Privacy Policy

1. Introduction

OpsMed ("we", "us", or "our") is committed to protecting your privacy and personal information. This Privacy Policy describes how we collect, use, disclose, and protect information when you use our website (opsmed.ca) and our clinic automation services.

OpsMed operates as an agent under Ontario's Personal Health Information Protection Act, 2004 (PHIPA) when processing personal health information on behalf of health information custodians (physicians and clinics).

2. Information We Collect

Website Visitors

When you visit our website, we may collect standard web analytics data including pages visited, referral source, browser type, and approximate location. We use cookies only with your consent (see Section 7).

Contact Form Submissions

When you submit a contact form or sign up for our newsletter, we collect the information you provide: name, email address, phone number, clinic name, and message content.

Clinic Automation Services

When we provide clinic automation services, we process personal health information (PHI) exclusively under the direction and authority of the health information custodian (your physician), as defined by PHIPA s. 17. The specific types of PHI processed are defined in the PHIPA agent agreement signed with each clinic.

3. How We Use Your Information

We use the information we collect to: respond to your inquiries and requests, provide and improve our clinic automation services, communicate service updates (with your consent), comply with legal obligations under PHIPA and applicable law, and protect the security of our systems and your data.

4. Data Residency

All personal health information processed by OpsMed is stored exclusively in Azure Canada Central (Toronto). We do not transfer PHI outside of Canada.

5. Data Security

We protect your information with AES-256 encryption at rest, TLS 1.2+ encryption in transit, role-based access controls, multi-factor authentication, comprehensive audit logging, and a documented incident response plan.

6. No PHI Training

Your clinic's personal health information is never used to train AI models. This commitment is contractually guaranteed in every PHIPA agent agreement.

7. Cookies

Our website uses cookies for analytics and functionality. You can accept or decline cookies when you first visit our site. Declining cookies will not prevent you from using our website.

8. Your Rights

You have the right to access, correct, or request deletion of your personal information. For PHI requests, please contact your physician (the health information custodian) directly. For website-related data, contact us at [email protected].

9. Changes to This Policy

We may update this policy from time to time. Changes will be posted on this page with an updated revision date.

10. Contact

For privacy questions or concerns, contact us at [email protected].