Prescriber / Provider Privacy Policy

Last updated: May 26, 2026

This Prescriber / Provider Privacy Policy explains how Mednow may collect, use, disclose, retain, and protect information in connection with the Prescriber / MedVisit app and related provider services. This Policy applies to prescribers, nurse practitioners, physician assistants, physicians, pharmacists, contractors, employees, or other healthcare providers who access or use Mednow provider tools, where applicable.

This Policy is intended to supplement any other Mednow privacy policy, provider agreement, terms of use, professional agreement, or operational policy that applies to your relationship with Mednow. If there is a conflict between this Policy and a written agreement that specifically governs your provider relationship with Mednow, that agreement may apply to the extent of the conflict.

1. Information We Collect

When you use the Prescriber / MedVisit app or related provider services, we may collect information from and about you, your device, your account, your provider profile, your scheduling and availability activity, documents you upload, communications you send or receive, and patient-care workflows you access or complete through the app.

This information may be collected directly from you, from your account or onboarding process, from documents you upload, from your use of app features, from Mednow operational systems, from service providers, or from integrations enabled for provider workflows.

2. Identity and Contact Information

We may collect identity and contact information such as your name, prefix, designation, email address, phone number, home phone number, date of birth, sex or gender, address, and languages spoken.

We may use this information to create, verify, and administer your account; support onboarding; communicate with you; maintain provider profiles; support scheduling and assignments; provide operational support; and comply with legal, regulatory, professional, audit, payment, tax/accounting, contractual, and operational requirements.

3. Professional Credentials and Licensing Information

We may collect professional credential, licensing, billing, and provider profile information, including CPSO number, OHIP billing number, College of Family Physicians of Canada number, professional designation, current place of work, Family Health Organization status, assigned areas, preferred zones, and related professional profile information.

We may use this information to assess eligibility, verify or administer provider participation, support credentialing and professional review, manage billing or compensation workflows, assign or offer work opportunities, display or maintain provider records, and meet legal, regulatory, professional, audit, payment, tax/accounting, contractual, and operational requirements.

4. Insurance and Professional Coverage Information

Where applicable, we may collect professional insurance or coverage information, including CMPA membership number, CMPA expiry date, CMPA proof of membership, or other professional coverage information.

We may use this information to support onboarding, verify ongoing eligibility, confirm coverage status, manage provider records, and comply with legal, regulatory, professional, audit, payment, tax/accounting, contractual, and operational retention requirements.

5. Uploaded Documents, Images, and Files

You may be asked or permitted to upload documents, images, or files through the app or related provider workflows. These may include government identification, passport, driver's licence, CMPA proof of membership, VOID cheque or banking document, CV or resume, credential documents, support documents, chat or support attachments, and other files you choose to provide.

We may use uploaded documents to verify identity, credentials, professional status, insurance or coverage, payment or compensation setup, provider eligibility, support requests, and operational administration. Uploaded documents may contain sensitive information. You should only upload documents that are requested or reasonably necessary for the relevant provider workflow.

6. Banking, Billing, and Compensation Information

Where applicable, we may collect compensation, billing, or payment administration information, including VOID cheque or banking documents, OHIP billing number, payout records, payment preferences, tax/accounting information, and related correspondence.

We may use this information to administer compensation, billing, payroll or contractor payment workflows, payout eligibility, payment reconciliation, tax/accounting processes, fraud prevention, support, dispute review, and other payment-related operations. Retention of this information may be subject to legal, regulatory, professional, audit, payment, tax/accounting, contractual, and operational requirements.

7. Work Preferences, Scheduling, Availability, and Location

We may collect work preferences and scheduling information, including work type preference, desired days per week, preferred working days, preferred start date, referral source or referred-by prescriber, preferred zones, assigned areas, availability entries, shift information, standby opportunities, appointment routes, route optimization data, start and end visit location, location-unavailable reasons, and related operational workflow information.

Where location features are enabled, we may collect or process approximate or precise location information to support visits, routing, route optimization, shift workflows, map display, current-location features, visit start and end validation, standby or assignment workflows, safety, quality, audit, and operational support. Location collection and use may depend on your device settings, app permissions, and feature availability.

8. Signature and Prescription-Related Information

Where enabled, we may collect and store your electronic signature or signature-related data, including signature paths, signature timestamps, and related metadata. We may use this information to support prescription, clinical, or other authorized provider workflows.

We may also process prescription-related information associated with your use of the app, including prescriptions, medication details, prescription notes, signature status, prescribing workflow data, task notes, and related audit or operational records. These records may be retained subject to legal, regulatory, professional, audit, clinical, payment, tax/accounting, contractual, and operational retention requirements.

9. Patient-Care Information Processed Through the App

The Prescriber / MedVisit app may allow providers to view, create, review, update, or otherwise process patient-care information. This may include appointments, patient details, visit workflow data, prescriptions, SOAP notes, task notes, asynchronous appointment review information, questionnaire responses, masked-call metadata, clinical decisions, and related support or operational information.

Providers are expected to handle patient-care information confidentially and in accordance with applicable privacy, health information, professional, regulatory, contractual, and Mednow requirements. Mednow may process this information to operate the service, support clinical and operational workflows, maintain records, provide support, comply with legal and professional obligations, and support audit, safety, quality, payment, tax/accounting, and retention requirements.

10. Communications and Notifications

We may collect and process communications and notification-related information, including chat and support messages, attachments, call or masked-call metadata where enabled, notification preferences, push notification tokens, device identifiers, platform or provider information, account messages, support requests, and related timestamps.

We may use this information to provide support, route communications, deliver notifications, operate chat or messaging features, manage appointment, shift, payout, support, security, or workflow alerts, and maintain operational records. Push notifications may be delivered through service providers such as APNs, FCM, Expo notification services, or other providers where enabled.

11. Authentication, Device, and App Information

We may collect or process authentication, session, device, and app information, including login credentials, password reset or setup information, session tokens, device identifiers, app settings, notification preferences, platform information, and security-related information.

Where biometric unlock features are enabled, biometric verification is generally handled by your device operating system. Mednow does not need to receive your biometric template to provide local biometric unlock functionality, but the app may store settings indicating that biometric unlock is enabled.

12. How We Use Information

We may use provider information for purposes including:

• creating, verifying, administering, supporting, securing, and maintaining provider accounts;
• onboarding, credentialing, eligibility review, insurance or coverage verification, and professional administration;
• operating clinical, prescription, patient-care, scheduling, routing, shift, standby, support, and communication workflows;
• administering billing, compensation, payment, payroll, contractor payment, reconciliation, tax/accounting, and dispute processes;
• delivering notifications, support messages, service updates, security alerts, and operational communications;
• preventing fraud, misuse, unauthorized access, privacy incidents, security incidents, unsafe conduct, or violations of Mednow policies;
• maintaining audit logs, quality assurance records, safety records, operational records, and compliance records;
• complying with legal, regulatory, professional, contractual, audit, clinical, payment, tax/accounting, and operational obligations; and
• improving, maintaining, troubleshooting, and supporting the app and related provider services.

13. Service Providers and Integrations

We may use service providers and integrations to operate the Prescriber / MedVisit app and related provider services. These may include backend hosting and storage providers, document storage or processing providers, payment or compensation processors, notification providers, map and location providers, address lookup providers, authentication or single sign-on providers, telephony or masked-call providers, support or communication providers, and other operational vendors.

Examples of integrations that may be relevant, where enabled, include Google Maps, Google Places, Apple Maps, APNs, FCM, Expo services, Google or Apple sign-in, and backend systems used to store and process provider, document, scheduling, payment, and patient-care workflow information. Specific providers may change over time.

14. Disclosure of Information

We may disclose provider information where reasonably necessary for the purposes described in this Policy, including to Mednow affiliates, personnel, contractors, service providers, professional advisors, payment or compensation administrators, technology providers, support providers, legal or regulatory bodies, professional or licensing bodies, and other parties where required or permitted by law, contract, professional obligations, or Mednow policies.

We may also disclose information where necessary to protect patient safety, provider safety, system security, Mednow operations, legal rights, compliance obligations, or to investigate suspected fraud, privacy incidents, security incidents, misuse, unsafe conduct, or policy violations.

15. Account Access, Correction, Deactivation, Deletion Requests, and Retention

Provider accounts may be created, invited, activated, deactivated, suspended, or terminated through Mednow provider workflows. If you wish to request access to, correction of, deactivation of, or deletion of your provider account or personal information, you may contact Mednow using the privacy contact information below or any other process Mednow makes available.

Deletion or de-identification may not be available for all records. We may retain information where required or permitted for legal, regulatory, professional, audit, clinical, payment, tax/accounting, fraud prevention, dispute, safety, quality assurance, contractual, and operational purposes. This may include provider credential records, uploaded documents, compensation records, signatures, prescriptions, patient-care records, appointment records, chat or support records, audit logs, and account records.

16. Security and Storage

We use administrative, technical, and organizational safeguards intended to protect provider, document, account, and patient-care information. These safeguards may include access controls, authentication, secure device storage for certain session information, encrypted communications where supported, temporary or signed document access links where enabled, operational logging controls, and role-based access processes.

No system is completely secure. You are responsible for protecting your device, account credentials, session access, and any information you download, access, or store through the app. You should not share your account, password, session, device access, or authorized electronic signature access with anyone.

17. Cross-Border and Service Provider Processing

Information may be processed or stored by Mednow, its affiliates, or service providers in Canada or other jurisdictions, where applicable. Information processed outside your province, territory, or country may be subject to the laws of that jurisdiction. Mednow may use contractual, technical, and organizational safeguards with service providers where appropriate.

18. Your Choices and Responsibilities

You may have choices through your device settings, app permissions, account settings, or Mednow support processes. For example, you may be able to manage certain notification settings, location permissions, biometric unlock settings, or account information. Some features may not function properly if required permissions or information are not provided.

You are responsible for keeping your contact, credential, insurance, billing, availability, and account information accurate and current. You are also responsible for complying with applicable privacy, health information, professional, regulatory, contractual, and Mednow obligations when accessing or using patient-care information through the app.

19. Changes to This Policy

We may update this Policy from time to time. If we make material changes, we may provide notice through the app, website, email, or other appropriate channels. The “Last updated” date indicates when this Policy was last revised.

20. Contacting Mednow

For privacy questions, requests, or concerns about the Prescriber / MedVisit app or provider information, please contact Mednow using the privacy contact information approved for publication.

• Email: pharmacy-pharmacy-privacy@mednow.ca
• Mailing address: 110-61 International Blvd, Etobicoke, ON M9W 6K4
• Additional process for provider account deletion/deactivation requests: Request deletion in app.