Privacy Policy

Effective June 4, 2026 · Version 2026-06-04

1. Introduction

SnapBill (“we,” “our,” or “us”), operated by ViteMD Inc., provides a health billing management platform for physicians and their authorized billing staff. This Privacy Policy describes how we collect, use, disclose, retain, and protect information—including personal health information—when you use our website and services (collectively, the “Service”).

This policy is governed by the Personal Health Information Protection Act, 2004 (PHIPA), Ontario’s primary law governing the collection, use, and disclosure of personal health information by health information custodians and their agents. As SnapBill operates in additional provinces, the equivalent provincial health-privacy legislation will also apply. Where applicable, the Personal Information Protection and Electronic Documents Act (PIPEDA) and substantially similar provincial private-sector privacy laws also apply to the commercial aspects of our operations.

By using the Service, you acknowledge that you have read and understand this Privacy Policy.

2. Definitions

In this Privacy Policy:

  • “Health Information Custodian” (HIC) means the physician or healthcare provider who uses SnapBill to manage billing on behalf of their patients. Under PHIPA (and equivalent legislation in other provinces), the HIC is the party with primary custody and control of personal health information.
  • “Personal Health Information” (PHI) means identifying information about an individual that relates to the individual’s physical or mental health, the provision of health care, payments or eligibility for health care, or the individual’s health number. As used in SnapBill, PHI includes but is not limited to: patient names, dates of birth, gender, health card numbers and version codes, diagnostic codes, billing codes and service dates, clinical notes, visit records, claim submission data, and responses from a Ministry of Health.
  • “Provider Information” means information about the physician or billing staff user, including name, email address, billing number, professional registration number, group number, and specialty.
  • “Electronic Service Provider” (ESP) means a person who provides goods or services for the purpose of enabling a HIC to use electronic means to collect, use, modify, disclose, retain, or dispose of PHI. SnapBill operates as an ESP and, where applicable, as an agent of the HIC.

3. Our Role Under PHIPA

SnapBill acts as an Electronic Service Provider and, where authorized, as an agent of the Health Information Custodian (the physician) under PHIPA and equivalent provincial legislation. This means:

  • The HIC retains custody and control of all PHI processed through SnapBill.
  • We process PHI solely on behalf of and under the instructions of the HIC, for the purposes described in this policy.
  • We do not use PHI for our own purposes unrelated to the Service.
  • We comply with the restrictions and conditions imposed by applicable law on ESPs and agents, including obligations regarding security, confidentiality, and notification of unauthorized access.

Physicians who use SnapBill remain responsible for obtaining any necessary patient consent and for ensuring that their use of the Service complies with applicable law and College guidelines.

4. Information We Collect

4.1 Provider Information

When you register for an account and use the Service, we collect:

  • Name, email address, and professional credentials
  • Billing number and group number
  • Professional registration number (e.g., CPSO)
  • Specialty and practice information
  • Account credentials (passwords are stored using one-way hashing and are never accessible in plaintext)

4.2 Personal Health Information (Processed on Behalf of the HIC)

In the course of providing the Service, the following PHI is processed on behalf of the HIC:

  • Patient names, dates of birth, and gender
  • Health card numbers and version codes
  • Diagnostic codes
  • Billing codes, service dates, and fee amounts
  • Clinical notes and visit records
  • Claim submission records and Ministry of Health responses received via MCEDT or equivalent systems

4.3 Usage and Analytics Data

We collect non-PHI technical data to maintain and improve the Service:

  • IP address, browser type, operating system, and device information
  • Pages visited, features used, and session duration
  • Error logs and performance metrics

5. How We Use Your Information

5.1 Billing Claim Management

We use PHI and Provider Information to enable the core functions of the Service: creating, validating, editing, and managing billing claims on behalf of the HIC.

5.2 Claim Submission to the Ministry of Health

With the HIC’s authorization, we submit billing claims to the applicable provincial Ministry of Health (in Ontario, via the Medical Claims Electronic Data Transfer (MCEDT) system), and we receive and process claim responses, remittance advice, and error reports.

5.3 Analytics for the Provider

We generate billing analytics, reports, and dashboards for the HIC to review their practice’s billing activity, claim approval rates, revenue summaries, and error trends.

5.4 AI-Assisted Claim Error Correction

SnapBill offers AI-assisted analysis to help identify and correct common billing errors. Before any claim data is sent to an external AI service, all personal health information is anonymized and de-identified. The AI service receives only de-identified billing patterns and error descriptions — never patient names, health card numbers, dates of birth, or other direct identifiers. Our AI service provider is bound by a data processing agreement that contractually prohibits it from storing, retaining, or using any submitted data for model training or any other purpose. See Section 6.3 for full details.

5.5 Service Operation and Security

We use usage and analytics data to maintain, troubleshoot, and improve the Service, and to detect and prevent unauthorized access, fraud, or abuse.

6. Disclosure to Third Parties

We do not sell, rent, or trade personal information or PHI. We may compile and share aggregate, de-identified data that does not identify any individual (see Section 6.5). We disclose identifiable information only in the following limited circumstances:

6.1 Ministry of Health

Billing claims containing PHI are submitted to the applicable provincial Ministry of Health (in Ontario, via the MCEDT system). This disclosure is made on behalf of the HIC and is required for the administration of the provincial health insurance plan, as permitted under applicable law.

6.2 Payment Processor (Stripe)

We use Stripe to process subscription and commission payments from providers. Stripe receives only the provider’s payment information (such as credit card details and billing address). No PHI is shared with Stripe. Stripe’s handling of payment information is governed by its own privacy policy and PCI-DSS compliance.

6.3 AI Services

For AI-assisted claim error correction and billing optimization, we use enterprise AI services (such as Google Cloud’s Vertex AI). Our AI data handling follows a two-layer protection model:

  • Layer 1 — Anonymization: All personal health information is redacted and de-identified before transmission to any AI service. Patient names, health card numbers, dates of birth, and other direct identifiers are stripped from the data before it leaves our servers. The AI service receives only de-identified billing code patterns, error descriptions, and fee schedule references.
  • Layer 2 — Contractual protections: Our AI service provider is bound by a data processing agreement under which it is contractually prohibited from storing, retaining, or using any data submitted through the API for model training or any other purpose. Only de-identified data is transmitted, and it is processed transiently and discarded immediately after generating a response.

These combined safeguards — pre-transmission anonymization and contractual no-storage commitments — ensure that identifiable PHI is never exposed to or retained by any third-party AI service.

6.4 Infrastructure and Service Providers

We use trusted infrastructure providers for hosting, database, storage, and email delivery. These providers process data only as necessary to operate the Service, are bound by written data processing agreements, and are selected for their security and compliance posture. Some of these providers store or process data outside Canada (see Section 12).

6.5 Aggregate and De-Identified Data

We may compile, use, and share aggregate, de-identified, and anonymized data derived from billing activity on the Service. This data does not identify any individual patient or provider and cannot reasonably be used to re-identify any person. Examples of aggregate data include average billing volumes by medical specialty, claim acceptance rates, seasonal billing patterns, and practice growth benchmarks.

Aggregate data may be shared with third parties, including financial institutions, research organizations, and industry partners, for purposes such as market analysis, benchmarking, product development, and service improvement. No personal health information, patient data, or individually identifiable provider information is included in aggregate data disclosures.

All aggregate data is compiled using a minimum group size threshold (typically five or more providers per data point) to prevent the inference of individual provider identities from small-sample data. By using the Service, you consent to the compilation and sharing of aggregate data as described in this section. If you wish to opt out of aggregate data inclusion, you may contact us at privacy@snapbill.ca.

6.6 Legal Requirements

We may disclose information where required by law, regulation, legal process, or governmental request, including in response to a court order or subpoena, or as otherwise permitted under applicable law.

7. Data Security

We implement administrative, technical, and physical safeguards to protect PHI and personal information against unauthorized access, loss, alteration, or destruction. These measures include:

  • Encryption at rest: Sensitive data is encrypted using AES-256-GCM encryption
  • Encryption in transit: All data transmitted between your browser and our servers, and between our servers and third-party services, is protected by TLS (Transport Layer Security)
  • Authentication and access control: Access to the Service requires authenticated login. Two-factor authentication (2FA) is available for all accounts
  • PHI access audit logging: Access to personal health information is logged for audit purposes
  • Rate limiting: Automated safeguards limit excessive or abnormal access patterns to prevent data scraping and abuse
  • Employee and contractor access: Access to PHI is limited to personnel who require it to provide and maintain the Service, and such individuals are bound by confidentiality obligations

No method of electronic storage or transmission is completely secure. While we employ commercially reasonable measures to protect your information, we cannot guarantee absolute security.

8. Data Retention

We retain information in accordance with the following schedule:

  • Health records and billing data (PHI): Retained for the duration of your active account plus 10 years following account closure or the last date of service, consistent with provincial record-keeping requirements and applicable retention obligations.
  • Audit logs: PHI access logs and security audit records are retained for 6 years.
  • Provider account information: Retained for the duration of your active account and for a reasonable period thereafter to fulfill legal and business obligations.
  • Usage and analytics data: Retained in aggregate or anonymized form and may be kept indefinitely to improve the Service.

When retention periods expire, data is securely deleted or de-identified in accordance with industry best practices.

9. Your Rights

9.1 Right of Access

You have the right to request access to the personal information and PHI we hold about you or that we process on your behalf. To make an access request, contact us at the email address listed in Section 15. We will process your request within 30 days.

9.2 Right to Correction

If you believe that the personal information or PHI we hold is inaccurate or incomplete, you have the right to request a correction. We will respond to correction requests within 30 days.

9.3 Right to Withdraw Consent

You may withdraw your consent for the collection, use, or disclosure of your personal information at any time, subject to legal or contractual restrictions. Please note that withdrawing consent may limit our ability to provide certain aspects of the Service. Withdrawal of consent does not affect the lawfulness of processing carried out prior to the withdrawal.

9.4 Right to Complain

If you believe your privacy rights have been violated, you have the right to file a complaint with the privacy regulator in your province. In Ontario, this is the Information and Privacy Commissioner of Ontario (IPC). See Section 15 for contact details.

10. Data Export

You may request an export of the data associated with your account. To initiate a data export request, contact us at the email address listed in Section 15. We will prepare your data package within 30 days of receiving your verified request. For security purposes, the completed data package will be delivered after a 7-day waiting period following preparation, during which you may cancel the request if it was not made by you.

11. Cookies

SnapBill uses session cookies that are essential for the operation of the Service. These cookies are used to maintain your authenticated session and security state. Our session cookies are configured with the HttpOnly and Secure flags, meaning they are not accessible to client-side scripts and are only transmitted over encrypted connections.

We use optional analytics cookies only with your consent, which you may grant or withdraw at any time. We do not engage in cross-site advertising or sell your information.

12. Data Location and Cross-Border Processing

SnapBill’s infrastructure and service providers store and process data in Canada and the United States. PHIPA does not require personal health information to be stored in Canada, and your PHI may be stored or processed outside Canada, including in the United States, by our hosting, database, storage, and AI service providers.

Where data is stored or processed outside Canada, we ensure a comparable level of protection through written data processing agreements that impose contractual confidentiality, security, and use-limitation obligations on each provider, together with the technical safeguards described in Section 7. As described in Section 6.3, only de-identified data is transmitted to AI services.

Information stored or processed in the United States may be subject to lawful access requests by U.S. authorities under U.S. law. As SnapBill expands to provinces with data-residency requirements that differ from Ontario’s, we will apply the data-location rules applicable to providers practising in those provinces.

13. Breach Notification

In the event of a theft, loss, or unauthorized use or disclosure of personal health information, we will take the following steps as required by applicable law:

  • Notify the affected Health Information Custodian(s) at the first reasonable opportunity
  • Notify affected individuals whose PHI was compromised, where required
  • Report the breach to the applicable privacy regulator (in Ontario, the Information and Privacy Commissioner of Ontario) as required by law
  • Take immediate steps to contain the breach and prevent further unauthorized access
  • Conduct an investigation and implement measures to prevent recurrence

14. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. For material changes, we will provide at least 30 days’ notice before the changes take effect, by posting a notice on the Service or by sending a notification to the email address associated with your account.

The “Effective Date” at the top of this policy indicates when it was last revised. We encourage you to review this policy periodically.

15. Contact Us

If you have questions about this Privacy Policy, wish to exercise your rights, or would like to make a data export request, please contact us:

SnapBill (ViteMD Inc.)privacy@snapbill.ca

If you are not satisfied with our response or believe that your privacy rights have been violated, you may file a complaint with the privacy regulator in your province. In Ontario:

Information and Privacy Commissioner of Ontario — 2 Bloor Street East, Suite 1400, Toronto, Ontario M4W 1A8. Telephone: 1-800-387-0073. Website: www.ipc.on.ca

We use cookies to measure site usage and improve your experience. You can manage your preferences at any time.