Solutions purpose-built for the most complex healthcare program delivery needs.

Our innovative EMR solutions are configurable to meet the unique needs of organizations with complex workflows across multiple disciplines

Committed to your success.

Our Professional Services team is here to ensure the success of your program roll-out

Patient Privacy Notice

Profile Patient Portal 

Last updated: January 3, 2024

Intrahealth Systems Limited is committed to protecting the privacy of its users. We make every effort to ensure that our users understand the nature, purposes and consequences of the collection, use, and disclosure of their personal information, which we explain in this Privacy Notice. Please read it carefully.

If we make any material changes to this Privacy Notice, we will notify you. Still, we encourage you to consult it from time to time.

  1. What is “personal information”?

Personal information means any information that can be used, either alone or in combination with other information, to identify you.

  1. What personal information does Intrahealth collect, how and why?

We collect your name, date of birth, mobile phone number and email address to provide you easy and secure access to your medical records.

The Profile Patient Portal App gives you access to your clinical medical records and related data (your “Patient File”), which are maintained by your healthcare provider. We use your personal information to facilitate this process.

Your healthcare provider may give access to your personal information to another healthcare provider, as necessary to provide you healthcare. You can find out more in our Terms and Conditions,

When you register to use the Profile Patient Portal App or Profile Web Portal, you will be directed to a form, where we will collect your name, to identify you, your date of birth to verify your identity and provide secure access to your clinical medical records using the Profile Patient Portal App or Profile Web Portal, as well as your mobile phone number and email address to communicate with you.

We also automatically collect certain technical information, such as your device’s IP address and device ID, which we use for security and to detect possible fraudulent use of your account.

We use your mobile phone number to send you a PIN in order to verify your account. When you use the Profile Patient Portal App or Profile Web Portal, we collect your personal information and convert it into a scrambled piece of text, called a “hash.” At the same time, your healthcare provider (who may also be using the Profile Provider App or Profile Provider Web Portal) creates an identical hash from the personal information you have previously provided to them. We then link the two hashes on our system, which enables us to securely validate your access to your Patient File.

  1. How and why does Intrahealth share my personal information?

We only share your personal information with service providers who help us provide you with the Profile App, or otherwise as required by law or in connection with the sale or our business.

We use Microsoft Azure to host, manage, and run the Central Repository and Processes to support Profile, and in the process, we share your personal information with Microsoft Azure. We only allow our Microsoft Azure (and its employees and contractors) to access or use your personal information for the purposes of carrying out these services, and our agreement with Microsoft Azure requires it to keep your information secure. Microsoft Azure stores your personal information in Canada.

We may share your personal information with government, regulatory or law enforcement agencies as requested by these agencies, if we have a good faith belief that the disclosure is required or permitted by law. We may also share your personal information in order to enforce our legal rights; to detect, prevent or address fraud or security issues; and to enforce others’ or our legal rights, property, or safety.

We may also transfer or assign your personal information to third parties because of, or in connection with a sale, merger, consolidation, change in control, transfer of assets, reorganization, or liquidation.

  1. How does Intrahealth keep my personal information safe?

We protect your information using industry-standard technical and administrative safeguards. 

We protect your personal information from being lost or stolen using industry-standard technical safeguards, which include:

  • Encrypting your password
  • Hashing information when possible
  • Send security messages to your email or SMS when connecting from an untrusted device or on changes of key security information
  • Hosting our database with Microsoft Azure, which is certified under the ISO 27018 Standard Code of practice for protection of personally identifiable information (PII) in public clouds; and
  • Using a firewall to protect our database from hackers and other malicious intruders.

In addition, we restrict access to your personal information to only those Intrahealth employees and service providers who need it for the purposes we identified above at Section 3.  Anyone with this access is required to keep your information strictly confidential. However, you should be aware that no system is 100% secure, and despite our best efforts, we cannot guarantee that your information will be secure, particularly while it is in transit over the Internet.

We do not knowingly collect the personal information of individuals under the age of majority in their province or territory of residence.

  1. How long does Intrahealth keep my information?

We only retain your personal information for as long as you keep your account. When you delete your account, we securely destroy your personal information.

  1. How can I access or correct my personal information?

You may contact us using the information below to request a copy of your personal information. We will correct any inaccuracies that you bring to your attention.


If you have any questions or concerns about this Privacy Notice, you can contact Intrahealth’s Privacy Officer at:


Patient Privacy Officer
Intrahealth Systems Limited c/- Intrahealth Global Operations Limited
390, 889 Harbourside Drive
North Vancouver BC V7P3S1

If you are not satisfied with our response, you may contact the federal Office of the Privacy Commissioner. If you live in B.C., you may contact the Office of Information and Privacy Commissioner for British Columbia. If you live in Alberta, you may contact the Office of the Information and Privacy Commissioner of Alberta. If you live in Québec, you may contact the Commission d’accès à l’information.Prof

Talk to an expert!

Let us show you how Profile can be configured to meet the unique needs of your program.

Please fill out our contact form and we will get in touch with you shortly.

We may send you periodic emails about news and events. We respect your inbox and you can unsubscribe at any time.