Contact Us

Privacy

IQVIA Canada Information Governance Council and Best Practices

As part of its mandate, the Council holds frequent scheduled and ad hoc meetings to review, discuss, and provide targeted oversight on the implementation, optimization, and enforcement of our privacy-related policies and procedures in a number of key areas including, but not limited to: 

  • The appropriate collection and use of personal information in connection with our services and activities
  • Information security and data access controls, including physical, technological, and organizational elements 
  • Personal information retention, destruction, and anonymization
  • Receiving and responding to complaints or requests from regulators and data subjects
  • Cross border transfers of personal information
  • The outsourcing of any collection, storage, processing, or destruction of personal information, including procedures for the selection, vetting, and contracting of service providers 
  • Handling and recording of confirmed or suspected confidentiality incidents
  • Conducting privacy impact assessments
  • Collection and use of sensitive personal information including personal health information and biometrics

In addition, we employ a variety of specific best practices to help ensure that our approach to privacy and information governance remains best-in-class, such as:

  • Ensuring complete patient privacy by never collecting patient-identifiable information for the production of our data offerings.
  • Requiring each individual IQVIA Canada employee to sign a detailed confidentiality undertaking upon hiring, and to re-confirm their privacy commitments on an annual basis in writing, as a condition of employment. In turn, our employees are provided with regular trainings, and carefully developed resources and tools, to assist them in understanding and implementing their responsibilities with respect to the protection of personal information.
  • Requiring all clients to follow strict confidentiality requirements tailored to each of our data products, including contractual confidentiality provisions, codes of conduct, data policies, trainings, and/or confidentiality user guides.
  • Maintaining an open and transparent approach with regulators and other privacy stakeholders, including annual reporting on certain key datasets and related information handling practices.