Privacy Policy

COOVA Health Inc. | Website and Services

Effective date: [June 2026]

1. Overview and scope

This Privacy Policy explains how COOVA Health Inc. (“COOVA”, “we”, “us”, or “our”) collects, uses, discloses, stores, and protects personal information when you interact with:

  • our website at https://coovahealth.ca and any related web forms or online resources (the “Website”);
  • our private case management, care coordination, health-system navigation, advocacy support, referral support, home and community-based services, virtual services, telephone support, electronic communications, and related administrative services (the “Services”);
  • our Jane App portal and other systems used for intake, scheduling, secure forms, telehealth, billing, payment processing, communications, and records; and
  • any programs, workshops, resources, professional collaborations, assessments, or events that COOVA may offer from time to time.

This Privacy Policy is intended to describe our privacy practices in plain language. It should be read together with any intake materials, informed consent terms, service agreement, Release of Information form, home or community visit requirements, and other client-facing materials that apply if you receive Services from COOVA.

In this Privacy Policy, “Client” means the person receiving Services. Where a parent, guardian, representative, substitute decision-maker, family member, caregiver, payor, referring professional, or other authorized person interacts with COOVA in relation to a Client, this Privacy Policy also applies to personal information collected, used, or disclosed in that context.

2. Applicable law

COOVA is based in British Columbia and provides Services in British Columbia unless COOVA expressly agrees otherwise in writing. In general, COOVA handles personal information in accordance with the Personal Information Protection Act (British Columbia) (“PIPA”).

Depending on the circumstances, professional standards, health-profession legislation, child protection legislation, public health requirements, court orders, insurer or funder requirements, or other laws may also apply. Where Services are provided by regulated professionals, those professionals are also responsible for complying with their own professional standards, codes of ethics, recordkeeping requirements, confidentiality duties, and scope-of-practice obligations.

3. Consent

By using the Website, contacting COOVA, completing intake forms, using Jane App, or engaging with the Services, you consent to the collection, use, disclosure, retention, and protection of personal information as described in this Privacy Policy, subject to applicable law.

You may withdraw or vary consent at any time, subject to legal, contractual, professional, safety, insurance, and recordkeeping restrictions and reasonable notice. If consent is withdrawn or limited, COOVA may not be able to provide some or all of the Services, coordinate care, communicate with others involved in the Client’s support, process billing or reimbursement, or continue Services safely or appropriately.

If you complete forms or communicate with COOVA for or with a Client, COOVA may ask you to confirm your relationship to the Client and whether you have the Client’s consent or other lawful authority to assist, provide information, receive information, or make decisions. COOVA may request supporting documentation where appropriate.

4. What personal information we collect

COOVA collects only the personal information that is reasonably necessary for the purposes described in this Privacy Policy or otherwise permitted by law. Because COOVA provides case management and coordinated care support, some information may be sensitive and may relate not only to the Client, but also to caregivers, family members, service providers, insurers, funders, emergency contacts, and other people involved in the Client’s care or support network

4.1. Website, general inquiries, and pre-intake

If you contact COOVA through the Website, by email, by phone, through Jane App, or through another inquiry channel, we may collect information such as:

  • name, preferred name, contact details, and preferred contact method;
  • whether you are contacting COOVA for yourself, for a family member, for a client or patient, or in another capacity;
  • general information about the situation, requested Services, referral source, urgency, location in British Columbia, insurance or funding context, and availability;
  • information you choose to include in free-text fields, emails, voicemails, uploads, or attachments;
  • resume, occupation, professional registration number, and related career inquiry information if you submit a career or contractor inquiry through the Website; and
  • communications, notes, and follow-up information created during pre-intake or inquiry handling.

4.2. Information collected automatically on the Website

When you visit the Website, COOVA or its service providers may collect certain information automatically, such as:

  • IP address and general location derived from IP address, such as city or region;
  • device and browser information, such as device type, operating system, browser type, and language settings;
  • Website usage data, such as pages viewed, links clicked, date and time of access, and referral URLs; and
  • cookies and similar technologies.

4.3. Services, intake, and ongoing case management

When you register for, inquire about, or receive Services, COOVA may collect information such as:

  • Client identification and demographic information, including legal name, preferred name, pronouns, date of birth, gender, sex, Personal Health Number, address, email address, telephone number, and preferred contact method;
  • information about the person completing or assisting with intake, including relationship to the Client, role, consent, authority, and supporting documentation if applicable;
  • guardian, representative, substitute decision-maker, caregiver, support person, emergency contact, family doctor, referring professional, care provider, insurer, funder, and other stakeholder information;
  • health, mental health, developmental, psychosocial, functional, safety, medication, hospitalization, diagnosis, family history, sleep, eating, substance use, suicide risk, self-harm, violence risk, and wellbeing information relevant to Services;
  • family structure, household, caregiver, relationship, employment, housing, food security, cultural, language, religious, spiritual, Indigenous identity, accessibility, accommodation, and social-context information relevant to whole-person care planning;
  • information about current professionals, community supports, schools, insurers, funders, employers, legal or social service providers, government agencies, and other organizations involved in the Client’s support network;
  • goals, priorities, strengths, needs, preferences, fears, barriers, risks, and other information relevant to assessment, planning, coordination, advocacy, referrals, and ongoing case management;
  • physical location at the time of virtual Services, telephone number for disconnection follow-up, emergency contact details, and other safety-planning information;
  • home and community visit safety information, including information about pets, weapons, environmental hazards, infectious illness, household occupants, recording devices, access issues, parking, remote location issues, or other circumstances relevant to privacy, safety, and worker protection;
  • administrative, scheduling, attendance, cancellation, no-show, billing, insurance, direct-billing, funding, receipt, payment status, and payment method information;
  • communications with COOVA, including Jane App messages, emails, text messages, telephone calls, voicemails, secure forms, referral communications, and provider communications;
  • Client Records created or received in the course of providing Services, including intake records, consent records, Release of Information forms, case notes, care plans, coordination notes, referral notes, provider correspondence, appointment support notes, progress summaries, reports, discharge materials, incident reports, and other clinical or administrative documentation; and
  • other information that is reasonably necessary to provide, administer, document, coordinate, evaluate, secure, or improve the Services.

4.4. Information about stakeholders and third parties

COOVA’s case management model often requires communication with, or information about, people other than the Client. This may include family members, caregivers, emergency contacts, substitute decision-makers, health professionals, schools, community agencies, social service providers, insurers, funders, employers, lawyers, legal teams, government agencies, and other stakeholders. COOVA will limit collection, use, and disclosure of third-party information to what is reasonably necessary for the identified purpose and will handle that information in accordance with this Privacy Policy.

4.5. Sensitive information

Some personal information is sensitive depending on context, including health information, mental health information, information about suicide risk or safety concerns, substance use, medications, diagnoses, family conflict, disability, Indigenous identity or status information, gender identity, sexual orientation, religious or spiritual information, immigration or newcomer status, financial or housing insecurity, legal-system involvement, and information about children or vulnerable persons. COOVA limits collection to what is reasonably necessary, applies safeguards appropriate to the sensitivity of the information, and relies on consent or other lawful authority as required.

4.6. How we use personal information

COOVA’s Services are built around coordinated, interdisciplinary case management. COOVA employees, contractors, case managers, clinicians, health professionals, administrative staff, directors, officers, agents, advisors, and service providers involved in providing or supporting Services (collectively, “COOVA Providers”) may access, use, discuss, and document Client information with one another where reasonably necessary for authorized COOVA purposes.

Internal collaboration for these purposes is a core part of COOVA’s service model. COOVA uses confidentiality obligations, role-based access, system controls, and operational expectations to prevent unauthorized browsing or personal use of information while allowing reasonable interdisciplinary collaboration for Services.

COOVA Providers use personal information for reasonable purposes, including:

  • to respond to inquiries, assess suitability for Services, and support pre-intake, intake, onboarding, and referral triage;
  • to verify identity, contact information, location in British Columbia, emergency contacts, authority to act for or assist a Client, and other information relevant to safe service delivery;
  • to provide, administer, document, coordinate, and evaluate Services, including case management, care coordination, care planning, health-system navigation, advocacy support, appointment support, referral support, home or community visits, virtual services, telephone support, electronic communications, and discharge planning;
  • to develop, maintain, monitor, and adjust care plans, service plans, referral plans, safety plans, and follow-up steps;
  • to support interdisciplinary collaboration among COOVA Providers and, where appropriate, external providers and stakeholders involved in the Client’s care or support;
  • to communicate with Clients, authorized contacts, caregivers, family members, professionals, schools, community agencies, insurers, funders, third-party payors, and other persons or organizations reasonably involved in Services;
  • to make, support, track, and follow up on referrals and recommendations;
  • to schedule appointments, send reminders, manage cancellations and no-shows, process payments, provide receipts, support direct billing or reimbursement, and administer COOVA’s operations;
  • to manage home and community visit safety, worker safety, privacy, infection prevention, service suitability, environmental risk, and incident response;
  • to maintain Client Records and administrative records and meet professional, legal, regulatory, insurance, tax, and business obligations;
  • to respond to access requests, correction requests, complaints, privacy concerns, legal process, insurer inquiries, regulatory matters, and professional obligations;
  • to operate, maintain, secure, audit, and improve COOVA’s Website, systems, Services, workflows, quality assurance, supervision, training, and business operations;
  • to manage contractor, employee, advisor, and service-provider relationships;
  • to establish, exercise, or defend legal claims, manage risk, and protect the safety, rights, property, and operations of COOVA, Clients, COOVA Providers, and others; and
  • for other purposes permitted or required by applicable law.

5. When we disclose personal information

COOVA does not sell personal information. COOVA discloses personal information only as described below and as permitted or required by law.

5.1. Service providers, platforms, and business support

COOVA uses service providers to operate the Website and deliver and administer the Services. In particular, COOVA uses Jane App and related Jane App features or integrated services for scheduling, appointment reminders, secure forms, intake, telehealth, billing, payment processing, records, and related administrative functions. COOVA may also use Google Workspace for email, documents, internal collaboration, and business administration.

Other service-provider categories may include website hosting and content management, information technology support, cybersecurity support, payment processing, bookkeeping, accounting, legal, insurance, professional advisory, communications, telephony, forms, analytics, document management, and administrative support providers. Service providers are authorized to use personal information only as necessary to provide services to COOVA and are expected to protect it through contractual, technical, administrative, and other safeguards appropriate to the circumstances.

5.2. External care coordination, referrals, and stakeholders

COOVA may disclose personal information externally where reasonably necessary to provide or administer Services, support referrals, coordinate care, address safety concerns, communicate with authorized contacts, manage billing or reimbursement, for other purposes at your direction, or meet legal or professional obligations. Depending on the Client’s circumstances and consent, external recipients may include:

  • family physicians, nurse practitioners, psychiatrists, psychologists, counsellors, social workers, occupational therapists, nurses, dietitians, behaviour analysts, medical specialists, hospitals, clinics, pharmacies, and other health professionals;
  • community service providers, housing programs, disability supports, employment supports, schools, educational institutions, social service providers, home health agencies, mental health and substance use programs, and other support organizations;
  • family members, caregivers, guardians, representatives, substitute decision-makers, support persons, emergency contacts, and other persons authorized or reasonably involved in the Client’s support;
  • insurers, funders, claims administrators, employers, Employee Assistance Programs, legal teams, benefit administrators, and other third-party payors where reasonably necessary for billing, reimbursement, eligibility, authorization, audit, or payment purposes; and
  • government agencies, public authorities, regulators, emergency services, child protection authorities, and others where permitted or required by law.

Where COOVA is asked to release records, reports, assessments, progress notes, care plans, detailed summaries, or other substantive Client Records to an external person or organization, COOVA will generally use its Release of Information process unless disclosure is otherwise permitted or required by law.

5.3. Other disclosures without consent

COOVA may collect, use, or disclose personal information without consent where permitted or required by law or professional obligations, including:

  • if there is a risk of serious or imminent harm to the Client or another person and disclosure is necessary to reduce or prevent that harm;
  • to contact emergency services, crisis services, an emergency contact, a primary care provider, another relevant provider, a child protection authority, or another appropriate person or organization where reasonably necessary for safety;
  • where COOVA has a mandatory reporting obligation, including child protection concerns;
  • to comply with a subpoena, court order, warrant, production order, statutory demand, regulatory requirement, or other lawful process;
  • to comply with professional, regulatory, public health, workplace safety, insurance, tax, audit, or legal obligations;
  • to investigate, prevent, or respond to fraud, abuse, misconduct, unauthorized recording, security incidents, privacy incidents, non-payment, chargebacks, or misuse of COOVA systems or Services;
  • to collect debts, process chargebacks, or manage billing disputes, subject to applicable law;
  • to establish, exercise, or defend legal claims; and
  • where otherwise authorized by law.

5.4. Business transactions

COOVA may disclose personal information to buyers, potential buyers, lenders, investors, successors, affiliates, professional advisors, or other parties in connection with a proposed or completed business transaction, such as a financing, merger, reorganization, restructuring, sale, transfer, or similar transaction involving all or part of COOVA’s business or assets. COOVA will use appropriate confidentiality, minimum necessary, and legal safeguards where required.

6. Virtual services

A significant portion of COOVA’s Services may be delivered virtually or electronically. These formats support timely access and coordinated care but involve distinct risks, including technology interruptions, misdirected messages, shared-device risks, insecure networks, unauthorized viewing or overhearing, and residual privacy and security risks. COOVA may communicate with Clients and authorized contacts through Jane App, email, text, telephone, voicemail, secure messaging, videoconferencing, or other appropriate electronic means, using reasonable safeguards and the least sensitive appropriate channel. Electronic communications are not continuously monitored and must not be used for emergencies, urgent safety concerns, or crisis matters. COOVA uses Service Providers, including Jane App and Google Workspace, and Personal Information may be stored in Canada or processed or accessible outside Canada, where it may be subject to local laws and lawful access requests.

7. Retention and destruction

COOVA retains personal information only as long as necessary to fulfill the purposes described in this Privacy Policy, or as otherwise required or permitted by law, professional standards, insurance requirements, contractual obligations, tax and accounting requirements, legal holds, or legitimate business needs. When personal information is no longer required, COOVA will securely destroy, delete, anonymize, or otherwise dispose of it in a manner appropriate to its sensitivity and the medium in which it is stored.

Client Records may be retained for extended periods because they may be needed for continuity of care, professional obligations, insurance, regulatory matters, legal claims, complaints, access requests, and safety or risk-management purposes. COOVA’s internal records retention schedule provides more detailed operational guidance.

8. Safeguards

COOVA uses administrative, technical, and physical safeguards appropriate to the sensitivity of the information, including:

  • privacy policies, procedures, training, confidentiality obligations, and contractor or employee privacy requirements;
  • role-based access controls, authentication requirements, and access review where appropriate;
  • secure storage and transmission methods, including encryption where supported by approved systems;
  • use of designated systems of record and restrictions on shadow records, personal email, personal cloud storage, removable media, and unapproved applications;
  • password, multi-factor authentication, device security, remote work, and private workspace expectations;
  • requirements for virtual services, home and community visits, authorized recordings, and use of electronic communication channels;
  • service-provider due diligence and contractual or equivalent safeguards;
  • privacy incident and security incident reporting, containment, assessment, remediation, and documentation; and
  • secure destruction or deletion of records when they are no longer required.

No method of transmission over the internet or method of electronic storage is completely secure. COOVA cannot guarantee absolute security, but takes reasonable steps to protect personal information.

9. Cookies and similar technologies

The Website may use cookies and similar technologies to support core functions, remember preferences, understand Website usage, protect the Website, and improve Website performance. You can manage cookies through your browser settings. Disabling cookies may affect some Website features. COOVA may use third-party tools to help understand how the Website is used and to improve it. If such tools are used, they may collect information about your use of the Website, such as pages visited, approximate location, browser or device type, and interaction information. Where required by law, COOVA will obtain consent for non-essential cookies.

10. Children, youth, capacity, guardians, and representatives

The Website is not intended for children under 13, and COOVA does not knowingly collect their Personal Information through the Website without appropriate parent, guardian, or authorized-person involvement. If COOVA learns it has collected a child’s Personal Information inappropriately, it will delete or address it as soon as reasonably possible. COOVA may provide Services to youth and adults who need support with decision-making, communication, accessibility, or service coordination. Where consent, confidentiality, records access, or authority to act is complex, COOVA will assess the issue under applicable law and professional obligations and may request additional information or documentation before providing Services, accepting instructions, disclosing information, or granting records access.

11. Access, correction, and questions

Subject to applicable law, you may request access to or correct your Personal Information, ask privacy questions, or raise a privacy concern. COOVA may verify your identity and authority before responding. Access may be refused or limited where permitted or required by law, including where disclosure would affect another person’s privacy, confidential commercial information, safety, legal or regulatory matters, or another lawful exception.

To contact COOVA for privacy-related purposes, please use the contact information below:

Role / Contact – Details

Privacy Officer: David White, RCSW or Shawna Leighton, RCSW

Mailing Address: COOVA Health Inc., P.O. Box [confirm], RPO Highgate, Burnaby, BC V5E 4J6

12. Changes to this Privacy Policy

COOVA may update this Privacy Policy from time to time to maintain compliance with law and to reflect changes to COOVA’s Services, technology, service providers, business operations, or privacy practices. COOVA will update the effective date when changes are made. Where appropriate, COOVA may provide additional notice.

Start a career with coova health

Fill out this form and we will get in touch.

Add Your Heading Text Here

Lorem ipsum dolor sit amet, consectetur adipiscing elit. Ut elit tellus, luctus nec ullamcorper mattis, pulvinar dapibus leo.