Request our Privacy Impact Assessment
ResolvMD is on the forefront of the latest developments and best practices for privacy and security. All aspects of our system were designed to keep patient and personal information secure from the outset. We meet or exceed the specification outlined in the Health Information Act and conform to Personal Information Protection and Electronic Documents Act (PIPEDA). All of your data is stored within Canada and is encrypted in transit via HTTPS and at rest (256-bit AES encryption).
All patient data in our platform is encrypted in transit and at rest. All communication between our web application and
our servers occurs via HTTPS.
Our servers encrypt patient information, including all identifiable characteristics, using strong industry standard encryption before persisting to our databases. All data is encrypted at rest with 256-bit AES encryption.
Our cloud based infrastructure is designed with security in mind and includes many redundant layers of protection to ensure your data is safe.
Any on premise data is stored within secure storage systems with a three layered security protocol.
Your data is subject to the same rigour that we treat patient data with. All forms signed via our electronic signature partner are encrypted using strong industry standard encryption and then stored in our cloud infrastructure which uses 256-bit AES encryption. We do not store any billing information. All information related to payments is processed by our third party partner Stripe. Stripe is a world leading payments company that is on the cutting edge of security and privacy. See the Stripe documentation for more information.
In short, only the absolute minimum number of people have access to data in controlled environments under strict
protocols. Data within ResolvMD is only accessible by select users who are responsible for processing billing data. If
your billing is facilitated by a billing specialist, processed data is only available for entry and processing by an
authorized billing clerk. Supervisors have access in order to facilitate any issues with claims. Select ResolvMD support
staff can also help agents and clerks if necessary. If you bill directly (self-serve) with our system, your data is only
accessible to authorized ResolvMD support personnel.
We adhere to the principle of least privilege. Access to infrastructure and data, as well our users access to data within the platform is restricted to only the information and resources that are necessary for that users role. Our application includes role based authorization that allows us to restrict access to patient data to only those who really need it.
We do not share data with anyone. The data is processed by H-Link or other provincial adjudication platforms for payments. Once a claim is deemed to be complete, it is stored in accordance with regulation.
To comply with provincial health regulations, we store encrypted claim data for at least 7 years.
ResolvMD is an independent company and is not owned by another company.
You might. Get in touch with us to discuss whether or not you need to legally have a PIA in place. If you do, we can help, contact us