FrontRx Privacy Policy and Personal Information Protection Notice
Last updated: July 6, 2026
Organization: FrontRx Inc. (in French, FrontRx : Agents Intelligents)
Head office: 8595 Boul. Saint-Laurent, Montréal, Québec, H2P 2M9, Canada
Privacy Officer / RPRP contact: [email protected]
Scope
FrontRx operates a clinical workflow platform that may include a public website, a dedicated physician web portal, mobile applications on iOS and Android, AI-assisted transcription, draft clinical-note generation, draft prescription/order-support workflows, patient-list management, secure communications including eFax, and RAMQ billing-support workflows.
This policy applies to personal information and personal health information processed through FrontRx by healthcare professionals, clinics, authorized users, patients, and other individuals whose information is handled through the platform. FrontRx is not an electronic medical record (EMR) and is not the official patient record. Healthcare professionals and clinics remain responsible for deciding what clinical outputs should be validated, signed, exported, filed, or retained in their official record systems.
Important clinical AI notice
FrontRx uses artificial intelligence only as a clinical and administrative support tool. AI-generated transcripts, notes, prescription/order drafts, billing-support outputs, and summaries are drafts. They must be reviewed, validated, edited where necessary, and approved by the responsible licensed healthcare professional before being used, signed, transmitted, or added to an official patient record. FrontRx does not make clinical decisions, diagnose patients, prescribe treatment, replace professional judgment, or provide medical advice directly to patients.
Legal and regulatory framework
FrontRx is designed to support compliance with applicable Québec and Canadian privacy and healthcare requirements, including the Act respecting the Protection of Personal Information in the Private Sector, the Civil Code of Québec, Québec confidentiality-incident rules, applicable MSSS/TGV expectations, PIPEDA where applicable, and other applicable healthcare privacy and security laws. Where other jurisdictions apply, FrontRx uses contractual and technical safeguards appropriate to the sensitivity of the data.
Information we collect
FrontRx collects only information that is reasonably necessary for the purposes described in this policy and in the EFVP.
4.1 Healthcare-professional and authorized-user information
We may collect: name, professional email address, phone and fax number, professional licence number, specialty, role, clinic affiliation, practice location, identity or licence photographs submitted for verification, account credentials, authentication events, IP address, browser and device information, operating system, pages or features used, buttons clicked, time spent on the platform, audit logs, security logs, and consent-logging metadata.
4.2 Patient information processed through the platform
Depending on the workflow configured by the clinic or healthcare professional, FrontRx may process: patient name, date of birth, gender, medical record number, provincial health insurance/RAMQ number, health-card photograph, bed number, unit, admission date, audio recording of a consultation, transcript of the consultation, medical history, current clinical history, lab results, clinical reports, prior clinical notes, ICD-10/CIM-10 diagnostic codes, medication list, dosage and renewal information, medication-interaction information, prescription/order-support fields, RAMQ billing codes, and other clinical information disclosed during the encounter and reasonably necessary for the requested FrontRx workflow.
4.3 Cookies and website usage
The public website and platform may use cookies and similar technologies that are necessary for security, authentication, session management, preferences, performance, and auditability. Users may configure their browser to refuse some cookies, but some platform features may not work without necessary cookies.
Why we collect and use information
FrontRx uses personal information only for defined and proportionate purposes:
- creating, authenticating, and managing healthcare-professional accounts;
- verifying professional credentials and controlling access;
- documenting valid patient consent and healthcare-professional authorization;
- recording or receiving clinical information for AI-assisted transcription;
- converting spoken dialogue into draft structured notes, prescriptions/orders, and other clinical-support outputs;
- supporting patient-list workflows and continuity of care within authorized clinic workspaces;
- supporting RAMQ billing-support report preparation;
- securely transmitting authorized outputs, including by eFax where configured;
- securing the platform, monitoring access, preventing misuse, detecting incidents, investigating audit events, and improving reliability;
- complying with legal, professional, contractual, and audit obligations.
FrontRx does not use production personal health information for model training, software development, testing, or non-production environments. Testing and development must use synthetic or legally de-identified data.
Consent
6.1 Healthcare-professional consent and authorization
Healthcare professionals are presented with the Privacy Policy and Terms of Use during account creation and onboarding. Acceptance and key processing steps are logged to support traceability, auditability, and proof of authorization. Healthcare professionals are responsible for using the platform only within their authorized professional role and clinic context.
6.2 Patient consent
Because the platform may process sensitive health information, the healthcare professional must obtain the patient's explicit verbal consent that is free, informed, specific, and understandable before any encounter recording or platform-assisted processing begins. The professional must explain the relevant privacy information to the patient, including the nature of the information processed, the purposes, the role of AI as a draft support tool, the retention/destruction approach, and the patient's rights. The professional records the consent event in the platform interface. FrontRx logs the timestamp, policy/notice version, interaction context, and necessary technical metadata to provide proof of consent.
6.3 Minors
Healthcare professionals must verify the patient's age. In Québec, a minor aged 14 or older may generally provide consent directly. For a minor under 14, the healthcare professional must obtain and log consent from the holder of parental authority or legal guardian before processing through FrontRx.
6.4 Withdrawal of consent
A patient may withdraw consent through the responsible clinic or healthcare professional. Where legally and technically permitted, the clinic or authorized user may delete the applicable encounter recording, transcript, or generated output. FrontRx may retain transaction, audit, security, backup, and consent-proof records where required for legal compliance, security, accountability, and proof of consent.
Disclosure and vendors
FrontRx shares or makes information available only as necessary for the authorized service, legal compliance, security, or business operation.
7.1 Clinics and authorized healthcare professionals
Patient information may be made available to authorized users within the relevant clinic or healthcare organization according to role-based access controls and the clinic's configuration. Access is limited to users who need the information for care, billing support, security, administration, or audit purposes.
7.2 Service providers and subprocessors
FrontRx uses service providers under contractual controls, including data-processing obligations, confidentiality, auditability, breach-notification commitments, access controls, and restrictions on unauthorized use or retention. The EFVP identifies Microsoft Azure for transcription and generation workflows and AWS Canada Central/Québec for hosting, resilience, and fallback generation. These providers must protect information through strong security measures and may process information only for the purposes authorized by FrontRx and the clinic workflow. Vendor arrangements are reviewed against applicable Québec privacy requirements and MSSS/TGV expectations.
7.3 eFax and external communications
Where configured, FrontRx may support secure eFax transmission of authorized clinical notes, summaries, prescriptions, or other outputs to external care sites or pharmacies. Before sending, the platform requires clinician identity verification and confirmation of the destination fax number. Transmissions are logged and restricted to authorized users.
7.4 Law enforcement and legal requests
FrontRx provides personal information to public authorities only where legally required or authorized, such as under a valid court order or where urgent legal obligations apply. Where permitted, FrontRx will notify the affected clinic or individual before disclosure.
Location of processing and data residency
FrontRx is designed around Canadian hosting and data residency controls. The EFVP describes Canadian infrastructure, including AWS Canada Central located in Québec for applicable hosting and resilience controls and Canadian-region controls for relevant Microsoft Azure services. FrontRx does not transfer personal health information outside Canada unless permitted by applicable law, supported by appropriate contractual and technical safeguards, and authorized where required.
Security safeguards
FrontRx applies administrative, technical, and physical safeguards appropriate to the sensitivity of health information, including:
- TLS 1.3 or equivalent encryption in transit;
- AES-256 encryption at rest;
- NIST-aligned cryptographic key management and secure destruction practices;
- role-based access control and least-privilege access;
- multi-factor/two-factor authentication;
- unique user identifiers and no shared accounts;
- audit logs and administrative activity monitoring;
- vulnerability management, incident response, and security training;
- separation of production and non-production environments;
- strict prohibition on production data use for development, testing, or training.
No electronic system is completely risk-free, but FrontRx uses commercially reasonable and risk-based safeguards to protect information against unauthorized access, use, disclosure, loss, alteration, or destruction.
Retention and destruction
FrontRx retains information only for as long as necessary for the authorized purposes, clinic configuration, legal obligations, security, and auditability.
Current EFVP-aligned retention principles include:
- patient identification photographs and professional credential photographs: destroyed immediately after extraction or manual validation, or within the short technical verification window if applicable;
- encounter audio: destroyed after transcription or within the clinic-configured deletion policy, up to 24 hours;
- raw transcript: destroyed at the end of the healthcare professional's session or, if retained for quality assurance/debugging under approved controls, within 24 hours;
- generated note, prescription/order-support record, patient list, and RAMQ billing-support data: retained according to finite clinic-configured settings and the lifecycle of the support record, with 15 days as the default and contract-configurable periods up to 30 or 365 days where justified;
- application usage, audit, security, and technical residual metadata: retained only as necessary for security and compliance, with residual technical metadata generally limited to a maximum of one year;
- proof-of-consent records: archived securely for up to six years where required to demonstrate valid consent and compliance;
- backups: encrypted and destroyed after a maximum of 30 days according to the backup lifecycle.
Destruction is performed using secure deletion methods aligned with NIST 800-88 where applicable. The Privacy Officer/RPRP supervises the retention schedule and security personnel validate secure-destruction controls.
Individual rights
Subject to applicable law and the role of the clinic as custodian of the official clinical record, individuals may request access to their personal information, correction of inaccurate information, withdrawal of consent, information about disclosures, deletion where legally permitted, or complaint handling. Patients should direct clinical-record corrections to the responsible healthcare professional or clinic because the clinic's EMR or practice management system remains the official clinical record. FrontRx will support the clinic in responding to valid requests.
Requests may be sent to [email protected]. FrontRx aims to respond within 30 days or within the timeline required by applicable law. Individuals may also complain to the Commission d'accès à l'information du Québec where applicable.
Confidentiality incidents
FrontRx maintains a confidentiality-incident management process. Suspected or confirmed unauthorized access, use, disclosure, loss, or destruction of personal information is logged, triaged, investigated, remediated, and entered into the incident register as required. Where an incident presents a risk of serious injury or triggers legal notification obligations, FrontRx will work with the relevant clinic and legal advisors to notify affected persons, the Commission d'accès à l'information, and other required parties without unreasonable delay and within applicable timelines.
Changes to this policy
FrontRx may update this policy to reflect changes to the platform, EFVP, law, vendors, or safeguards. Material changes will be communicated to clinics and made available through the website or platform. The applicable version is logged for consent-proof purposes.
Contact
Privacy Officer / Responsable de la protection des renseignements personnels (RPRP)
- [email protected]
- FrontRx Inc. / FrontRx : Agents Intelligents
- 8595 Boul. Saint-Laurent, Montréal, Québec, H2P 2M9, Canada
