PIPEDA
Canada's federal Personal Information Protection and Electronic Documents Act governs how private sector organizations collect, use and disclose personal information to ensure data confidentiality.

Protecting your healthcare data with high security standards
Petal empowers healthcare organizations with a data-driven cloud platform designed to orchestrate all care delivery workflows in real-time. As such, Petal places the utmost importance on data security.
Data used through Petal solutions remains the client’s property and is hosted in Canada.
Petal's policies and procedures are based on cybersecurity and privacy best practices, including compliance with PIPEDA and GDPR.
Canada's federal Personal Information Protection and Electronic Documents Act governs how private sector organizations collect, use and disclose personal information to ensure data confidentiality.
The General Data Protection Regulation increases protection for persons whose personal information has been processed as well as the accountability of those involved in this processing.
Petal customers have full control and can determine the type of permissions and roles assigned to users.
To increase data protection, the Petal platform limits the ability to save personal health information on local or personal devices.
In order to offer the highest level of security and confidentiality, the Petal platform is hosted on the renowned Microsoft Azure cloud servers.
Microsoft Azure complies with the highest security standards as well as several international standards and certifications such as ISO/IEC 27001: 2013, ISO 27018, HDS, FedRAMP, SOC 1, 2 and 3, PCI DSS, HIPAA.
Petal works continuously to prevent, detect and respond to cyber-attacks and incidents beyond its control.
Petal's security policies and practices are based on the industry’s best standards, such as ISO 27001, NIST and OWASP for application security.
Petal has established a comprehensive incident management reporting process in the event of an incident, outage or privacy breach.