Privacy · consent · access requests · Canada · PHIPA / Law 25

Your clinic already owes a privacy program. You probably don't have one.

Under Ontario's PHIPA your clinic is a health-information custodian; if you touch Quebec, Law 25 applies too. That means a privacy policy, consent, a way to answer patient access and data-portability requests on the clock, a confidentiality-incident register, and an audit trail. And if no privacy officer is named, the owner is it by default — so the liability is personal. ConsentLedger stands the whole program up and keeps it current, for the price of a phone bill.

Join the waitlist See how it works Free early-access · no card, no commitment

The exposure

The law expects a living privacy program. Here's what a regulator asks to see.

Quebec's Law 25 is fully in force — the data-portability right since September 2024, a confidentiality-incident register the regulator (the CAI) can demand on request, and penalties up to CAD 10–25 million. Ontario's IPC raised the bar twice in a year for small health orgs. A one-time consultant audit or a free template in a drawer isn't a program. This is what you'd be asked to show.

No current privacy policy

A policy that actually reflects what you collect and why — refreshed as the rules and your setup change. A stale binder from a consultant doesn't count.

No access-request process

A patient can ask for their file, or to move their data (Law 25's portability right, ~30-day clock). Most clinics handle it by scramble, if at all.

No incident register

Law 25 requires a confidentiality-incident register, and the CAI can ask for it on request. Few small clinics keep one.

No named privacy officer

Someone must own privacy. Under Law 25, if nobody is named, it defaults to the most senior person — the owner. That liability is already yours.

No audit trail

The documentary evidence — policy versions, consent records, request logs, register entries — is the actual asset in a CAI or IPC inquiry. Usually missing.

The liability is yours

Law 25 penalties reach CAD 10M / 2% of turnover (up to 25M / 4% penal); PHIPA reaches $200K individual, $1M organisation. The custodian carries it — not your software vendor.

The fix

One privacy program, run for you — beside the software you already use.

ConsentLedger doesn't replace your EMR, scheduling or billing, and it doesn't ask you to switch anything. It sits beside whatever you run, pulls the evidence it needs vendor-agnostically, and turns your obligations under PHIPA, PIPEDA and Law 25 into a living, auditable program.

1

Gap & readiness report

A short intake scores your clinic against your obligations and names exactly what's missing — policy, consent, register, access-request process — so you see your exposure in plain terms.

2

Your program, generated

The privacy policy, consent forms, confidentiality-incident register and audit trail — produced for your clinic and the regimes you fall under, kept current as the rules change.

3

Access requests, handled

A patient asks for their file or to move their data; ConsentLedger classifies the request, tells you the clock, and assembles the response package for you to approve before it goes out.

4

The audit trail

Everything lands in one place with version history: policy, consent, requests, register. If the CAI or IPC asks "show me your privacy program," you have the answer on file.

  • Regulatory tracking PHIPA, PIPEDA and Quebec Law 25 monitored for changes — each one mapped back to what your clinic now has to do.
  • Portability on the clock Law 25's ~30-day data-portability window handled as a workflow, not a fire drill — timed, logged, defensible.
  • Multi-province Ontario and Quebec first; Alberta HIA, BC PIPA and the federal regime as their libraries land — each regime you fall under, mapped.
  • Always current A consultant's binder goes stale the day a rule moves. A maintained program doesn't — that's the point of a program over a document.

To be clear

What ConsentLedger is — and what it is not.

What it is

  • A privacy / consent / access-request program run beside your existing software.
  • Built for PHIPA and Quebec Law 25 by default — Canadian, not GDPR-first.
  • Sized for a 1–10 practitioner clinic, not an enterprise.
  • A living program with an audit trail, not a one-off binder.

What it is not

  • Not an EMR, and not a scheduling or billing tool.
  • Not a scribe and not patient-facing clinical software.
  • Not legal advice — it produces the artifacts and evidence; your lawyer stays your lawyer.
  • Not tied to any one vendor — evidence is pulled vendor-agnostically.

Where this stands

We're building this — and we're being straight with you.

ConsentLedger isn't live yet. There's nothing to buy on this page, no clinics using it today, and no customer logos we could honestly show you. This page describes what we're building and why, so you can tell us whether it's the fix you need.

If it is, join the waitlist below. Early-access members help shape the product and get in first when it opens. That's the whole deal — no card, no commitment, and we'll only email you about ConsentLedger.

Early access

Does this match your exposure? Get in first.

Two minutes tells us whether we're building the right thing — and puts you at the front of the line for early access. We'd rather hear a hard "not for me" than a polite yes.

Join the waitlist & tell us your setup ~2 min · Ontario, Quebec & other provinces welcome

Who's building this

Built by someone who knows where the PHI flows.

ConsentLedger comes from twenty-plus years in Canadian healthcare IT — EMR builds, FHIR/HL7 integrations, OntarioMD and HRM work, ISO 27001 certification experience, and practical fluency in PHIPA, PIPEDA and Quebec Law 25. That's the rare seat: understanding both where your patient data actually lives and flows, and what a CAI or IPC inquiry really asks a custodian to produce. Most privacy vendors are generic and GDPR-first; most Canadian privacy consultants know the law but not the systems. ConsentLedger sits at that intersection — and every deliverable is reviewed by a Canadian privacy lawyer.