Email Policy

Email Policy

See below for information about Email Spam Messages

We are now able to offer the use of email for appointment reminders. In addition, physicians may choose to communicate with patients via email if appropriate. Patients must consent to the use of email. Read to the bottom of this page to submit your consent. If you intend to receive our emails, please remember to update your contacts and add our email ( to your safe list, and/or to check your junk/spam folder.Our office staff and physicians use reasonable means to protect the security and confidentiality of email information sent and received. However, because of the risks identified below, we cannot guarantee the security and confidentiality of email communication. Please read below.

We are rolling out over 2015 a secure portal for continued digital communication in addition to e-booking. Look for your email to register. Please note that messaging thru this portal is preferable and more secure than email communication, once available. Please choose to use the Health Myself Portal for any personal health information.

Health Myself Patient Portal Login


Email should never be used for emergency problems. In the event of an emergency, call 911 or go to the nearest Hospital Emergency Room.

Email should never be used for urgent problems. In these cases, the patient should call our office at 905-889-3634 or go to an Emergency Room.

Email should be concise. If the patient has a problem that is too complex or sensitive to discuss via email, the patient should make an appointment by calling our office at 905-889-3634.

Some, but not all, of the risks with email are listed here:

  • Email can be immediately broadcast worldwide and received by many intended and unintended recipients;
  • Email senders can easily misaddress an email;
  • Email is easier to falsify than handwritten or signed documents;
  • Backup copies of email may exist even after the sender or recipient has deleted his or her copy;
  • Employers and on-line services have a right to archive and inspect emails transmitted through their systems;
  • Email can be intercepted, altered, forwarded, or used without authorization or detection;
  • Email can be used to introduce system computer viruses; and
  • Email can be used as evidence in court.

Consent to the use of email includes agreement with the following conditions:


  • The patient shall not use email for medical emergencies, urgent problems or other time sensitive matters.
  • If the patient’s email requires or invites a response from the staff or physicians, and the patient has not received a response within a reasonable time period, it is the patient’s responsibility to follow up to determine whether the intended recipient received the email and when the recipient will respond.
  • All emails to or from the patient concerning diagnosis or treatment will be imported into and made part of the patient’s electronic medical record. Because they are part of the medical record, other individuals authorized to access the medical record, such as secretarial staff, nurses and billing personnel, will have access to those emails.
  • Medical staff may forward emails internally to members of the Physician’s staff if necessary for diagnosis, treatment, reimbursement, and other handling. Staff will not, however, forward emails to independent third parties without the patient’s prior written consent, except as authorized or required by law.
  • The patient should not use email for communication regarding sensitive medical information, such as information regarding sexually transmitted diseases, AIDS/HIV, mental health, developmental disability, or substance abuse.
  • The patient is responsible for informing Provider of any types of information the patient does not want to be sent by email, in addition to those set out above.

To communicate by email, the patient shall:
a. Limit or avoid use of his/her employer’s computer.
b. Inform Provider of changes in his/her email address.
c. Confirm that he/she has received and read the email from the office staff or physician.
d. Put the patient’s name in the body of the e-mali, including a phone number at which the patient can be reached.
e. Include the category of the communication in the email’s subject line, for routing purposes (e.g. billing question).
f. Review the email to make sure it is clear and that all relevant information if provided before sending to Provider.
g. Take precautions to preserve the confidentiality of email, such as using screen savers and safeguarding his/her computer password.
h. Withdraw consent by email or written communication to Provider.

The patient understands that he/she may also communicate with the physician via telephone or during a scheduled appointment and that email is not a substitute for the care that may be provided during an office visit. Appointments should be made to discuss any new issues as well as any sensitive medical information.

The types of information that can be communicated via email with the physician include patient referral information and appointment reminders, health card number clarification and patient information, and may include communication of results. If you are not sure if the issue you wish to discuss should be included in an email, you should call the Provider’s office to schedule an appointment.

As stated above, communicating via email does come with privacy risk as stated above. While the office staff and physicians cannot guarantee total confidentiality, they will use reasonable safeguards to protect your health care information as required by law. The security measures taken by the staff and physicians include password protected screen savers, policies and procedures, and staff training requirements.

I agree to indemnify and hold harmless the Physician, his/her medical practice, employees, website designer, from and against all losses, expenses, damages and costs, including reasonable attorney’s fees, relating to or arising from any information loss due to technical failure, my use of the internet to communicate with the office or the use of practice web-site, any arrangements you make based on information obtained at the Site, any products or services obtained through the Site, and any breach by me of these restrictions and conditions. The Provider does not warrant that the functions contained in any materials provided will be uninterrupted or error-free, that defects will be corrected, or that the Provider’s website or server that makes such site available is free of viruses or other harmful components.

The Provider shall have the right to immediately terminate the email relationship with you if he/she determines, in his/her sole discretion, that you have violated the terms and conditions set forth above or otherwise breached this agreement, or have engaged in conduct which the Provider determines, in his/her sole discretion, to be unacceptable. The email relationship between the Provider and the patient will terminate in the event the Provider, in his/her sole discretion, no longer wishes to utilize the email to communicate with all of his/her patients.

I have discussed with the Provider or his/her representative and I acknowledge that I have read and fully understand this consent form. I understand the risks associated with the communication of email between the Provider and me, and consent to the conditions herein. In addition, I agree to the instructions outlined herein, as well as any other instructions that Provider may impose to communicate with patients by email. Any questions I may have had were answered.

Recent Email Spams from “Thornhill Medical Centre” October 2015
Some patients have received unsolicited emails, claiming to be from our office, Thornhill Medical Centre.

The subject of the email was: “From: THORNHILL MEDICAL CENTRE”; the body of the email contained a link to a website; and it was signed “THORNHILL MEDICAL CENTRE, sent from Yahoo Mail for iPhone”. The email sender address was neither of our office emails ( ; These messages were copied to email addresses that had been provided to our office by patients who had agreed and consented to email communications with our office.

Unfortunately, what happened here is a common risk of email communication. Please feel free to review our website’s “Email Policy” above. We would strongly recommend that you provide private personal information only through our Health Myself Portal, by phone or in person.

We have taken immediate internal steps to look into how this could have happened. We have now restricted our email access to just one email address, ( in addition to other measures, and we are continuing to use secure electronic messaging through the Health Myself Portal. We do greatly appreciate that some of you alerted us about these emails so we could promptly track down the source and analyze the scope of the problem.

All the physicians at Thornhill Medical Centre would like to sincerely express their apologies if you were affected by this mishap. We are deeply committed to protecting your personal information, and will continue to monitor our privacy and security protocols to avoid such occurrences as much as possible in the future.

Thank you for your patience and understanding.


If you have not received your invitation to join our Health Myself Portal for secure messaging, please call us. Thank you.