PatientClicks Privacy Assurance Framework™

At PatientClicks, we take privacy seriously—because our clients work with personal health information (PHI), and protecting that information is essential to their brand, their patients, and their compliance with Canadian privacy laws.

The Privacy Assurance Framework™ outlines how we protect clinic and patient data across every touchpoint of our marketing services. It’s built on the principles of PIPEDA, PHIPA (Ontario), and other relevant provincial legislation.

Our 8 Pillars of Privacy Protection

1. Call Privacy & Call Tracking Safeguards

We limit recording to only what’s necessary, use redaction tools to remove sensitive data, and restrict access to essential team members only.

2. Secure Client Reporting

All client-facing reporting links are authenticated, encrypted, and accessible only by those with need-to-know permission.

3. Staff Access & System Security

We enforce 2FA, idle logouts, device security requirements, and strictly monitor access to platforms that touch patient data.

4. Contact Centre Data Handling (When Used)

Our optional PatientLink Contact Centre operates with clear access levels, strict protocols, and built-in compliance measures for patient interaction.

5. Form Data Lifecycle Management

We ensure lead and form data is securely transferred and automatically purged based on defined retention policies.

6. Transparency & Client Agreements

We update our service agreements and website disclosures to clearly define how patient information is handled on behalf of each clinic.

7. Breach Response Protocol

We maintain a formal, tested SOP to respond to any potential data breach quickly, notify clients as needed, and report to regulators when required.

8. Vendor & Freelancer Accountability

All freelancers and vendors undergo privacy screening and must sign NDAs. Platform access is tracked and limited by role.

📄 Want the Full Framework?

We’re happy to share our complete Privacy Assurance Framework™ upon request.
Please reach out.