Yes, we are PHIPA and PIPEDA compliant on all of our plans.
Our current procedures and processes comply with PHIPA, of note we:
- Doxy.me does not store patient health information. Therefore servers that store patient health information in Canada are not needed.
- Doxy.me video calls are an encrypted peer-to-peer connection between the provider and patient, meaning data his exchanged through the internet directly between the two participants rather than passing through a server.
- Doxy.me meets HIPAA and GDPR requirements. As a result it will also comply with PHIPA. Check out this article for a comparison between HIPAA and PHIPA.
- Canadian providers do not need a BAA.
NOTE: If a provider is on a paid plan and chooses to utilize the File Transfer feature, any data transferred or requested will remain available for a maximum of 15 minutes during a call. This data is temporarily located within the US for the duration of the call before being permanently removed. This feature is optional and not required to conduct a video or audio call.
For any other PHIPA-specific questions regarding Doxy.me, contact our support team.