PocketHealth Inc., together with affiliates and subsidiaries (collectively, “PocketHealth”, “we”, “us” or “our”), believes in empowering patients to take ownership of their healthcare. We respect your privacy and value your trust, and are therefore committed to safeguarding your Personal Information and Personal Health Information.
“Personal Health Information” is identifying information that relates to an individual’s health, and includes information that can be used to identify or contact the individual, such as their health history, the identity of their healthcare provider(s) or authorized legal representative(s), their medical test results, their records of visits to healthcare facilities, and the nature of the care received during those visits. Personal Health Information may also include other information about the individual that is included in a record containing Personal Health Information. The term as used in this Privacy Policy encompasses equivalent concepts under Privacy Laws.
“Personal Information” is information about an identifiable individual, and includes information such as a name, address, telephone number, or email address. Personal Information also includes information that can be used on its own or with other information to identify, contact or locate an individual. Depending on the applicable Privacy Laws and the context of its use, Personal Information may exclude business contact information, including your name and title. Further, information that does not reveal your identity, or does not directly relate to an identifiable individual, is not considered Personal Information, as defined under Privacy Laws.
“Privacy Laws” means all applicable federal, provincial, territorial or state privacy legislation, health information protection laws and regulations, and any other applicable statute or regulation governing the processing of Personal Information, including Personal Health Information, as such legislation may be amended from time to time, including without limitation the Personal Information Protection and Electronic Documents Act (Canada), the Personal Health Information Protection Act (Ontario), the Act respecting the protection of personal information in the private sector (Québec), the Act respecting health and social services information (Québec), the Personal Information Protection Act (BC), the Personal Information Protection Act (Alberta), the Health Information Act (Alberta), and the Health Insurance Portability and Accountability Act of 1996 and the Health Information Technology for Economic and Clinical Health Act of 2009, Title XIII (collectively, HIPAA).
PocketHealth provides an electronic way for patients and their authorized legal representatives to request and receive medical records from healthcare providers, and then store and manage those records.
We work in two ways.
First, we work with healthcare providers, clinics, hospitals, and other organizations that hold your health information (each a “Custodian”). We help them share records and perform other administrative tasks. In this role, we may collect, use, and disclose your Personal Health Information as directed by, and under the authority of, the Custodian that holds a patient’s records. We do this by performing certain tasks within the Custodian’s systems and connecting those systems to our Platform (defined below).
Second, we own and operate a cloud-based platform (the “Platform”) that lets you electronically request, access, view, store, download, and share medical records with others. When you use the Platform directly, we process and store your medical records and related information on your behalf. In this role, we handle your Personal Information as a service provider to you, the user.
Because we serve in both roles, the way we collect, use, and protect your information may differ depending on whether we are acting on behalf of a Custodian or providing services directly to you through the Platform. This Privacy Policy (the “Policy”) explains how we handle the information we collect or receive in each of these roles, via our Platform, websites, content, applications, products and services (collectively, “Services”), including via email, text, calls, or other electronic messages.
PocketHealth may collect, use or disclose Personal Health Information on behalf of a Custodian in order to perform authorized functions. Depending on the services being provided, the types of functions that PocketHealth may support a Custodian with, include:
As such, the types of Personal Health Information that PocketHealth may handle on behalf of a Custodian, include:
PocketHealth handles this Personal Health Information in accordance with Ontario’s Personal Health Information Protection Act, 2004, other Privacy Laws, and any applicable agreements.
PocketHealth does not use or disclose Personal Health Information for purposes other than as directed by the Custodian, or as permitted or required by law.
PocketHealth collects Personal Information from those who use our Services or correspond with us. We also collect Personal Information from our employees and candidates for employment.
The types of Personal Information that Platform users provide to us may include:
The types of Personal Information our employees, and candidates for employment, provide to us may include:
We may also collect certain information about the activity of anyone using our Platform, websites and online web applications (collectively, “Websites”) through automated means, as further described below under the heading “Cookies and Similar Technologies”. Types of information we collect using these automated technologies include:
PocketHealth uses the Personal Information you provide to us:
We also use Personal Information when we transfer it to third-party service providers we engage to support our business (e.g. for hosting, security, IT, data processing, customer support, email delivery, marketing, analytics, payment processing, and professional advisors). These third-party service providers are bound to keep Personal Information confidential, use the information only for the purposes for which it was shared, and implement appropriate security safeguards. We do not share text messaging opt-in data and consents with third-parties, excluding providers of text messages services.
Where appropriate, we may derive aggregated, de-identified and/or anonymized data from Personal Information, by removing information that makes the data identifiable to you, in accordance with applicable Privacy Laws. We use this aggregated, de-identified and/or anonymized data for our internal business purposes, including to analyze and improve our Services, develop new offerings and promote our business.
PocketHealth may disclose the Personal Information you provide to us:
We will not disclose your Personal Information for any purpose except as outlined in this Policy or as permitted or required under applicable law, unless we obtain your consent. We limit the Personal Information we disclose to what is necessary to fulfill the applicable purpose. We will not sell, trade or lease your Personal Information.
Unless you opt-out, PocketHealth’s Platform, websites and online web applications (collectively, “Websites”) use cookies and other automatic data collection technologies such as pixel tags and web beacons, to collect information when you visit or interact with our Websites. We do so to better understand the use of our Websites, make improvements, identify users and personalize experiences, analyze trends, and for other marketing and advertising purposes.
For more information about our use of cookies and how to opt-out through your browser settings, please refer to our Cookie Policy. Note that opting out of cookies may disable certain features on our Websites.
PocketHealth retains Personal Information for as long as required to fulfill the purpose(s) for which the information was collected, including to provide our Services, comply with our legal obligations and enforce our rights.
We retain the Personal Information in your Account until you delete your Account. You may delete your Account directly on the Platform or by contacting us at [email protected]. We will process your request within a reasonable period of time and in accordance with Privacy Laws. When you delete your Account we permanently and securely delete the information, except for any information that PocketHealth is required or permitted to retain (i.e. to prevent fraud, troubleshoot problems, assist with investigations, enforce our rights and/or comply with applicable legal requirements). Once you delete your Account you will no longer be able to access the Platform. Should you require any medical records or other information contained in your Account after it has been deleted, you should reach out to the applicable healthcare provider directly.
PocketHealth provides Services in Canada and the United States. We store Personal Information of Canadian users in Canada, and Personal Information of U.S. users in the United States. Personal Information relating to a particular medical exam is stored in the country where the exam was performed.
Some of our service providers may operate outside of your country or province of residence, therefore your Personal Information may be accessed or processed outside of that jurisdiction in the course of providing our Services. For Canadian residents, this means that your Personal Information could be communicated outside of Canada or your province of residence.
Privacy laws in foreign jurisdictions may be different than those of your home jurisdiction, and may permit or require disclosure of Personal Information to foreign governmental authorities or law enforcement. To ensure adequate protection of Personal Information, PocketHealth remains committed to completing privacy and security assessments before sharing information with vendors, only sharing the minimum amount of information necessary to achieve the corresponding purpose, and implementing technical and contractual safeguards.
PocketHealth prioritizes the security of your Personal Health Information and Personal Information, using technical, administrative and physical security safeguards designed to protect the information we handle from loss, theft, and unauthorized access, use and disclosure. PocketHealth is SOC 2 Type II certified and undergoes an independent third-party audit on an annual basis.
Additionally, we only permit our personnel to access Personal Information to the extent necessary to perform their duties, we bind our personnel to confidentiality agreements, and we require our personnel to complete privacy and security training at onboarding and on an annual basis.
The security of your information also depends on you, and we therefore ask that you create strong and unique passwords to protect your Account, do not share your credentials with anyone else, and enable multi-factor authentication where available. Other than when you log into the Platform, we will never ask you for your password. We may however ask you for Personal Information to confirm your identity for support purposes.
Despite the safeguards we have in place, there are risks inherent in the electronic transmission of information, and PocketHealth cannot guarantee the security or error-free transmission or storage of your information.
You may have all or some of the following rights and choices with respect to your Personal Information and Personal Health Information (as applicable), depending on the Privacy Laws that apply in your jurisdiction. Our processing of these rights and requests may also be subject to certain limitations under applicable law. Please note that we will request information to confirm your identity when you contact us to exercise these rights.
Your use of the Platform is entirely voluntary. You may withdraw your consent to the collection, use and disclosure of your Personal Information by deleting your Account or by contacting us at [email protected]. Withdrawing your consent means that you may not be able to continue using the Platform or other Services. We will explain the impact to you at the time to help you with your decision. Please note that withdrawing your consent may not prevent us from collecting information about your activity when using our Websites, where you have not disabled cookies.
You may opt-out of receiving our electronic marketing communications at any time by clicking unsubscribe at the bottom of the email and adjusting your communication preferences, or contacting us at [email protected]. Please note that if you choose to opt-out of receiving electronic marketing communications, you may continue to receive transactional and other communications we deem necessary to provide our Services or administer your Account.
You may access the Personal Information we hold about you at any time by logging into your Account. It is important that the information we hold about you remains accurate and current, so please keep us informed of any inaccuracies or changes. You may update or correct certain types of information directly in your Account. You may also contact us at [email protected] to request access to, change, or correct any Personal Information that you have provided to us. We will process your request within a reasonable time and as required by applicable Privacy Laws. If we cannot complete your request, we will inform you of the reasons why, subject to any legal or regulatory restrictions.
Access, changes or corrections to certain types of information created by healthcare providers, including medical records held in your Account, will require you to coordinate with the applicable healthcare provider. PocketHealth may be able to assist you, upon request.
If you are a resident of the Province of Quebec, you may request to receive copies of the Personal Information we collected from you in a structured, commonly used technological format and have it communicated to any person or body authorized by law to collect such information. We will agree to such request unless it raises serious practical difficulties.
If you are a resident of the Province of Quebec, you may request that access to your Personal Health Information be restricted or refused, in whole or in part. Such a request must be made in writing to the Provider that created the applicable medical records stored in your account and related Personal Health Information. Upon request, PocketHealth may assist you in this process.
If you believe your privacy rights have been violated, you may file a complaint with PocketHealth, the Office of the Privacy Commissioner of Canada or the applicable regulator. To submit a complaint to PocketHealth, you may contact our Privacy Officer using the details set out in Section 11 of this Policy.
PocketHealth’s Services may contain links or direct users to third-party websites or services that PocketHealth does not own or operate. This Policy does not apply to, nor does PocketHealth endorse any such third parties or their products, services, content or websites. When you click on a link to any other website or location, or otherwise interact with these third parties, you leave PocketHealth’s Services and go to another website or service where another entity may collect information from you. PocketHealth does not have any control over third-party websites or services, or their privacy practices, and is therefore not responsible for them. We encourage you to read the privacy policies and terms of every website or service you visit, and if you have any questions about how they process your information, you should contact the owner directly.
Additionally, if you provide information to third parties using our Services, PocketHealth cannot control the activities of those third parties and is not responsible for the information after it has been disclosed. For instance, if you share Personal Information with your physician via the Platform, PocketHealth cannot control how the information will be maintained by your physician once they access it. You would need to contact your physician to address how they handle the information.
Our Services are not intended for children under 12 years of age, and we do not knowingly collect information from children directly. Guardians or other authorized legal representatives may create and maintain Accounts on behalf of patients who are children. If you are a child, please do not use or provide any information through our Services.
If you are under the age of 14 and reside in the Province of Quebec, you may not use our Services without the consent of the person having parental authority or your legal guardian.
PocketHealth last updated Policy on May 29, 2026. PocketHealth reserves the right to amend this Policy at any time, to account for changes in applicable law or PocketHealth’s practices. It is our policy to post any changes we make to this Policy on this page. It is your responsibility to periodically review this Policy to ensure you remain aware of our current privacy practices. Where required by applicable Privacy Laws, we will notify you of material changes to this Policy, including by posting a notice on our Platform or by other reasonable means.
PocketHealth welcomes your questions, comments and requests regarding this Policy and our privacy practices. Please contact us at:
Attn: Privacy Officer
PocketHealth Inc.
[email protected]
+1 855-381-8522
