Data privacy is very

important to us.

Here is how we make sure of that!

​Your data privacy is very important to us and if you have any questions or concerns, please do not hesitate to contact us.


Your data privacy

If your clinic participates in CPIN, your healthcare provider may send you automated, electronic communications by phone or email to request your feedback on the patient care they provide. 

The initial message will include a link to complete an online survey. You may choose to opt out at this point and if you do not agree to participate no further interactions will occur. 

If you decide to fill out the survey, you will be asked to click 'agree' on a electronic consent form before proceeding. No personally identifying information is captured in the survey (e.g. email address, first or last name, etc.). The results of the survey are completely anonymous and the only data that the software pushes is the 'guid' which is used to validate and process the survey responses. 


Data storage and collection

Patient experience data, collected through CPIN, is anonymized, aggregated and stored securely. This data is collated and reported back to the provider to enable providers to complete Quality Improvement activities based on patient feedback. The data may be linked to other administrative data to enable regional level assessment of patients’ experiences.

CPIN uses software developed by Cliniconex (CNX), an Ottawa based IT company. CNX software separates patient name from contact and demographic information through physically separate data centers and service providers. A random identifier number called “guid” replaces a patient’s name and the key is stored separately.

Patient details are sent to a cloud-based Contact Memory Cache Server, located in a DigitalOcean data center located in Toronto and a random token is created that serves as the Reference ID for the contact details. The Electronic Medical Record (EMR) API uses Transport Layer Security (“TLS”) with 128-bit Advanced Encryption Standard (“AES”) algorithm in sending the information to the Contact Memory Cache Server.

Contact Memory Cache servers are specialized servers with no persistent storage, storing data solely in volatile memory. The contact memory caches delete data older than 30 days daily, by default. Outreach message information is rendered permanently de-identified.  This non-identifiable data is kept for statistical, billing and evaluation purposes.

Processing surveys is handled by a third-party solution (SurveyMonkey).  As the invitation to complete the survey is handled by CNX no information about the patient is sent to the survey system, just the random “guid” that is part of the weblink. The survey system is configured to return anonymous survey results. No contact information, nor IP addresses are tracked.