is PIPEDA compliant

Canadian patient privacy regulations

Written by Dylan Kulesza
Updated over a week ago and PIPEDA Compliance

Canada’s comprehensive national private sector privacy legislation is known as PIPEDA (the Personal Information Protection and Electronics Documents Act of 2000). The goals of the Act are to create trust in electronic commerce transactions and to establish a level playing field, so the same rules apply to all businesses.

PIPEDA is similar to EU's GDPR which why Canada is one of the few countries that is deemed to have an “adequate” level of protection by EU Authorities. This means that EU data may be stored and processed in Canada without additional legal instruments. is compliant with PIPEDA as described below with full details and descriptions in the main Privacy Policy.

It should be noted that provinces may have their own privacy laws that take precedence if there is any conflicts.

PIPEDA has ten Fair Information Principles, listed below.

  • Accountability – We have a privacy officer and committee responsible for privacy issues. They make information about their privacy policies and procedures available at the Website.

  • Identifying purposes – We identify the reasons for collecting Your personal information before or at the time of collection.

  • Consent – We clearly inform You of the purposes for the collection, use or disclosure of personal information as stated in the main Privacy Policy.

  • Limiting collection – We limit the amount and type of the information gathered to what is necessary. For Providers, only a name and email address are required.

  • Limiting use, disclosure and retention – In general, we use or disclose Your personal information only for the purpose for which it was collected, unless You consent. We only keep Your personal information only as long as necessary.

  • Accuracy – We keep and allow You to keep your personal information as accurate, complete and up to date as necessary.

  • Safeguards – We protect Your personal information against loss or theft by using appropriate security safeguards.

  • Openness – Our privacy policies and practices are understandable and easily available on the Website.

  • Individual access – Generally speaking, citizens have a right to access the personal information that an organization holds about you. As a Provider, You always have access to your account and the information within the account.

  • Recourse (Challenging compliance) – Organizations must develop simple and easily accessible complaint procedures. When you contact an organization about a privacy concern, citizens should be informed about avenues of recourse.

If you have any other questions, please contact our support team.

Did this answer your question?