We've carefully designed Noterro to align with Canada's privacy laws, particularly the Personal Information Protection and Electronic Documents Act (PIPEDA). Noterro provides security and privacy controls to safeguard the data you input.
This information is not a legal interpretation of the law and is not binding. This information is not intended to, nor should it ever replace, formal legal counsel.
PIPEDA applies to private-sector organizations throughout Canada that gather, use, or disclose personal information within commercial activities.
Under PIPEDA, personal information encompasses any factual or subjective details regarding an identifiable individual, whether recorded or not. This includes information in various formats, such as:
These principles are guidelines for gathering, utilizing, and sharing personal information and facilitating access to such data. Below, we'll outline the ten fair information principles and how Noterro assists in adhering to them.
An organization is responsible for personal information under its control. It must appoint someone accountable for its compliance with these fair information principles.
How it's handled in Noterro: As our Privacy Policy outlines, Noterro doesn't control access or usage of the data you input. Each clinic manages this independently through contracts, internal agreements, access levels, and settings within Noterro.
To uphold the accountability principle, clinics should designate the individual responsible for compliance as the Admin in Noterro. According to Noterro's Terms of Use, the Admin is the legal guardian of the data entered into the platform.
The purposes for which the personal information is being collected must be identified by the organization before or during collection.
How it's handled in Noterro: As stated in our Privacy Policy, Noterro serves solely as a service provider to you, the custodian of your patients' data. We never sell or trade the patient data you store with us. This allows you to outline how you'll use the Patient data you collect and ensures you adhere to your professional and legal responsibilities regarding data storage.
The individual's knowledge and consent are required for the collection, use, or disclosure of personal information, except where inappropriate.
How it's handled in Noterro: In Noterro, you can tailor and create your own consent forms using our Forms feature, aiding your compliance with PIPEDA.
Personal information must be collected only as needed for the organization's identified purposes and by fair and lawful means.
How it's handled in Noterro: You control which information is gathered on your forms, the data you choose to collect from patients, and the purpose of your clinic.
Unless the individual consents otherwise or it is required by law, personal information can only be used or disclosed for the purposes for which it was collected. Personal information must only be kept as long as required to serve those purposes.
How it's handled in Noterro: Noterro doesn't manage the input data. If a clinic needs to delete collected data, we advise the Admin to contact us, and we'll guide them through the steps to remove the data from the account.
Personal information must be as accurate, complete, and up-to-date as possible to properly satisfy the purposes for which it is to be used.
How it's handled in Noterro: We suggest each staff member has their own Noterro account to handle and oversee data input. The Admin can manage staff and various permissions of each staff member individually. It's up to the Admin to only grant access to trusted individuals.
Personal information must be protected by appropriate security relative to the sensitivity of the information.
How it's handled in Noterro: Security and privacy are paramount at Noterro. Here, you'll find our documentation detailing the measures we've taken to ensure everything remains secure. How Noterro Stores and Protects Data.
An organization must make detailed information about its policies and practices relating to managing personal information publicly and readily available.
How it's handled in Noterro: We suggest developing policies and best practices aligned with PIPEDA compliance. If necessary, utilize our Forms & Agreements features to customize consents by incorporating them into your booking processes.
Upon request, individuals must be informed of the existence, use, and disclosure of their personal information and given access to that information. They shall also be able to challenge the accuracy and completeness of the information and have it amended as appropriate.
How it's handled in Noterro: If a Patient requests their personal information, you can export chart data directly from the Noterro account at any time or share the individual charts with them via the Web Portal.
An individual can challenge an organization’s compliance with the above principles. Their challenge should be addressed to the person accountable for the organization’s compliance with PIPEDA, usually their Chief Privacy Officer.
How it's handled in Noterro: While each clinic must appoint a privacy representative to oversee compliance, if you have any questions regarding Noterro's compliance, you can contact our privacy team at privacy@noterro.com.
We've carefully designed Noterro to align with Canada's privacy laws, particularly the Personal Information Protection and Electronic Documents Act (PIPEDA). Noterro provides security and privacy controls to safeguard the data you input.
This information is not a legal interpretation of the law and is not binding. This information is not intended to, nor should it ever replace, formal legal counsel.
PIPEDA applies to private-sector organizations throughout Canada that gather, use, or disclose personal information within commercial activities.
Under PIPEDA, personal information encompasses any factual or subjective details regarding an identifiable individual, whether recorded or not. This includes information in various formats, such as:
These principles are guidelines for gathering, utilizing, and sharing personal information and facilitating access to such data. Below, we'll outline the ten fair information principles and how Noterro assists in adhering to them.
An organization is responsible for personal information under its control. It must appoint someone accountable for its compliance with these fair information principles.
How it's handled in Noterro: As our Privacy Policy outlines, Noterro doesn't control access or usage of the data you input. Each clinic manages this independently through contracts, internal agreements, access levels, and settings within Noterro.
To uphold the accountability principle, clinics should designate the individual responsible for compliance as the Admin in Noterro. According to Noterro's Terms of Use, the Admin is the legal guardian of the data entered into the platform.
The purposes for which the personal information is being collected must be identified by the organization before or during collection.
How it's handled in Noterro: As stated in our Privacy Policy, Noterro serves solely as a service provider to you, the custodian of your patients' data. We never sell or trade the patient data you store with us. This allows you to outline how you'll use the Patient data you collect and ensures you adhere to your professional and legal responsibilities regarding data storage.
The individual's knowledge and consent are required for the collection, use, or disclosure of personal information, except where inappropriate.
How it's handled in Noterro: In Noterro, you can tailor and create your own consent forms using our Forms feature, aiding your compliance with PIPEDA.
Personal information must be collected only as needed for the organization's identified purposes and by fair and lawful means.
How it's handled in Noterro: You control which information is gathered on your forms, the data you choose to collect from patients, and the purpose of your clinic.
Unless the individual consents otherwise or it is required by law, personal information can only be used or disclosed for the purposes for which it was collected. Personal information must only be kept as long as required to serve those purposes.
How it's handled in Noterro: Noterro doesn't manage the input data. If a clinic needs to delete collected data, we advise the Admin to contact us, and we'll guide them through the steps to remove the data from the account.
Personal information must be as accurate, complete, and up-to-date as possible to properly satisfy the purposes for which it is to be used.
How it's handled in Noterro: We suggest each staff member has their own Noterro account to handle and oversee data input. The Admin can manage staff and various permissions of each staff member individually. It's up to the Admin to only grant access to trusted individuals.
Personal information must be protected by appropriate security relative to the sensitivity of the information.
How it's handled in Noterro: Security and privacy are paramount at Noterro. Here, you'll find our documentation detailing the measures we've taken to ensure everything remains secure. How Noterro Stores and Protects Data.
An organization must make detailed information about its policies and practices relating to managing personal information publicly and readily available.
How it's handled in Noterro: We suggest developing policies and best practices aligned with PIPEDA compliance. If necessary, utilize our Forms & Agreements features to customize consents by incorporating them into your booking processes.
Upon request, individuals must be informed of the existence, use, and disclosure of their personal information and given access to that information. They shall also be able to challenge the accuracy and completeness of the information and have it amended as appropriate.
How it's handled in Noterro: If a Patient requests their personal information, you can export chart data directly from the Noterro account at any time or share the individual charts with them via the Web Portal.
An individual can challenge an organization’s compliance with the above principles. Their challenge should be addressed to the person accountable for the organization’s compliance with PIPEDA, usually their Chief Privacy Officer.
How it's handled in Noterro: While each clinic must appoint a privacy representative to oversee compliance, if you have any questions regarding Noterro's compliance, you can contact our privacy team at privacy@noterro.com.
We've carefully designed Noterro to align with Canada's privacy laws, particularly the Personal Information Protection and Electronic Documents Act (PIPEDA). Noterro provides security and privacy controls to safeguard the data you input.
This information is not a legal interpretation of the law and is not binding. This information is not intended to, nor should it ever replace, formal legal counsel.
PIPEDA applies to private-sector organizations throughout Canada that gather, use, or disclose personal information within commercial activities.
Under PIPEDA, personal information encompasses any factual or subjective details regarding an identifiable individual, whether recorded or not. This includes information in various formats, such as:
These principles are guidelines for gathering, utilizing, and sharing personal information and facilitating access to such data. Below, we'll outline the ten fair information principles and how Noterro assists in adhering to them.
An organization is responsible for personal information under its control. It must appoint someone accountable for its compliance with these fair information principles.
How it's handled in Noterro: As our Privacy Policy outlines, Noterro doesn't control access or usage of the data you input. Each clinic manages this independently through contracts, internal agreements, access levels, and settings within Noterro.
To uphold the accountability principle, clinics should designate the individual responsible for compliance as the Admin in Noterro. According to Noterro's Terms of Use, the Admin is the legal guardian of the data entered into the platform.
The purposes for which the personal information is being collected must be identified by the organization before or during collection.
How it's handled in Noterro: As stated in our Privacy Policy, Noterro serves solely as a service provider to you, the custodian of your patients' data. We never sell or trade the patient data you store with us. This allows you to outline how you'll use the Patient data you collect and ensures you adhere to your professional and legal responsibilities regarding data storage.
The individual's knowledge and consent are required for the collection, use, or disclosure of personal information, except where inappropriate.
How it's handled in Noterro: In Noterro, you can tailor and create your own consent forms using our Forms feature, aiding your compliance with PIPEDA.
Personal information must be collected only as needed for the organization's identified purposes and by fair and lawful means.
How it's handled in Noterro: You control which information is gathered on your forms, the data you choose to collect from patients, and the purpose of your clinic.
Unless the individual consents otherwise or it is required by law, personal information can only be used or disclosed for the purposes for which it was collected. Personal information must only be kept as long as required to serve those purposes.
How it's handled in Noterro: Noterro doesn't manage the input data. If a clinic needs to delete collected data, we advise the Admin to contact us, and we'll guide them through the steps to remove the data from the account.
Personal information must be as accurate, complete, and up-to-date as possible to properly satisfy the purposes for which it is to be used.
How it's handled in Noterro: We suggest each staff member has their own Noterro account to handle and oversee data input. The Admin can manage staff and various permissions of each staff member individually. It's up to the Admin to only grant access to trusted individuals.
Personal information must be protected by appropriate security relative to the sensitivity of the information.
How it's handled in Noterro: Security and privacy are paramount at Noterro. Here, you'll find our documentation detailing the measures we've taken to ensure everything remains secure. How Noterro Stores and Protects Data.
An organization must make detailed information about its policies and practices relating to managing personal information publicly and readily available.
How it's handled in Noterro: We suggest developing policies and best practices aligned with PIPEDA compliance. If necessary, utilize our Forms & Agreements features to customize consents by incorporating them into your booking processes.
Upon request, individuals must be informed of the existence, use, and disclosure of their personal information and given access to that information. They shall also be able to challenge the accuracy and completeness of the information and have it amended as appropriate.
How it's handled in Noterro: If a Patient requests their personal information, you can export chart data directly from the Noterro account at any time or share the individual charts with them via the Web Portal.
An individual can challenge an organization’s compliance with the above principles. Their challenge should be addressed to the person accountable for the organization’s compliance with PIPEDA, usually their Chief Privacy Officer.
How it's handled in Noterro: While each clinic must appoint a privacy representative to oversee compliance, if you have any questions regarding Noterro's compliance, you can contact our privacy team at privacy@noterro.com.