Privacy Compliance (HIPAA, PIPEDA, PIPA)

My Personal Health Record® has been developed has been developed with security in mind. We are always monitoring our security protocols, policies and procedures to ensure that any data captured and stored by our clients is safe and secure. We strive to be compliant with the British Columbia Personal Information Protection Act (PIPA) and the Canadian Personal Information Protection and Electronic Documents Act (PIPEDA) which cover the use and care of personal information. This would include any identifying features and/or data captured by the user that could identify the individual and that could be transmitted via My Personal Health Record® to a third party connection. The onus for the protection of an individual’s data is carried by the subscriber and we encourage all of our users to ensure that any data captured and transmitted using the My Personal Health Record Platform is appropriate and with the permission of the subject.

In addition to our Canadian compliance, we are working towards compliance with the Health Insurance Portability and Accountability Act (HIPAA) 1996 which covers the capture, transmission and storage of personal and identifiable patient data in the US. We have stringent procedures and policies in place that restrict access to various elements of the Verified® product, from the end user to y Personal Health Record®‘s own team. Further, we have comprehensive procedures in place to manage data security, storage, and transmission.

If you have questions about y Personal Health Record® and compliance with PIPA, PIPEDA or HIPAA, please contact our Security Officer at security@ehra.ca.