This Privacy Policy was last updated on September 11, 2024
At Mikata, we take the privacy and security of personal health information very seriously. This policy describes how we collect, use, store, and disclose your personal information in a private and secure manner on behalf of your clinic or healthcare provider.
Please read this policy carefully to make sure you understand our practices and are comfortable with them.
Mikata collects, uses, stores, and discloses your personal health information on behalf of your healthcare provider for the purposes of providing health services.
When your clinic or healthcare provider subscribes to the Mikata Services, they enter an agreement with Mikata Health, Inc. This permits them to share personal health information from their electronic medical record (EMR), or similar system, with us so we can provide our services.
We comply with all applicable standards and regulations for the handling of personal health information, including the Personal Information Protection and Electronic Documents Act (PIPEDA, Canada), Personal Health Information Protection Act (PHIPA, Ontario), Health Information Act (HIA, Alberta), Personal Information Protection Act (PIPA, Alberta), Personal Health Information Act (PHIA, Manitoba), Personal Information Protection Act (PIPA, British Columbia), Personal Health Information Privacy and Access Act (PHIPAA, New Brunswick), Personal Health Information Act (PHIA, Newfoundland & Labrador), Personal Health Information Act (PHIA, Nova Scotia), Health Information Act (HIA, Prince Edward Island), Health Information Protection Act (HIPA, Saskatchewan), Health Information Act (HIA, Northwest Territories), Health Information Privacy and Management Act (HIPMA, Yukon), and Health Insurance Portability and Accountability Act (HIPAA, United States).
Mikata Health, Inc. is a technology company headquartered in Calgary, Alberta. We’ve developed an automation platform that consists of a secure web-based software application for doctors, nurses, and staff at clinics to use, and a secure web-based application for their patients to use.
Your clinic uses the platform to automate time-consuming administrative and documentation tasks, which frees up doctors, nurses, and staff to spend more time caring for you. Additionally, the platform makes it easier for you to access care, communicate with the doctors, nurses, and staff at your clinic, and complete tasks related to your care.
Mikata enables your clinic to contact you via text, email, or automated voice call, and in some cases interact with Mikata’s secure web-based app (i.e., “Appointment Hub") and automated chatbot and scribe (i.e., “Mika") to exchange information or complete tasks related to your care.
For clinics and healthcare providers, we collect contact and billing information.
For patients, we collect registration information as well as diagnostic, treatment, and care information. We collect, use, store, and disclose the minimum amount of information required to provide our services, but your clinic ultimately decides which services to use and how they are configured.
Your clinic may configure Mikata Services to collect the following information:
We use the personal health information we collect in the provision of health services, and to provide the following benefits to you.
Interact with an easy-to-use chatbot, “Mika," whenever it’s convenient for you to book appointments, ask questions, complete forms, questionnaires, and surveys, and share files with your clinic.
Your clinic can configure the platform to send you relevant messages before and after your appointments. Each message includes a link to your “Appointment Hub" where you can view details, take actions (e.g., confirm your appointment), and complete tasks (e.g., review prep instructions, complete forms).
We provide clinics and healthcare providers with reports, overviews, personalized care recommendations, and documentation suggestions based on the information collected.
From time to time, we may also send you essential notifications related to your Mikata account, or substantial updates to our services, privacy policy, and/or terms and conditions.
We may de-identify and aggregate your information for improvement and development purposes in compliance with all applicable laws and regulations. We do not collect any additional information solely for improvement or development purposes.
We store your data for as long as your clinic or healthcare provider has an account to access our services. In some cases, we may need to store your information longer to meet regulatory requirements.
Your information is securely encrypted during transmission and storage. Our application and databases are hosted on secure cloud infrastructure, which is monitored and tested. We also keep auditable logs of application and database access and activity.
In addition to these and other technical safeguards, we have put in place comprehensive administrative and physical safeguards to protect the privacy and security of your personal health information.
Despite these best efforts, the risk of security breaches cannot be eliminated and we cannot guarantee a breach will never occur. Our intention is that this does not happen, which is why we have put comprehensive safeguards in place to prevent it from occurring.
If you have any concerns that your information is being inappropriately handled in any way, please contact us immediately.
Your personal health information is securely encrypted and stored on secure servers located within Canada.
We will never sell anyone’s data.
Data may be exchanged with your clinic or healthcare provider’s electronic medical record (EMR) through a private and secure connection if your clinic or healthcare provider has authorized it.
TELUS Health – If the Custodian requests integration with their TELUS Health EMR, we will enable the secure exchange of data between our system and their EMR.
QHR Accuro – If the Custodian requests integration with their QHR Accuro EMR, we will enable the secure exchange of data between our system and their EMR.
Amazon Web Services (AWS) – We use Canadian-based AWS infrastructure to process and store data. The data is encrypted in transit and at rest within a virtual private cloud (VPC) environment, preventing any third party, including AWS, from accessing to the data.
Microsoft Azure – We use Microsoft Azure to process data only. Data is not stored, even temporarily, by Microsoft Azure. The data is encrypted in transit, preventing any third party, including Microsoft Azure from accessing the data while in transit.
You may contact your clinic or healthcare provider to access, change, or remove information relating to you.
Our privacy and security practices are continuously evolving to take into account the latest standards and regulations, best practices, technologies, and trends.
When we make changes to our privacy policy we will update the date on this page. In the case of substantial updates, we will also notify your clinic.
If you have any questions or concerns about Mikata Health’s privacy policy, please email us at privacy@mikatahealth.com or write to:
Mikata Health Inc.
Attn: The Privacy Officer
Suite 201 - 838 11th Avenue SW
Calgary, AB
T2R 0E5
Canada
Website: www.mikatahealth.com
Email: privacy@mikatahealth.com