PIPEDA Compliance: Create a privacy policy

I see that your health forms are HIPAA-enabled, but are they PIPEDA compliant for Canadian law?

Just reading this page:

In Canada, the law is called the Personal Information Protection and Electronic Documents Act 2000 (PIPEDA). This law requires that the website owner must:

Obtain consent when they collect, use or disclose personal information;

Supply an individual with a product or a service even if the individual refuses consent for the collection, use or disclosure of their personal information (unless that information is essential to the transaction);

Collect information only by fair and lawful means; and

Have personal information policies that are clear, understandable and readily available.

If you are based in any of the above countries, or if you could have users coming from those countries, your “Contact Us” form could collect personal information that is covered by the above laws, so make sure you comply.

The easiest way to comply with these laws is to set up a Privacy Policy on your website that covers the requirements above. A Privacy Policy is a legal statement that explains how user data is collected, used, managed, and disclosed. The Privacy Policy also explains how the individual’s privacy and personal information will be protected.

You can use one of these widgets to display your privacy policy:

https://widgets.jotform.com/widget/short_scrollable_terms

https://widgets.jotform.com/widget/terms_amp%3B_conditions