Find and Fix the Gaps in Your Privacy and Security

A Privacy Impact Assessment (PIA) establishes your plan for compliant clinic operations, data protection, and privacy breach prevention across all aspects of your healthcare clinic.

Why You Need A Privacy Impact Assessment

A PIA is the process of examining how your clinic collects, uses, discloses, and disposes of protected patient information to establish administrative, physical, and technology safeguards that protect the data in your care against reasonably anticipated threats. 

In some jurisdictions such as Alberta, Canada, PIAs are mandatory for many healthcare professions. Privacy legislation around the world is evolving to require PIAs for all businesses. 


Often more than 300 pages long, a PIA is your team’s playbook for compliant operations designed to avoid privacy breaches in your practice and keep you, your staff, and your patients safe.

A proper PIA examines all aspects of your practice for impacts to privacy and establishes a plan for breach prevention.

Get an Expert Assessment of Your Clinic’s Privacy Risk

Our thorough assessments and robust data protection strategies provide you with a customized privacy framework that ensures all sensitive data is handled securely and in compliance with privacy regulations. Here are some of the top reasons why clinics choose Brightsquid to complete their PIA.

Healthcare Privacy Experts

With decades of collective experience in healthcare privacy and compliance consulting, our nationally-certified team shares a deep level of understanding in how privacy regulations apply to operations in dozens of clinic types and business settings.

More Than A Checkbox

A strong PIA lays the foundation for privacy compliance at your clinic. Ongoing compliance takes ongoing effort and support. Our team will be available to help you navigate the overwhelming world of privacy for a full year after we begin working together (or longer if you choose).

Comprehensive Approach

Our PIA services cover the full range of data processing and patient management activities in your clinic. Your subscription also includes compliance and breach prevention training, breach investigation and reporting, regular check-ins, and oncall Privacy Officer support.

Does Your Clinic Require a PIA?

Any clinic anywhere can, and should, complete a PIA.

Clinics in 11 disciplines in the province of Alberta are required by law to complete, submit and keep-up-to-date a Privacy Impact Assessment.The following professionals are required to submit a PIA to the Office of Information and Privacy Commissioner in Alberta.

Want to Know How Your Clinic is at Risk?

Book a call with our privacy experts to discuss your PIA process.