Privacy and Compliance


Ensho uses industry-leading administrative, physical and technical safeguards to protect the health information they process on behalf of their customers against loss, theft, unauthorized access, disclosure, copying, inappropriate use and modification. This includes collecting and storing the minimum amount of patient information necessary for delivering reliable service to their customers.

Ensho applies the principles of Privacy by Design by:

  • Implementing asymmetric encryption protocols that de-identify the data in their possession in a manner that allows our customers to re-identify patients when necessary
  • Retaining information for the minimum amount of time necessary to deliver services
  • Restricting access to sensitive information to only those that interact with it
  • Making their data privacy and security policies publicly available

Ensho adheres to the health information privacy laws in each province where they provide services. You may view the specific privacy memorandum for your province using the links below:


Use of Information, Confidentiality and Publications

All information generated in this program will be considered highly confidential and will not be disclosed to anyone not directly concerned with the program without the Scientific Committee and EOCI’s prior written permission.

Documentation and Reporting of Adverse Events (AEs) and Serious Adverse Events (SAEs)

Since there is no formal treatment intervention or mandated treatment and all treatment decisions are left to the physician’s discretion, suspected Adverse Events to medications prescribed during the program should be reported by the participating physician as part of routine clinical care and in compliance with Health Canada requirements.

This program has been reviewed and approved by Optimum, an independent ethics review board, including approval to waive the need for individual patient consent, as there is no risk to patients (file no 1005). Approval letter is available upon request.