Any information collected that identifies who you are, and any health information stored with that identifying information,

is called Personal Health Information. As a healthcare company in Ontario, Canada, we have obligations to follow the

Personal Health Information Protection Act (PHIPA). Here is how we are keeping your information safe:


Hardware: All computers, phones, and other physical devices that have access to email and scheduling software used to conduct client referrals are encrypted and password protected. All other personal health information is collected on physical paper, and remain in a locked cabinet in a secure office when not in use.


Email: Although email use between Kinthera and clients is limited, we sometimes must resort to email to provide service to clients. When using email, any sensitive personal health information will be password protected. Any emails sent or received that contain personal health information will be deleted after 3 months. This is the maximum amount of time we would ever need to connect a client with a therapist, and therefore does not need to remain live after this amount of time has passed. 


De-identifying: Any information collected will be de-identified 3 months after collection. This is the maximum amount of time we would ever need this information, and therefore must properly remove any identifying information related to the data we have collected (ie name, email, and phone number). Any other information that we do keep will not be identifiable; there is no reasonable way anyone can identify who’s data it is. Any de-identified data stored for later use is used solely as demographic data. This information better informs our matching processes and analyzes which populations are accessing our services. 


Conducting a referral: We provide therapists with limited personal health information that is necessary for them to receive a client, including adequate information for them to schedule a therapy session. This information is provided through secure software, ensuring the information is not disrupted during transmission.


Accessing information: Only necessary Kinthera personnel have access to any personal health information provided by a client, aside from applicable therapists, as noted above. All contact with personal health information will be recorded in an audit log including information outlined in PHIPA. This log will be recorded outside of electronic technology and stored in a locked cabinet in a secure office. 

There are components of PHIPA that must be followed in very specific ways, while other components leave an organization with the flexibility to choose how they will comply. The above information only informs you of how Kinthera is complying with these more flexible components. However, we are also compliant with all other components of PHIPA. For more information on PHIPA, visit the Government of Ontario website.


Kinthera has only one health care custodian and no other contact persons with access to personal health information. Should you have any questions about your personal health information, this person can be reached at:

     Emily Chatten


Emily can be reached during regular, weekday business hours. Should you not immediately reach Emily, please provide 1-2 business days for a response.


After providing personal health information to Kinthera, should you need to revise or update this information, you have the right to do so. It is reminded that your personal health information will only be held for 3 months, after which time it will be de-identified. To make any revisions or updates during this 3 month period, please contact:


     Emily Chatten



Emily can be reached during regular, weekday business hours. Should you not immediately reach Emily, please provide 1-2 business days for a response.


Should you feel Kinthera is mishandling or is about to mishandle personal health information according to PHIPA, it is your right to submit a complaint to the Commissioner regarding this offense. In order to do so:

  1. Go to the Information and Privacy Commissioner of Ontario website

  2. Submit a written complaint within 1 year after the subject-matter of the complaint first came to the attention of the complainant or should reasonably have come to the attention of the complainant, whichever is shorter

Your personal health information is very important to us. Should you have any concerns or questions about any of the above policies or procedures, please do not hesitate to contact us. We would be more than happy to go over any of our practices in greater detail, and are always seeking feedback.