Compliance
PIPEDA
Canadian privacy practices for clinic operations.
PIPEDA sets the federal private-sector privacy framework in Canada. VitaScribe aligns its product and operating practices with the fair information principles behind the law.
Fair information principles
The foundation of our privacy program.
01
Accountability
02
Identifying purposes
03
Consent
04
Limiting collection
05
Limiting use and retention
06
Accuracy
07
Safeguards
08
Openness
09
Individual access
10
Challenging compliance
Privacy by design
Privacy requirements are considered during product design, not added only after a workflow is built.
Transparency
Public policies describe what data is collected, why it is used, who processes it, and how to contact the privacy team.
Request handling
Access, correction, deletion, and complaint requests are routed to a privacy process with defined ownership.
Implementation measures
- Minimum necessary data collection for documentation workflows
- Retention and deletion procedures for account and clinical data
- Administrative access limited by role and operational need
- Security monitoring, audit logs, and incident response procedures