The information in this document is not intended to be nor should it be interpreted as legal advice. It is a high level overview of privacy regulations as they pertain to different applications.
How to get Started with Telehealth:
- BREATH…this is a crazy time and so many of us are being thrown into this really quickly. First, breath! Do something that feels grounding, a walk, some yoga, or dancing to your favorite music.
- You are an AMAZING therapist! You have skills! Remember this, be confident in you!
- Send a letter to your clients letting them know you are pivoting and adjusting to the change and will be sending them some info shortly.
- Now may be a good time to switch to an all in one platform which adds automation to your workflow and saves you time. (First table).
- Choose a Videoconferencing provider that meets your specific needs for privacy of health information. (Second table).
Here are some of the Canadian Allied Health EMRs people are using. (Please note this is not an exhaustive list, but a brief overview).
|Name:||Created for:||Core Features:||Price (CAD)|
|Therabyte Therabyte.app||OTs and SLPs in Peds Private practice, solo and teams, travelling or clinic based.||-3 step scheduler |
-1 click invoicing
|Starting at $36/mth|
|Owl Practice||Psychologist, social workers, counsellors and therapists.||-mental health and wellbeing |
|Starting at $40/mth|
|Juvonno||Health care and wellbeing clinics.||-see website||Starting at $79/mth Billed annually|
|OnCall Health||Medical practitioners||-videoconferencing -appointment calendar view |
-secure payment processing
|Not listed. Premium Tier w/ EMR features|
|Jane App||Chiropractors, Massage, Naturopaths and other allied health professionals, clinic based.||-online booking |
-insurance billing -client portal
-Telehealth (coming soon)
|Starting at $74/mth|
|iinsight||Allied health||-case management system |
|Starting at $18/mth|
|GO Rendezvous||Osteopathy, massage, and other allied health professionals||-appointment scheduling |
-EMR add on
|$29/mth EMR add- on +$20/mth|
Here are some of the videoconferencing applications people are using. (Please note this is not an exhaustive list, but a brief overview).
|Name||PIPEDA & PIPA |
|FOIPPA & FIPPA Public Bodies||Cost||Server Location|
|Therabyte Meet Available March 25, 2020||Yes||Yes||$19/mth/user (group rates available)CAD||Canada|
|Zoom For Healthcare||Yes||Unknown||-Healthcare $200/mth USD||Canada|
|Zoom||Yes** with recordings disable and not using the chat||unknown||-Free for 1:1 and groups up to 40 min.||Canada/USA|
|OnCall||Yes||Yes||– Not listed on website||Canada|
|Blue jeans||Yes**||No||-Free version |
-Starting at $15.63 USD
|Google for Business – Hangouts Meet||Yes**||No||Currently Free (Starts at $7.80/mth/user)||USA|
|Microsoft Teams||Yes||Yes||$26.60/th CAD||Canada|
|Physitrack||Yes||Unknown||Starts at $10.99/mth||UK based company.|
|Facetime||Yes – end to end encryption, stored on your phone.||Unsure||Free||Unsure|
|Skype||Yes** – for skype to skype calls, not skype to landline.||No||Free||USA|
Disclaimer: This document is not a substitute for obtaining your own legal advice on telepractice and privacy mandated under the applicable provincial and federal legislation. Information collected from company websites, review of Canadian privacy laws and resources received from the Speech and Hearing conference, Oct. 2019.
Q: What are the risks associated with using a provider that does not explicitly indicate compliance with Canadian security laws?
A: They are not required to inform you if there is a security breach. HIPAA does not require notifying health care clients of breaches. This is a requirement of Canadian laws and therefore becomes your responsibility to inform your clients if there has been a security breach within the system that you are using to store and/or stream their personal health information.
Q: Is HIPPA compliance good enough for Canadian health data?
A: No. Quoted from Dr. Wael Hassan …“email or cloud storage providers serving healthcare organizations in Ontario are obligated to notify them of any security breaches or other instances of unauthorized access or disclosure. HIPAA does not require IT service providers to notify healthcare clients of breaches. While a notification requirement could be included in a contract with an American service provider, many U.S. service providers are reluctant to agree to notify their clients of breaches because of fears of liability and loss of reputation”. “Canadian Healthcare and US Cloud Services: Is HIPAA Compliance Good Enough for Canadian Health Data?”
References and resources cited:
Jane.app privacy and security Access 22 Mar 2020
https://blog.zoom.us/wordpress/2018/11/12/zoom-serves-canadian-healthcare-pipeda-phipa-compliance/, November 12, 2018. Accessed 23 Mar 2020
Personal Information Protection and Electronic Documents Act.” Government of Canada. 13 April 2000. Accessed 22 Mar 2020.