Privacy & Compliance

The Straight Answer on Privacy

Clinics ask us two questions: "Is this compliant?" and "Where does my patients' data go?" Here are real answers — including the parts other vendors leave out.

First, the honest part

There is no such thing as a "PHIPA certificate" or "PIPEDA certification." Any vendor claiming to be "certified compliant" is overselling. Under Canadian law, your clinic remains the custodian of patient information — a vendor like us acts as your service provider (in Ontario, your "agent" under PHIPA) and our job is to make your compliance easy and defensible.

So instead of badges, we give you the actual artifacts your privacy obligations call for: a signable data processing agreement, a documented data-flow map, a subprocessor register, a breach-notification commitment with a number on it, and a Privacy Impact Assessment support package. That's what "built for PIPEDA, PHIPA and BC PIPA" means here.

What ZeroMiss Does With Caller Information

DataPurposeRetention
Call audioReal-time conversation processing onlyNot retained by default (transcribe-and-discard)
Call transcriptComplete the booking, quality review by your clinicConfigurable: 0–30 days, then deleted
Caller name & callback numberBooking request / message delivery to your clinicDelivered to your clinic; our copy deleted per retention schedule
Appointment details (service, preferred times)Booking request deliverySame as above
Health card numbers / clinical detailsNot collected — the AI is designed to defer these to your staffN/A by design

Our Commitments

The AI Identifies Itself

Every call opens with a disclosure that the caller is speaking with an AI assistant and that the call is transcribed to complete their booking. Callers can say "human" or "voicemail" at any time and get exactly that — a genuine decline path, as Canadian privacy regulators expect.

No Audio Kept by Default

We transcribe and discard. Raw call audio is not retained unless your clinic explicitly turns recording on — and then the call-start disclosure says so. Transcripts auto-delete on your chosen schedule.

No Training on Your Data. Ever.

Neither we nor our AI subprocessors train models on your clinic's or your patients' data — contractually locked in our agreements with every provider in the chain.

Honest Data Residency

Stored data lives in Canada (Google Cloud Montréal/Toronto). Real-time call media may transit US infrastructure of our media provider — we say that plainly, because "100% Canadian" claims that ignore transit are how vendors get clinics in trouble in a Privacy Impact Assessment.

48-Hour Breach Notification

If we confirm a security incident affecting your data, we notify your clinic within 48 hours — contractually — and support your notifications to regulators and patients. We keep incident records per PIPEDA's 24-month requirement.

Paperwork Included

Every clinic gets a signable Data Processing Agreement (PHIPA agent / BC PIPA / PIPEDA schedules), a data-flow diagram, and a PIA support package — pre-filled answers for your college's or insurer's privacy questionnaire.

Security Measures

  • Encryption in transit (TLS 1.2+ / SRTP) and at rest (AES-256)
  • Multi-factor authentication on all administrative access
  • Role-based access — least privilege by default
  • Audit logging of access and changes
  • Minimal collection: the AI never asks for health card numbers
  • Secure deletion within 30 days of contract end, certificate on request

We operate SOC 2-aligned controls. We do not claim a SOC 2 audit until we have one — when a clinic network requires the report, we'll complete the audit. Ask us anything: our security posture is an open book for prospective clinics.

Subprocessor Register

Who touches data, what they do, and where. We notify clinics 30 days before any change to this list.

VendorRoleLocationAgreement
Google Cloud (Vertex AI / Gemini)Real-time speech understanding & responseCanada (Montréal / Toronto regions) for production workloadsGoogle Cloud Data Processing Addendum; no training on customer data
LiveKit CloudReal-time call media infrastructureUS media transit (disclosed transparently)DPA; SOC 2
TelnyxTelephone network (SIP) & phone numbersCanadian network points of presence (Vancouver)DPA
Email delivery providerBooking request delivery to your clinicCanada/US (disclosed at onboarding)DPA

What Your Callers Actually Hear

"Hi, you've reached [Your Clinic]. I'm an AI assistant that helps with appointments and messages. This call is transcribed so the clinic can complete your booking. If you'd rather not speak with an AI, just say 'voicemail' or 'human' at any time. How can I help you today?"

This wording follows the Office of the Privacy Commissioner's call-recording guidance and the 2026 provincial regulator guidance on AI tools in healthcare: identify the AI before collecting anything, state the purpose, and offer a real alternative. Continued conversation after clear notice constitutes valid consent — and patients who prefer a human always get one.

Claims You'll See Elsewhere — and Won't See Here

We don't say

  • "100% PHIPA certified" — no such certification exists
  • "No data ever leaves Canada" — real-time media transit makes that claim untrue for every vendor using major call platforms
  • "HIPAA compliant" as a headline — HIPAA is American law; it's not what protects your patients
  • "SOC 2" without an audit report to show you

We do say

  • Designed to support your PHIPA / BC PIPA / PIPEDA obligations, with the documents to prove it
  • Stored data in Canada; transit disclosed honestly
  • No training on your data, contractually
  • A signable DPA and PIA support package with every clinic

Questions, Access Requests or Complaints

Our designated Privacy Officer is the founder — reach them at privacy@zeromiss.ca. Patients should contact their clinic first (the clinic remains custodian of their information); we support every access and correction request within 5 business days. Unresolved concerns can be escalated to the Office of the Privacy Commissioner of Canada, the BC OIPC, or the Ontario IPC.

Read the Privacy Policy

Last updated: June 2026