TEXLINE SECURITY & COMPLIANCE
Effective Date: January 17, 2026
Texline is designed from the ground up for healthcare communication. This document provides an overview of our compliance posture and security safeguards.
OUR COMMITMENT
"We act as a service provider to clinics. Clinics own patient data and obtain consent. We process data securely on their behalf, in compliance with Canadian privacy law. Our AI supports operational workflows and does not provide medical advice."
REGULATORY COMPLIANCE
Texline complies with Canadian privacy legislation:
| Regulation | Description |
|---|---|
| PIPEDA | Federal privacy law for commercial activities |
| PHIPA (Ontario) | Personal Health Information Protection Act |
| HIA (Alberta) | Health Information Act |
| PIPA (BC) | Personal Information Protection Act |
| CASL | Canada's Anti-Spam Legislation |
Our security and operational safeguards are aligned with healthcare industry standards.
DATA RESPONSIBILITY MODEL
| Your Clinic (Data Custodian) | Texline (Service Provider) |
|---|---|
| Owns all patient data | Processes data on your behalf |
| Responsible for patient consent | Follows your instructions |
| Determines communication content | Facilitates communications |
| Controls access to patient data | Implements security safeguards |
SECURITY SAFEGUARDS
Technical Controls
- Encryption in transit (TLS 1.2+)
- Encryption at rest (AES-256)
- Role-based access controls
- Secure authentication
- Regular security assessments
Operational Controls
- Employee privacy training
- Confidentiality agreements
- Incident response plan
- Audit logging
- Breach notification procedures
AI SAFEGUARDS
Texline's AI features are designed for operational support, not clinical decision-making:
- No medical advice: AI does not provide diagnosis, treatment, or clinical guidance
- Human oversight: Clinics review and approve AI-assisted workflows
- Emergency prohibition: Service must not be used for medical emergencies
- Accuracy disclaimer: AI outputs should be verified by qualified staff
FREQUENTLY ASKED QUESTIONS
Is Texline HIPAA compliant?
HIPAA is U.S. federal law and does not apply in Canada. Texline complies with Canadian privacy laws including PIPEDA and applicable provincial health privacy legislation (PHIPA, HIA, PIPA). Our security and operational safeguards are aligned with healthcare industry standards commonly associated with HIPAA.
Who owns the patient data?
Your clinic owns all patient data. Texline processes data only on your behalf and according to your instructions.
Do you have a Data Processing Agreement?
Yes. Our Data Processing Addendum (DPA) is incorporated into our Terms of Service and available for review.
Where is data stored?
Data is stored in secure cloud infrastructure. Some data may be processed in the United States through our service providers. We ensure appropriate safeguards are in place for cross-border transfers.
CONTACT
For security or compliance inquiries:
Email: info@texline.ai
Web: texline.ai