Privacy, security, and compliance can feel like a lot to navigate, especially when you're also running a clinic. This page brings everything together in one place, organized by topic, to help you find what you need.

Compliance by Region

Privacy law isn't one-size-fits-all. The region where your clinic operates affects what you're responsible for.

Canada 🇨🇦

Federal

• PIPEDA and Other Privacy Laws in Canada

By Province

• Privacy Compliance for Clinics in British Columbia
• Does FIPPA/FOIPPA Apply to My Clinic in BC?
• Privacy: Compliance for Clinics in Alberta
• Privacy Compliance for Clinics in Ontario

United States 🇺🇸

• Is Jane HIPAA compliant?
• HIPAA and Appointment Emails
• HIPAA and Marketing Emails
• California Consumer Privacy Act (CCPA)
• The U.S. Cures Act and Jane

Europe 🇪🇺 & the UK 🇬🇧

• All about UK and EU GDPR Compliance
• GDPR Consent Rules
• GDPR Consent Language
• GDPR and Reminder Emails

Jane's Certifications & Trust

Wondering how Jane holds up to scrutiny? This section covers the third-party certifications, compliance standards, and documentation that back up Jane's commitment to keeping your data safe.

• Security FAQ
• What is a SOC 2 report?
• Is Jane PCI-Compliant?
• List of Security Features
• Cloud Security White Paper

Protecting Patient Data

As a clinic, you're responsible for your patients' information, and Jane is built to help you meet that responsibility. This section covers data retention, deletion, clinical notes, AI data handling, and more.

• Protecting Patient Data
• Deleting Patient Data
• Creating & Storing Compliant Clinical Notes
• Online Appointments and Privacy Laws
• Staff Access Levels
• Account Ownership in Jane
• Jane's AI Principles

Account & Access Security

Day-to-day security starts with how your team logs in and who has access to what. These guides cover the practical steps to keep your Jane account secure.

• 2-Step Verification
• Multi-Factor Authentication
• 2-Step Verification: Locked out of your account?
• How to reset your email password and enable Two-Factor Authentication (2FA)
• How To: Reset Your Jane Password
• Password Best Practices
• Auto-Logout Duration
• Activity Log
• All About the New Device Sign-in Email
• Unauthorized Access: What to Do if Your Laptop/Phone is Lost or Stolen

Communications & Email Privacy

Appointment reminders and notifications are a core part of running a clinic, but they come with privacy considerations. This section covers what you need to know to communicate compliantly.

• HIPAA and Appointment Emails
• HIPAA and Marketing Emails
• GDPR and Reminder Emails
• Email Encryption FAQ for Canada
• Third Party Messaging Service FAQ
• Receiving Support Securely

Security Best Practices & Incident Response

General guidance for building a security-conscious clinic culture, from spotting phishing attempts to knowing what to do when something goes wrong.

• Security and Privacy Best Practices
• Phishing Safety
• All About the New Device Sign-in Email
• Unauthorized Access: What to Do if Your Laptop/Phone is Lost or Stolen
• Receiving Support Securely

Still have questions? Reach out to the Jane Privacy and Security team at [email protected] or [email protected].