Our Approach to Data Privacy and Security

The safety of your personal data is as important to us as your personal health. It's our priority to keep your information safe and secure. 

 

Keeping Data Safe

We meet or exceed the industry standards for protecting Canadian health data.

Privacy by Design

We maintain robust privacy & security product architecture.

Patient-owned Data 

We believe in empowering patients as owners of their own data.

 

Keeping Data Safe

The infrastructure we use to store patients' health information is wholly located in Canada and is implemented in accordance with provincial and federal privacy legislation. Our infrastructure provider is Sas 70 type 2, ISO 27001, HIPPA and PCI compliant.

We meet or exceed the requirements of FIPPA and we follow data security and privacy standards that align with HIPPA, PIPEDA, PCI and NIST conformance guidelines.

 

Privacy by Design

Our infrastructure as well as security and privacy policies have been reviewed in granular detail by several provincial health authorities  and we have been approved to handle PII on behalf of their respective organizations.

We follow Privacy by Design practices: we maintain robust privacy & security product architecture and conduct regular privacy and security training for employees.

 

Patient-owned Data

We do not disclose any of your personal information to marketers or unaffiliated third parties. New Hippo applications only allow secure communication with trusted third parties, those registered with New Hippo Health as healthcare providers, to deliver a recommendation or a diagnosis.

Patients are the owners of the data they put into the New Hippo Health platform. Patients are able to update, edit and delete info as they see fit and can access their data offline by securely downloading their personal health history.