PHIPA Compliance and Privacy Policy

What is PHIPA?

The Personal Health Information Protection Act, 2004 (PHIPA) governs how healthcare organizations, professionals, and service providers in Ontario collect, use, disclose, retain, and safeguard personal health information.

The goals of PHIPA are:

  1. To protect individuals’ privacy and confidentiality.
  2. To enable appropriate sharing of health information for safe, effective care.

Our role under PHIPA

Adit acts as an agent of other Health Information Custodians (HICs).

We have strict obligations to:

  • Collect and use only the information necessary to perform our duties.
  • Obtain appropriate consent before handling personal health information.
  • Implement robust safeguards to prevent unauthorized access, use, or disclosure.
  • Provide transparency and accountability to our clients and patients.

Our PHIPA compliance framework

To meet and exceed PHIPA requirements, we have implemented a comprehensive privacy and security program that includes the following key policies and practices:

1. Safeguarding personal health information : We maintain administrative, technical, and physical safeguards to protect PHI against theft, loss, and unauthorized use or disclosure.

Our security measures include:

  • Role-based access controls and authentication requirements
  • Data encryption (in transit and at rest)
  • Secure data storage in trusted, compliant environments
  • Continuous system monitoring and audit logging
  • Controlled physical access to facilities and devices

2. Collection, use, and disclosure of information :

We collect and use PHI only:

  • With appropriate implied or express consent, and
  • For legitimate healthcare or administrative purposes (such as patient care, billing, quality improvement, or legal obligations).

We never sell, lease, or disclose personal health information for marketing or unrelated purposes.

Disclosures to third parties (for example, laboratories, billing processors, or IT vendors) occur only when:

  • Required or permitted by law, and
  • Covered by written agreements ensuring those parties also comply with PHIPA.

3. Consent management : Under PHIPA, individuals have the right to control how their information is used and shared.

Our consent policies ensure:

  • Implied consent applies within the “circle of care” for providing healthcare services.
  • Express consent is obtained for disclosures outside the circle of care (such as research, marketing, or third-party use).
  • Individuals can withdraw or limit consent at any time, subject to legal or care-related restrictions.

4. Employee and Agent Training : Every team member, contractor, and agent handling personal health information must complete privacy and security training as part of onboarding and ongoing education.

Our program covers:

  • PHIPA obligations
  • Confidentiality principles
  • Secure handling of electronic and paper records
  • Breach prevention and reporting procedures

5. Breach Management and Reporting :

In the event of a privacy breach, we will:

  • Contain and investigate the incident immediately.
  • Notify affected individuals at the first reasonable opportunity.
  • Report the incident to the Information and Privacy Commissioner of Ontario (IPC) when required.
  • Take corrective action and update policies to prevent recurrence.

All incidents are documented and reviewed to ensure accountability and continuous improvement.

6. Access and Correction Requests :

Under PHIPA, individuals have the right to:

  • Request access to their personal health information, and
  • Request corrections to inaccurate or incomplete information.

We respond to all access and correction requests within the timeframes required by law (typically within 30 days). Requests can be made in writing to [email protected].

7. Data Retention and Disposal : We retain PHI only as long as necessary to fulfill the purposes for which it was collected and to meet legal or professional requirements.

When records are no longer required, they are securely deleted, shredded, or destroyed in accordance with PHIPA and industry standards

8. Data Storage : All servers used for data storage are located in Canada.

Our Ongoing Commitment

Compliance with PHIPA is an ongoing process, not a one-time certification. We regularly review and update our policies, technologies, and training programs to keep pace with evolving privacy standards, legal requirements, and cybersecurity threats.

We’re committed to earning and maintaining your trust through transparency, accountability, and respect for your privacy.

X
Get a $25 Gift Card when you take a demo

Get a $25 Gift Card when you take a demo

Schedule a Demo
X
Get a $50 Gift Card

Get a $50 Gift Card
when you take a demo

Activate offer
X

Looks like you're out of bounds!

Hey there! Your current location falls outside Adit's area of operation. If this is unexpected, try disabling your VPN and refresh your page. For further assistance or to book a live demo, connect with us at 832-225-8865.

X

April 2 Amazon Demo Promo

Terms and Conditions

Last Updated: April 2, 2026

Offer ends April 5, 2026, and is limited to prospective customers who sign an annual agreement before April 30, 2026. Gift card will be emailed to the company owner or established representative within 4 weeks of signing the annual agreement. Offer may not be combined with any other offers and is limited to one (1) gift card per office. Offer is not available to current customers or to prospective customers or individuals that have participated in a Adit demo during the prior six (6) months. Recipient is responsible for all taxes and fees associated with receipt and/or use of the gift card as well as reporting the receipt of the gift card as required under applicable federal and state laws. Adit is not responsible for and will not replace the gift card if it is lost or damaged, is not used within any applicable timeframe, or is misused by the recipient. Adit is not responsible for any injury or damage to persons or property which may be caused, directly or indirectly, in whole or in part, from the recipient’s participation in the promotion or receipt or use of the gift card. Recipient agrees to indemnify, defend and hold harmless Adit from and against any and all claims, expenses, and liabilities (including reasonable attorney’s fees) arising out of or relating to a recipient’s participation in the promotion and/or recipient’s acceptance, use or misuse of the gift card. This offer is sponsored by Adit Communications, Inc. and is in no way sponsored, endorsed or administered by, or associated with Amazon.

X
Thank You!

Thank You!

We appreciate your interest! Adit AI will be calling you in the next few minutes!

X

FREE $25 Gift Card

Schedule A Demo Before 00/00

*Terms and Conditions
Amazon Gift Card
Capterra Software Advice
X

Please Complete The Form Below

X
Thank You!

Thank You!

We appreciate your interest! A team member will connect with you soon to schedule your free demo.

X

Why Adit?

Cut your software bill by up to 60% when you merge everything your dental office needs to run under one roof.

Centralize Communications

Centralize Communications

  • Phones & TeleMed
  • Emails & eFax
  • Texting & Reminders
  • Call Tracking and more!
Streamline Operations

Streamline Operations

  • Patient Forms
  • Online Scheduling
  • Payments
  • Reviews and more!
Boost Production

Boost Production

  • Performance Dashboards
  • Morning Huddle
  • Claims & Collections
  • Patient Profiles
  • Follow Up Lists
  • Year Over Year Metrics
Acquire More Patients

Acquire More Patients

  • Digital Marketing
  • Website Design
  • SEO
  • Google Ads
  • Facebook Ads
Good Friday Promo: Get Adit AI Front Desk free for life when you sign up!

Sign up by filling out the form

Please complete the form below

Schedule a time
  • Morning (8-12)
  • Afternoon (12-4)
  • Evening (4-7)