OslerAI adheres to the "10 Fair Information Principles" as outlined in the Personal Information Protection and Electronic Documents Act (PIPEDA), Canada’s federal privacy law for the private sector. These principles are recognized internationally and are reflected in privacy legislation around the world.

OslerAI follows these principles as outlined below:

1. Accountability

We are responsible for the personal information under our control and have designated individuals accountable for ensuring compliance with these principles.

OslerAI has a publicly designated privacy officer to lead compliance efforts. All staff and representatives sign privacy and security agreements that outline their obligations concerning the data handled by our AI training platform.

2. Identifying Purposes

We will clearly identify the purpose for collecting personal information at the time of collection.

OslerAI uses personal information only for the purpose of improving healthcare professionals’ training through simulated patient interactions. The information collected is used to create realistic scenarios and provide feedback to healthcare professionals. All data collected for training purposes will be stored securely and used solely for that purpose.

3. Consent

Knowledge and consent are required for the collection, use, or disclosure of personal information, except where legally permissible without consent.

Healthcare professionals using our platform are required to obtain patient consent for using the AI for training scenarios before interacting with the system. If patient information is used for training purposes, explicit consent will be required.

4. Limiting Collection

We will collect only the personal information necessary for the purposes identified.

OslerAI ensures that personal information collected for training is limited to that which is necessary to simulate realistic patient interactions and provide feedback. Only relevant information, such as details needed for training scenarios, will be collected and processed.

5. Limiting Use, Disclosure, and Retention

Personal information will not be used or disclosed for purposes other than those for which it was collected, unless with consent or as required by law.

OslerAI does not use personal information outside the scope of the AI training system. The personal information collected will be retained only as long as necessary to fulfill the purpose of training and feedback. Once the data is no longer needed, it will be securely deleted.

6. Accuracy

Personal information will be kept as accurate, complete, and up-to-date as necessary for its intended use.

The data collected will be regularly updated to reflect any changes made by healthcare professionals and patients to ensure that training scenarios remain relevant and accurate. Healthcare professionals may also review and update their profiles as needed.

7. Safeguards

Personal information will be protected by appropriate security safeguards.

OslerAI uses industry-standard encryption, including 256-bit AES encryption, to protect all personal information stored within the system. Access to sensitive data is limited to authorized personnel, and all data is securely stored and transmitted within the platform. Additional safeguards, such as password protection and user access restrictions, are in place.

8. Openness

We will make information about our privacy practices readily available to individuals.

OslerAI is committed to transparency and provides clear information about our privacy policies on our website. We also offer detailed information about how we collect, use, and protect personal information in the context of training healthcare professionals.

9. Individual Access

Upon request, individuals will be informed of the existence, use, and disclosure of their personal information and will have access to it.

Healthcare professionals and patients may request access to their personal information collected through our platform. As the information is used for training purposes only, we will provide access in accordance with relevant privacy laws. Any corrections to personal information will be promptly updated in the system.

10. Challenging Compliance

Individuals will be able to challenge compliance with the above principles.

Individuals may raise any concerns about our compliance with these principles to our designated privacy officer. We are committed to addressing these concerns promptly and taking corrective actions where necessary.