The information in this document is not intended to be nor should it be interpreted as legal advice. It is a high level overview of privacy regulations as they pertain to different applications.
Canadian Allied Health EMRS:
- Now may be a good time to switch to an all in one platform which adds automation to your workflow and saves you time. (First table).
- Choose a Videoconferencing/Telehealth provider that meets your specific needs for privacy of health information. (Second table).
Here are some of the Canadian Allied Health EMRs people are using. (Please note this is not an exhaustive list, but a brief overview).
Name: | Created for | Core Features | Price (CAD) |
Therabyte Therabyte.app | OTs and SLPs in Peds Private practice, solo and teams, travelling or clinic based. | – 3 step scheduler – Integrated Goals -1 click invoicing – Telehealth – Client portal |
Starting at $36/mth |
Owl Practice | Psychologist, social workers, counsellors and therapists. | – Mental health and wellbeing – Scheduling – Client records – Invoicing – Client portal |
Starting at $60/mth |
Juvonno | Health care and wellbeing clinics. | -see website | Starting at $89/mth Billed annually |
OnCall Health | Medical practitioners | – Videoconferencing -appointment calendar view – Secure payment processing |
Not listed. Premium Tier w/ EMR features |
Jane App | Chiropractors, Massage, Naturopaths and other allied health professionals, clinic based. |
– Online booking |
Starting at $74/mth |
iinsight | Allied health | – Case management system – See website |
Starting at $59.99/mth |
GO Rendezvous |
Osteopathy, massage, and other allied health professionals |
– Appointment scheduling – Group classes -EMR add on |
$29/mth + EMR add-on +$20/mth |
Video conferencing platforms:
Here are some of the videoconferencing applications people are using. (Please note this is not an exhaustive list, but a brief overview).
Name | PIPEDA & PIPA -Private Entities |
FOIPPA & FIPPA Public Bodies | Cost | Server Location |
Therabyte Meet | Yes | Yes | $19/mth/user (group rates available) CAD | Canada |
Zoom For Healthcare | Yes | Unknown | – Healthcare $200/mth USD | Canada |
Zoom | Yes – recordings disabled and not using the chat | unknown | – Free for 1:1 and groups up to 40 min. | Canada/USA |
Doxy.me | Yes | No | – Free version – $35/mth USD |
USA |
OnCall | Yes | Yes | – Not listed | Canada |
Blue jeans | Yes | No | – Free version – Starting at $15.63 USD |
USA |
Google for Business – Hangouts Meet | Yes | No |
Currently Free (Starts at $4.20/mth/user) |
USA |
Microsoft Teams | Yes | Yes | $2.00/user/mth | Canada |
Physitrack | Yes | Unknown | Starts at $13.49/mth | UK based company. |
Facebook messenger | Yes | No | Free | USA |
Facetime | Yes – end-to-end encryption, stored on your phone. | Unsure | Free | Unsure |
Skype | Yes – for skype to skype calls. | No | Free | USA |
LiveCare | Yes | Yes | Not listed | Canada |
Disclaimer: This document is not a substitute for obtaining your own legal advice on telepractice and privacy mandated under the applicable provincial and federal legislation. Information collected from company websites, review of Canadian privacy laws and resources received from the Speech and Hearing conference, Oct. 2019.
Q: What are the risks associated with using a provider that does not explicitly indicate compliance with Canadian security laws?
A: They are not required to inform you if there is a security breach. HIPAA does not require notifying health care clients of breaches. This is a requirement of Canadian laws and therefore becomes your responsibility to inform your clients if there has been a security breach within the system that you are using to store and/or stream their personal health information.
Q: Is HIPPA compliance good enough for Canadian health data?
A: No. Quoted from Dr. Wael Hassan …“email or cloud storage providers serving healthcare organizations in Ontario are obligated to notify them of any security breaches or other instances of unauthorized access or disclosure. HIPAA does not require IT, service providers, to notify healthcare clients of breaches. While a notification requirement could be included in a contract with an American service provider, many U.S. service providers are reluctant to agree to notify their clients of breaches because of fears of liability and loss of reputation”. “Canadian Healthcare and US Cloud Services: Is HIPAA Compliance Good Enough for Canadian Health Data?”
START MY FREE TRIAL
References and resources cited:
- Jane.app privacy and security. Accessed May 23, 2022
- Zoom & PIPEDA/PHIPA Compliance Guide August 2021. Accessed May 23, 2022.
- Canadian Healthcare and US Cloud Services: Is HIPAA Compliance Good Enough for Canadian Health Data? Accessed May 23, 2022.
- Personal Information Protection and Electronic Documents Act. Government of Canada. 13 April 2000. Accessed May 23, 2022.