Privacy, Security & HIPAA Compliance

Your privacy is our priority.  We take every reasonable precaution to safeguard your information.  We are routinely re-assessing our privacy & security policies to ensure property safety and compliance.

What customer data is saved

We do not store any personal customer information.  Once a form is submitted through that data is immediately and automatically processed into a PDF document.  That PDF document is emailed to the client specified email address (a.k.a. your clinic).  As soon as that email is sent, all customer data is immediately purged from our system.

We do store clinic information in order to offer this service – this information includes: business name, address, phone number, email address and primary contact person.

How to keep emails safe

The safety of emails is dependent on four main factors:

  1. The service that hosts your emails.
  2. The login authentication to access your email service.
  3. The security of the device used to access your email service.
  4. Who has access to your email account.

Email Service Providers

All email service providers have various levels of security.  Gmail, yahoo and other free service providers may not provide the highest level of security.  You may wish to consider using a premium service that providers a high level of security.  A few you may consider:

  • ProntoMail
  • Tutanota
  • Mailfence
  • Hushmail

Login authentication

Your email account username and password are typically the most sought after vulnerability. Protecting your account by providing a strong password and enabling two factor authentication (2FA) will improve your email security.   Also, make sure your email password is not used for any other service.

Securing your computer

Keeping your computer and any device that has access to your emails is important.  Our top recommendations are to:

  • Require a password to login to the computer
  • Automatically lock the computer after 15 minutes or less of idle time.
  • Run regular virus and malware scans.
  • Have a firewall
  • Use encryption software to store any client information.

Employee access to emails

Only employees that require access to the submitted forms should have access to view your email account. You may wish to setup a separate email account for receiving form submissions.

How we protect the site

Site Encryption

The connection to this site is encrypted and authenticated using TLS 1.3. Transmissions to and from the website are encrypted.

Where the site is hosted

This site is hosted through DigitalOcean in their Toronto, Ontario, Canada regional data center.