All servicesS.01 · Privacy Compliance
Privacy Compliance
PHIPA, PIPEDA & FIPPA/MFIPPA privacy programs that protect data and survive an audit.
Why you might need it
Customer and patient trust depends on how you handle their information — and “we have a policy somewhere” won’t survive a breach, a complaint, or an audit. If you handle personal or health data in Ontario, PHIPA, PIPEDA, and FIPPA/MFIPPA already apply to you, whether or not you’ve built for them.
- You’re launching a clinic, app, or service that handles personal data
- You have no Privacy Officer appointed in writing
- Your policies don’t match how your team actually works
- You’ve had a breach or complaint — or an audit is coming
What it is
We build privacy programs that function in the real world — not binders that sit on a shelf. Advisory across FIPPA, MFIPPA, PHIPA, and PIPEDA, with the documents, governance, and workflows to back them up.
Included
- Compliance advisory (FIPPA / MFIPPA / PHIPA / PIPEDA)
- Privacy policy drafting & review
- Breach response support & reporting guidance
- Governance setup (Privacy Officer, roles)
- Access-request workflows
- FOI / access-to-information request drafting & filing
Not included
- Acting as your ongoing Privacy Officer (separate retainer)
- Complex cybersecurity or IT audits
- Representation in privacy litigation or judicial review
Packages & pricing
Privacy Policy Draft$450
Compliance Audit (small business)$2,000
Breach Response Consulting$1,000
Privacy Starter Program$2,500 – $5,000
FOI Request Drafting & Filing$400
FOI Refusal / Redaction AssessmentQuoted after review
Timeline: Policy drafting 1–2 weeks · compliance assessment 2–4 weeks · Starter Program 2–4 weeks.
How it works
- 1Consult — understand your business and obligations
- 2Gap assessment — review policies, practices, and risks
- 3Recommendations & drafting — tailored documents
- 4Implementation — training, checklists, templates
- 5Ongoing support — updates as risks change