and non-members may challenge the accuracy and completeness of their personal information and notify the CFPC’s Membership Department if any changes are required.

Challenging Compliance
The CFPC complies with applicable privacy legislation related to the management of personal information. Any questions or complaints about the CFPC’s management of this information should be directed to the CFPC’s Privacy Officer:

Theresa E. Maguire-Garber
Associate Executive Director/Chief Operating Officer and Director, Corporate Affairs
Privacy Officer
The College of Family Physicians of Canada and the Research and Education Foundation
2630 Skymark Avenue
Mississauga, Ontario L4W 5A4
(905) 629-0900, select 1 + ext. 266