Our Approach to Patient Privacy and Security

The safety of your personal data is as important to us as your personal health. It's our priority to keep your information safe and secure. 

 

Patient-owned Data

You own your personal information and we do our part to ensure this is kept confidential between you and your care team.

Privacy by Design

We follow Privacy by Design practices by taking a holistic approach to our product designs.

Industry Best Practices

We meet or exceed the industry standards for protecting Canadian health data.

 

Below is a summary only and we encourage you to read the full privacy notice.


Patient-owned Data

You own your personal information and we do our part to ensure this is kept confidential between you and your care team.

You own the data you enter into the New Hippo platform. You are able to update, edit, and delete info as you see fit and can access your data offline by securely downloading your personal health history.

 

We will always gather your consent before sharing this information with your care team.

 

We do not disclose any of your personal information to marketers of unaffiliated third parties. New Hippo applications only allow secure communication with registered healthcare providers to deliver a recommendation or a diagnosis.

 

Privacy by Design

We follow Privacy by Design practices by taking a holistic approach to our product designs.

We follow Privacy by Design practices by enforcing privacy and security measures that consistently meet health organization requirements. We also conduct regular privacy and security training for our employees.

 

 

Industry Best Practices

We use industry best practices to keep your personal health information safe and secure through data safeguarding controls and standards.

We meet or exceed the requirements of FIPPA and follow data security and privacy standards that align with HIPAA, PIPEDA, and NIST conformance guidelines.

The infrastructure we use to store patient’s health information is wholly located in Canada and is implemented in accordance with provincial and federal privacy legislation. Our infrastructure provider is Sas 70 Type II, ISO 27001, and HIPAA compliant.