Book A Demo Free Website Audit Login 1-877-707-3459

Our Blogs

Join Our Newsletter

Receive monthly content from Marketing4ECPs full of all the best marketing tips, insights, and experiments to help grow your eye care business

HIPAA/PIPEDA Regulations and Why You Need to Be Following Them

A Refresher on the HIPAA and PIPEDA

No matter what country you operate out of, the regulations that govern personal information are a big deal. As healthcare providers, you are trusted and expected to store patient data securely, and the consequences are immense if you don’t. 

The HIPAA (Standards for Privacy of Individually Identifiable Health Information) is the enacted rule in the United States that regulates the protection of patients’ personal or protected health information. The PIPEDA (Personal Information and Protection of Electronic Documents Act) is the legislation that governs the gathering of consent when practices want to use or disclose a patient’s collected information, in Canada.


This blog is only meant to serve as a guide and does not replace or supersede the legislature it discusses. Please refer to the original laws to ensure you understand the full scope of each and seek legal counsel if you have questions.

What’s Covered?

Keeping track of the guidelines and laws surrounding the collection of your patients’ information can get confusing and at worst, overwhelming. We’ve put together a quick overview of the legislation in North America so you can make sure that all your marketing endeavours are within the law.

PIPEDA (Canada)

All Federally regulated organizations that conduct business in Canada are subject to PIPEDA. The act also applies to their employees’ information.

Under PIPEDA, personal information includes any factual or subjective information, recorded or not, about an identifiable individual. This includes information in any form, such as:

  • age, name, ID numbers, income, ethnic origin, or blood type;
  • opinions, evaluations, comments, social status, or disciplinary actions; and
  • employee files, credit records, loan records, medical records, the existence of a dispute between a consumer and a merchant, intentions (for example, to acquire goods or services, or change jobs).

Business’ responsibilities under PIPEDA are outlined in the 10 fair information principles. They are:

  1. Accountability
  2. Identifying Purposes
  3. Consent
  4. Limiting Collection
  5. Limiting Use, Disclosure, and Retention
  6. Accuracy
  7. Safeguards
  8. Openness
  9. Individual Access
  10. Challenging Compliance

HIPAA (United States of America)

HIPAA is part of the Health Insurance Portability and Accountability Act, passed in 1994 that serves to enforce privacy standards relating to individually identifiable health information. That information includes:

  • The patient’s name, address, birthday, or social insurance number
  • The patient’s past, present, or future mental or physical health condition
  • Any services or care you’ve provided to the patient in the past or are currently providing the patient
  • Any other information that one might reasonably believe could be used to identify your patient

Be Aware 

You need a patient’s written consent to include them in marketing campaigns, so be careful that your patient is not just implying their consent.

One More Caution

While the federal legislation applies to all federally regulated businesses (like eye care practices), many provinces, territories, and states have their own legislation that deals with privacy and the use of personal information. Keeping up to date with your location’s legislation is pivotal in your efforts to keep your patients’ information safe while keeping them informed of the information they need. As always, if you want guidance on your marketing efforts, or just want to speak to the experts, contact us here.

Other Categories

Trudi Charest / Co-Founder

Trudi has spent her career trying to help eye care business owners run a better business. From her early days working in retail optical as an Optician & Corporate Trainer to an award-winning sales rep for Bausch and Lomb, Trudi carried her passion for the industry through to Eye Recommend, eventually breaking off and starting her own ventures.

More articles by Trudi Charest
question youtube phone share2 link location2 calendar chevron-right chevron-up chevron-left facebook twitter linkedin2 google-plus instagram pinterest

Hear from our clients

Meet Our

Recently Launched Websites

What Clients Are Saying
Dr. Justin Bazan photograph
Why would you do this yourself? The team at Marketing4ECPs is great, and they make all of my marketing look incredible. I love how they incorporated the art around my community into my website.
Dr. Justin Bazan
Park Slope Eye
View Website
Dr. Mei Fleming photograph
Thank you to the awesome team @marketing4ecps for making my vision a reality and creating a gorgeous website!
Dr. Mei Fleming
Luminance Vision Optometry
View Website
Dr. Tanya Gill photograph
I love my website, and the team at Marketing4ECPs worked alongside me to bring to my vision to life.
Dr. Tanya Gill
Oakland Vision Centre Optometry
View Website
Dr. Jeff Goodhew & Dr. Tina Goodhew photograph
We're super happy and impressed with Marketing4ECPs. The work they create for us is better than anything we could create ourselves.
Dr. Jeff Goodhew & Dr. Tina Goodhew
Abbey Eye Care, Oakville, Ontario
View Website