Arthur Health’s Commitment to the 10 Fair Information Principles
Arthur Health follows the internationally recognized “10 Fair Information Principles” as set out in PIPEDA, Canada’s federal privacy law. These principles guide our approach to privacy and data protection for every patient, provider, and partner.
1. Accountability
We take responsibility for all personal information under our control. Arthur Health has a designated Privacy Officer to lead compliance, and every team member signs a Privacy and Security agreement outlining their obligations.
2. Identifying Purposes
We clearly explain why personal information is collected—before it’s collected. Data is only used for its intended purpose, and patient information is encrypted before transmission.
3. Consent
We require knowledge and consent for the collection, use, or disclosure of personal information. Providers must obtain appropriate patient consent before using our services, and our systems prompt for informed email consent when needed.
4. Limiting Collection
We collect only what’s necessary—no more, no less. All personal information is encrypted before leaving your organization, and our processes comply with Canadian and Ontario privacy laws.
5. Limiting Use, Disclosure, and Retention
Personal information is used only for the purpose it was collected, and retained only as long as needed. Uses and disclosures are directed by health service providers and governed by our agreements.
6. Accuracy
We keep personal information accurate and up-to-date. Our platform synchronizes with electronic medical records, and patients can review and confirm their information for accuracy.
7. Safeguards
We protect personal information with industry-leading security measures—end-to-end encryption, strong password policies, and strict access controls. Our Security Operations Centre monitors threats 24/7.
8. Openness
Our privacy policies and practices are published openly on our website. We provide patient-friendly summaries and access to relevant assessments upon request.
9. Individual Access
Individuals can request access to their personal information and challenge its accuracy. While Arthur Health does not access unencrypted data, we help connect individuals with their health service providers to review and update information.
10. Challenging Compliance
We welcome questions and challenges regarding our privacy practices. Our Privacy Officer and leadership team are committed to timely, transparent responses and continuous improvement.