At MDBilling.ca, the privacy and security of your data is our highest priority
See why hospitals and thousands of doctors trust us with their clinic and patient data
Proven Security Model
How we protect your files
MDBilling.ca is designed with multiple layers of protection across a reliable infrastructure. Securely access your account from anywhere there’s an internet connection: desktop, web, and mobile.
How we protect your privacy
As stewards of health information, we maintain a rigorous policy to safeguard your data. We keep your data in Canada and tightly control the collection, use and disclosure of your information.
How we protect your account
MDBilling.ca helps you secure your account with features that enhance your protection. To keep your account safe, set up two-step authentication, manage user access, and adjust your security settings.
Protect your files
Safe custodian of data
MDBilling.ca protects your data between our application (web and mobile app) and our servers, as well as files in storage. This means your files are secured from end-to-end with tough, 256-bit SSL encryption. The same level of security as your bank.
Hourly data backups
Business continuity is vital for all companies, particularly those on the front lines. We back up our entire suite every hour. That includes all of your data, which is stored in a secure facility. Should the unthinkable happen at your place of work or at home, we’ve got your back. Simply, log into your account and all of your claims, preferences and settings will be ready for you.
Rigorous compliance testing
We’ve gone to great lengths to ensure that not only do we believe our systems protect your data but that independent parties have confirmed our platform to be safe and secure. MDBilling.ca has successfully completed conformance testing to meet the standards of the BC Medical Services Plan (MSP) system, which allows secure access to Teleplan. In addition, we have undertaken and finalized a Privacy Risk Assessment (PIA) and Threat and Risk Assessment (TRA) by a certified third-party vendor.
Web Application Firewall (WAF)
To further restrict access to your data, we have implemented an advanced Web Application Firewall (WAF) from Cloudflare. This ensures that only people working from authorized locations can log into our systems while protecting from malicious activity like DDoS attacks, malicious bots, and other nefarious intrusions.
Vulnerability scanning and penetration testing
Our servers are scanned for vulnerabilities regularly. These scans test our servers to identify any new security problems. Security concerns are addressed and contained quickly. In addition, we have employed third-party security experts to perform detailed penetration tests on different applications within our family of products.
Privacy protection
Privacy policy
Your files and data belong to you and your patients. In fact, we allow 100% portability so that you can remove any item at any time. While those files are in our systems, we strive to maintain confidentiality at all times through our privacy policy.
Privacy training for all staff
From the day someone starts with MDBilling.ca we focus on privacy. Our employee onboarding program includes extensive training on privacy and their legal obligation to protect Personal Health Information (PHI). As well, on a continuous basis our staff is required to complete periodic training and assessments to ensure that everyone understands and keeps privacy at the top of their mind.
Privacy compliance
We take privacy regulations seriously. We are in compliance with Ontario’s PHIPPA and British Columbia’s FIPPA & PIPA regulations and have completed a Privacy Impact Assessment (PIA) that verifies PHI is safely stored and shared only with those who are also in compliance and have a need for the data (like the Ministry of Health and Long-Term Care, for example).
Independent Canadian owned and operated
MDBilling.ca is 100% privately owned and operated by Canadians and your data is stored in securely Canadian facilities. Our sole source of revenue is from payments to our customers from our products and services. We will not monetize your data, nor target you with sales campaigns by another organization.
Protect your account
Choose a strong and unique password
Do not share passwords with other people or services, and choose a password that is not easy to guess. When creating an account or resetting your password, you can use our password strength tester to test your password.
Be aware of phishing and malicious programs
In order to steal confidential information, attackers may impersonate MDBilling.ca or other services you trust. Please pay special attention to unfamiliar e-mails, websites and links, and don’t let these contents trick you into entering confidential information such as passwords. Also, if you see something suspicious on MDBilling.ca, please report the problem to us.
Audit and monitoring of access logs
We have implemented granular logs to see who has accessed your patient records. We continuously monitor these logs and take rapid action on any suspicious activity.
Manage authorized users
MDBilling.ca makes it easy to manage your medical billing duties but in some cases you may want to delegate this work to someone else. As a best security practice, be sure to only grant permission to people you know and trust, restrict their privileges to only the data they need and remove those who have left your organization immediately. You can add users and revoke access to your account with just a few clicks. Learn more about user management.
What's next?
How to articles
Medical billing software
Contact us
If you have concerns about our security and privacy practice, or if you see suspicious activity, here’s how you can reach us.