At Compass Pro, protecting practice and patient information is a core responsibility.
Compass Pro is Canadian-built dental and orthodontic practice management software designed for practices that manage sensitive patient information. Its security safeguards and configurable tools help practices support applicable privacy and security obligations in Canada, the United States, and the European Union.
End-to-End Data Protection
- Data Encryption — Compass Pro uses encryption safeguards for data at rest and in transit, including AES-256 and TLS 1.2+ where technically applicable.
- Secure Canadian Hosting — Compass Pro environments and customer data for Canadian practices are hosted in Canada using AWS cloud infrastructure, with encrypted backups, monitoring, and redundancy safeguards.
- Role-Based Access Control (RBAC) – Ensure staff have access only to what they need. Permissions are fully configurable for administrators.
Compliance You Can Trust
Compass Pro is developed and operated in Canada and includes safeguards designed to support practices in meeting applicable privacy and security obligations.
- PIPEDA (Canada) — Designed to support applicable requirements under Canada’s Personal Information Protection and Electronic Documents Act.
- PHIPA (Ontario) – Supports privacy requirements for dental and healthcare providers within provincial jurisdictions.
- HIPAA (U.S.) – Supports administrative, physical, and technical safeguards for practices operating in the United States.
- GDPR (EU) – Includes configurable tools for consent management, data access requests, and right-to-be-forgotten controls.
- Audit Trails – Every access, change, and transaction is logged for full accountability.
Compass Pro’s security practices are informed by recognized security frameworks. References to these frameworks do not constitute certification.
Continuous Monitoring and Reliability
- Reliable Cloud Infrastructure — Redundant cloud infrastructure is designed to support reliable access and service continuity.
- Security Monitoring — Monitoring and alerts help identify and respond to potential threats.
- Security Testing — Security testing and review processes help identify potential vulnerabilities and support remediation.
- Automated Backups – Encrypted daily backups with disaster recovery safeguards.
Secure Communication
- Patient Communications — Email, SMS, and eFax capabilities are supported through configured communication services and applicable security safeguards.
- Patient Portal — The Patient Portal provides controlled access to supported patient-facing information and services.
- Electronic Signatures — Electronic signature capabilities help practices manage signing workflows and documentation requirements.
Security and compliance are shared responsibilities.
Compass Pro provides software safeguards, access controls, training, and configurable tools. Each practice remains responsible for its internal policies, user permissions, staff training, device security, configuration, and day-to-day handling of patient information.
Together, these measures help protect patient information and support your practice’s privacy and security obligations.
Disclaimer
Compass Pro includes safeguards and configurable tools designed to support applicable requirements under PIPEDA, PHIPA, HIPAA, and GDPR. Compass Pro does not provide formal certification, regulatory endorsement, or legal advice. Each dental or orthodontic practice remains responsible for determining and meeting its legal obligations, including through appropriate policies, configuration, staff training, access controls, and system use.
