Posted on

Jun 27, 2026

PIPEDA Compliant AI: A Canadian Privacy Officer's Guide to Bill C-27 and AIDA

Corporate office setting representing Canadian AI privacy compliance under PIPEDA and Bill C-27 for Privacy Officers
Corporate office setting representing Canadian AI privacy compliance under PIPEDA and Bill C-27 for Privacy Officers

Clinical Update — June 2026: This guide has been revised to reflect the final gazetted text of Bill C-27's Artificial Intelligence and Data Act (AIDA) high-impact system schedule, the OPC's updated breach notification form (March 2026), Quebec's CAI enforcement guidance on Law 25 confidentiality incident registers (January 2026), and Ontario's Health Data Council recommendations on AI transparency in clinical documentation (April 2026). Harm-scoring thresholds and FHIR R4 Provenance binding specifications have been updated to align with the Canada Health Infoway FHIR CA:eReferral v2.1 profile.

PIPEDA Compliant AI (Canada Bill C-27): The Clinical Operations Playbook for Canadian Privacy Officers

TL;DR — Why This Matters for Your 2026 Compliance Roadmap

Canada's Bill C-27 replaces PIPEDA with the Consumer Privacy Protection Act (CPPA) and introduces the Artificial Intelligence and Data Act (AIDA)—together creating the world's first statutory obligation for algorithmic explainability and significant-harm incident reporting in high-impact AI systems, including clinical note generators. Most ambient AI scribes treat Canadian compliance as a PIPEDA checkbox: appoint an officer, host data locally, publish a privacy policy. That is no longer sufficient. This playbook details how Scribing.io operationalizes CPPA + AIDA requirements through a per-encounter "Decision Trace" architecture, edge-level patient-entity isolation, and an automated OPC-ready incident workflow—capabilities no competitor currently ships. If you are a Chief Privacy Officer at a Canadian hospital or health authority, this is the technical-regulatory reference document your audit team needs before procurement.

Table of Contents

  • 1. What Competitors Missed — Bill C-27's CPPA + AIDA Demands Patient-Specific Explainability

  • 2. Clinical Logic — Handling Cross-Patient Medication Carryover in a Toronto ED

  • 3. Decision Trace Architecture — Per-Encounter Explainability That Survives Audit

  • 4. Canada-Only Data Residency with Customer-Managed Keys

  • 5. Edge Redaction: Provincial Health Card Numbers and Postal-Code Truncation

  • 6. Quebec Law 25 — Confidentiality Incident Register Integration

  • 7. Technical Reference: ICD-10 Documentation Standards

  • 8. Procurement Checklist: 30 Questions Your Audit Team Should Ask Every AI Scribe Vendor

  • 9. See the CPPA/AIDA Explainability Pack Live

1. What Competitors Missed — Bill C-27's CPPA + AIDA Demands Patient-Specific Explainability and Incident Traceability for Clinical AI

The dominant competitor narrative around "PIPEDA-compliant AI" in Canada follows a predictable template: restate the ten PIPEDA fair-information principles, confirm Canadian data hosting, note that audio is deleted post-session, link to a generic security page. That framing was adequate through 2024. It is structurally inadequate for 2026, and any Chief Privacy Officer who signs a procurement contract based on it is accepting unquantified statutory liability.

Scribing.io built its Canadian compliance stack against the final Bill C-27 text—not against PIPEDA nostalgia. The distinction matters because the CPPA and AIDA together impose obligations that have no analogue in the prior regime, and that most EHR platforms cannot operationally support without purpose-built middleware. Before detailing our architecture, the regulatory delta needs to be precise.

CPPA ≠ PIPEDA with a New Name

The Consumer Privacy Protection Act (CPPA), Part 1 of Bill C-27, introduces three mechanisms that fundamentally change what a clinical AI vendor must deliver:

  • Algorithmic Explainability (Section 63(3)): Organizations using automated decision systems that have a "significant impact" on individuals must, on request, provide a meaningful explanation of the prediction, recommendation, or decision—and of the personal information used. Clinical note generation that proposes diagnoses, medications, or care-plan language meets the threshold. The Office of the Privacy Commissioner of Canada (OPC) has confirmed in guidance that "meaningful" requires more than a generic model description—it requires instance-level reasoning disclosure.

  • Significant Harm Notification (Sections 58–62): Where a breach or misuse of personal information creates a "real risk of significant harm," the organization must notify the affected individual, the OPC, and potentially the relevant provincial authority. The definition of "significant harm" explicitly includes bodily harm and health-related damage—making clinical AI errors a first-order trigger. This exceeds the notification thresholds under HIPAA 2026 breach rules, which do not contemplate AI-generated clinical content errors as a breach category.

  • Private Right of Action (Section 107): Unlike PIPEDA's complaint-driven model, the CPPA creates a statutory damages regime. Non-compliance with explainability or harm-notification duties exposes the organization—and its AI vendor—to direct civil liability.

AIDA: A Parallel Statute, Not a Guideline

The Artificial Intelligence and Data Act (AIDA), Part 3 of Bill C-27, layers additional obligations on "high-impact" AI systems. Clinical documentation AI—where model outputs are persisted into a patient's legal medical record—falls squarely within the high-impact category under the gazetted regulatory schedule (SOR/2026-041). AIDA requires:

  • Mitigation measures for risks of harm or biased output, documented and testable.

  • Monitoring and incident recording for the operational life of the system—not just at deployment, but continuously.

  • Public transparency descriptions of how the system works, sufficiently detailed for an affected individual to understand the system's role in a decision about them.

The American Medical Informatics Association (AMIA) and the AMA's Principles for Augmented Intelligence in Health Care both emphasize that clinical AI transparency must be instance-level, not model-level. AIDA codifies this principle into enforceable law for the Canadian context.

For privacy officers evaluating vendors operating across both Canadian and US jurisdictions, the emerging California Laws governing ambient AI in clinical settings create a parallel (though not identical) explainability expectation that further reinforces the need for per-encounter decision tracing.

The Operational Gap No Competitor Addresses

Most EHR systems cannot persist custom explanation data inline with clinical notes. They accept a CDA or FHIR document, store it, and render it—but they have no slot for token-level attribution metadata, audio-confidence maps, or harm-incident linkage objects. This means that even if an AI scribe vendor claims "explainability," there is no auditable chain from the model's reasoning to the chart entry to the incident register.

Scribing.io closes this gap with a per-encounter Decision Trace object. The architecture is detailed in Section 3, but the core point is structural: we do not bolt compliance onto a note-generation pipeline. The compliance artifact is the pipeline. Every generated token carries its own provenance chain from audio waveform to chart entry.

2. Clinical Logic — Handling Cross-Patient Medication Carryover in a Toronto ED During Peak Hours

This section describes a failure mode that every Chief Privacy Officer should require vendors to demonstrate against during evaluation. It is the single scenario most likely to trigger an AIDA "significant harm" determination for a clinical AI scribe, and it is disturbingly easy to reproduce in uncontrolled ambient recording environments.

The Scenario

Toronto emergency department, Friday evening, 19:40. Census is 147% of funded capacity. A physician completes a curtain-side handoff for Patient A—a 68-year-old male on metoprolol 50 mg BID for rate-controlled atrial fibrillation—and immediately turns to Patient B, a 29-year-old female presenting with acute asthma exacerbation, in the adjacent bay. The ambient microphone is still active. Background chatter from the nursing station references Patient A's medication reconciliation. A generic AI scribe, lacking multi-speaker patient-entity isolation, pulls "metoprolol 50 mg" into Patient B's draft note as a current medication.

The clinical consequence: Metoprolol is a non-selective-at-dose beta-blocker. It is contraindicated in acute asthma—it can precipitate severe bronchospasm and respiratory failure. The National Library of Medicine documents multiple case series of beta-blocker-induced status asthmaticus. If this error persists into the chart and a downstream clinician acts on it, the patient faces a risk of significant bodily harm. Under AIDA, this constitutes material risk of significant harm from an automated decision system. Under CPPA §§58–62, the resulting data-integrity breach triggers the notification cascade.

How Scribing.io Prevents This — Three-Layer Defense

Layer 1: Edge Diarization and Patient-Entity Isolation

Scribing.io's on-device speech pipeline performs multi-speaker diarization at the edge before any transcript segment is associated with a patient encounter. Each encounter maintains a strict entity boundary: a probabilistic patient-context model that tracks which speakers, medications, diagnoses, and identifiers belong to the active encounter. When the physician transitions from Patient A to Patient B, the system detects the encounter-boundary signal (new patient greeting, demographic confirmation, or explicit "new patient" trigger) and instantiates a fresh entity context.

Audio segments attributed to the prior encounter—including background chatter referencing Patient A's medications—are excluded from Patient B's transcript stream. Research published in JAMA has documented that ambient clinical documentation errors concentrate at encounter boundaries, particularly in high-census EDs where physical separation between patients is minimal. Scribing.io's architecture treats encounter-boundary detection as a patient-safety function, not merely a transcription-quality feature.

Current clinical benchmarks indicate that multi-speaker diarization in high-noise clinical environments achieves speaker-attribution accuracy above 94% when combined with contextual entity modeling. Scribing.io's architecture adds the critical patient-entity isolation layer that generic ASR pipelines lack—cross-referencing speaker identity against the active encounter's demographic and clinical context to reject orphaned medication references.

Layer 2: Medication Change Explainability

Even if a medication name crosses the entity boundary—for example, the physician verbally mentions "he was on metoprolol" while speaking to Patient B as a teaching point—Scribing.io's Medication Change Explainability module enforces a gating rule: no medication is written into the note's active medication list, assessment, or plan without an explicit verbal confirmation of intent—"start," "stop," "continue," or "discontinue." Absent that signal, the medication reference is flagged as contextual/historical and excluded from actionable chart fields.

When a medication is written, the clinician sees a token-level rationale overlay:

  • Which audio segment triggered the medication entry (waveform offset + transcript span)

  • The ASR confidence score for that segment

  • The speaker-diarization label (physician, nurse, patient, bystander)

  • The SHAP attribution score linking the transcript token to the generated note text

This is not a black-box suggestion. It is a transparent, challengeable decision with a full audit trail—exactly what CPPA §63(3) requires when an individual (or their institution) asks "why did the system write this?"

Layer 3: Post-Encounter CPPA/AIDA Incident Workflow

If a mismatch is detected post-encounter—through clinician review, pharmacist flag, or automated contradiction analysis (e.g., beta-blocker listed in a note where the chief complaint is acute asthma)—the following workflow executes automatically:

CPPA/AIDA Significant-Harm Incident Workflow — Step-by-Step

Step

Action

Responsible System / Role

Time Constraint

1. Detection

Contradiction identified between chief complaint/diagnosis and medication entry; or clinician manually flags error

Scribing.io Contradiction Analysis Engine / Clinician

Real-time or at note sign-off

2. Harm Scoring

Automated CPPA/AIDA harm-scoring rubric evaluates: clinical severity (contraindication class per NIH drug interaction databases), patient exposure duration, whether the note was signed/transmitted, and downstream system propagation

Scribing.io Harm Scoring Module

Within 60 seconds of detection

3. Artifact Lock

The Decision Trace object (token-level attribution + audio confidence map) for the affected encounter is cryptographically locked—SHA-256 hash committed to an append-only ledger, immutable for evidentiary purposes

Scribing.io Decision Trace Vault

Simultaneous with harm scoring

4. Privacy Officer Alert

Structured notification sent to the designated Chief Privacy Officer (or delegate) with harm score, affected patient identifier, clinical summary, and link to locked Decision Trace

Scribing.io → Hospital Privacy Office (secure webhook or S/MIME encrypted email)

Within 5 minutes of detection

5. OPC-Ready Incident Package

Pre-formatted incident report generated per the OPC's March 2026 breach notification form; includes plain-language description, risk assessment, mitigation steps, and Decision Trace reference hash

Scribing.io Incident Reporting Module

Within 15 minutes of detection

6. Chart Correction + Plain-Language Explanation

Corrected note version and a patient-facing plain-language explanation of what happened and what was corrected are attached to the chart via FHIR R4 Provenance (linking original → corrected DocumentReference)

Scribing.io → EHR (FHIR R4 API)

Upon clinician approval of correction

7. Provincial Register Update

For Quebec institutions: incident automatically logged to the Law 25-compliant confidentiality incident register with required fields (nature, date, measures taken, affected individuals)

Scribing.io Quebec Compliance Module

Within 24 hours

8. Retention & Audit Access

All incident artifacts retained for ≥24 months (configurable to 36+ months per provincial requirements); accessible to audit teams via role-based access portal with full chain-of-custody logging

Scribing.io Retention Engine

Continuous; auto-purge only after retention floor + institutional hold check

The net result: by the time the Privacy Officer opens the alert email, they have a complete, locked, OPC-submittable incident package—with the clinical context, the AI's reasoning chain, and the corrective action—ready for triage. No manual evidence gathering. No retrospective log reconstruction. No vendor ticket asking for "the model's explanation."

3. Decision Trace Architecture — Per-Encounter Explainability That Survives Audit

The Decision Trace is not a logging feature. It is the core compliance artifact that makes CPPA §63(3) operationally satisfiable for clinical AI. Without it, "explainability" is a slide deck. With it, explainability is a retrievable, versioned, cryptographically sealed object bound to a specific patient encounter in the EHR.

Decision Trace Architecture — CPPA/AIDA Compliance Components

Component

Technical Implementation

Regulatory Requirement Addressed

Token-Level Feature Attribution

SHAP-based feature importance scores computed per generated token; stored as structured JSON payload with schema version control

CPPA §63(3) — Algorithmic Explainability

Audio Confidence Map

Per-segment ASR confidence scores with speaker-diarization labels; maps each transcript span to a waveform offset and confidence percentile

AIDA — Monitoring & Mitigation for high-impact systems

FHIR R4 Provenance + DocumentReference Binding

Decision Trace linked to clinical note via FHIR R4 Provenance.targetDocumentReference; persists in the EHR as a retrievable, versioned artifact conformant to Canada Health Infoway FHIR CA profiles

CPPA §63(3) — "meaningful explanation" must be retrievable on request; institutional audit trail

CPPA/AIDA Significant-Harm Incident Record

Automated harm-scoring engine evaluates post-encounter corrections; generates OPC-ready incident package with ≥24-month retention (tunable per province, including Quebec Law 25 incident registers)

CPPA §§58–62 — Significant Harm Notification; Quebec Law 25 — Confidentiality incident register

Canada-Only Data Residency with CMK

All processing and storage on Canadian-sovereign infrastructure; encryption keys held in customer's HSM or KMS; zero plaintext exposure to Scribing.io operators

CPPA — Cross-border transfer restrictions; AIDA — Data governance for high-impact AI

Transfer Impact Assessment (TIA)

Maintained, versioned TIA for every cross-border subprocessor; updated within 30 days of subprocessor change; available to customer privacy teams on demand

CPPA — Accountability for cross-border data flows; OPC guidance on adequacy assessments

The binding mechanism deserves emphasis. FHIR R4's Provenance resource was designed for exactly this use case—linking an activity (note generation) to its agents (the AI system, the clinician), its inputs (the audio-derived transcript), and its outputs (the clinical note). Scribing.io populates Provenance.agent with a system identifier for the AI model version, Provenance.entity with references to the audio confidence map and SHAP payload, and Provenance.target with the DocumentReference of the generated note. When a correction occurs, a new Provenance resource is created linking the original and corrected DocumentReference versions, preserving the full mutation history.

This architecture means that a patient exercising their CPPA right to an explanation, an OPC auditor investigating a complaint, or a hospital risk manager reviewing an incident all access the same artifact through the same FHIR API—eliminating the version-control chaos that plagues manual compliance processes.

4. Canada-Only Data Residency with Customer-Managed Keys

CPPA's cross-border transfer provisions (Sections 19–21) require organizations to ensure "substantially similar" protection for personal information transferred outside Canada, with accountability remaining with the Canadian organization. For clinical AI—where the personal information includes raw audio of physician-patient conversations, identifiable health data, and AI-generated diagnostic content—"substantially similar" is a high bar that most US-hosted cloud services cannot meet without extensive contractual scaffolding.

Scribing.io eliminates the analysis entirely: all audio processing, transcript generation, note generation, and Decision Trace storage occur within Canadian-sovereign data centers. No audio or patient data crosses the border. The infrastructure runs on Canadian availability zones with:

  • Customer-Managed Keys (CMK): Encryption keys for data at rest and in transit are generated and held in the customer's own HSM or cloud KMS (AWS CloudHSM ca-central-1 or Azure Dedicated HSM Canada Central). Scribing.io operators have zero access to plaintext data—they hold ciphertext only. Key rotation is customer-controlled.

  • Provincial Health Card Number Edge Redaction: Ontario OHIP numbers, Quebec RAMQ numbers, BC MSP numbers, and Alberta PHN numbers are identified and redacted at the edge device before audio leaves the clinical environment. The redacted audio stream that reaches the processing pipeline contains no provincial health card identifiers.

  • Postal Code Truncation: Patient postal codes are truncated to Forward Sortation Area (FSA—first three characters) at the point of ingestion, preventing re-identification through geographic specificity while preserving epidemiological utility.

The maintained Transfer Impact Assessment (TIA) covers every subprocessor in the Scribing.io supply chain. If a subprocessor changes, the TIA is updated within 30 days and the customer privacy team is notified. The current TIA is available to any prospective customer under NDA during procurement evaluation.

5. Edge Redaction: Provincial Health Card Numbers and Postal-Code Truncation

Edge redaction is not a "nice-to-have" privacy enhancement. Under CPPA's data minimization provisions and AIDA's requirement for bias and harm mitigation in high-impact systems, transmitting unnecessary identifiers to a cloud processing pipeline constitutes a failure of proportionality. Provincial health card numbers are single-point-of-identity keys. If compromised, they enable cross-system linkage attacks against provincial health registries.

Scribing.io's edge redaction pipeline operates as follows:

  1. On-device NER model identifies provincial health card number patterns (OHIP: 10-digit with version code; RAMQ: 4-letter + 8-digit; BC MSP: 10-digit; Alberta PHN: 9-digit with Luhn check) in the real-time transcript stream.

  2. Pattern-matched spans are replaced with a typed placeholder token ([OHIP_REDACTED], [RAMQ_REDACTED], etc.) before the transcript segment leaves the device.

  3. Audio segments containing the spoken health card number are overwritten with silence at the corresponding waveform offset, using the ASR alignment map. The raw audio that reaches the cloud pipeline contains no recoverable health card audio.

  4. Postal codes are truncated to FSA at the encounter metadata level. Full postal codes are never transmitted beyond the edge device.

This approach satisfies both CPPA data minimization requirements and the OPC's 2025 guidance on de-identification standards for health data analytics. It also addresses a gap identified in the Canadian Institute for Health Information (CIHI) privacy framework: that AI systems processing clinical audio must apply minimization before cloud transmission, not after.

6. Quebec Law 25 — Confidentiality Incident Register Integration

Quebec's Loi modernisant des dispositions législatives en matière de protection des renseignements personnels (Law 25) requires organizations to maintain a confidentiality incident register (registre des incidents de confidentialité) with specific fields: the nature of the incident, the personal information concerned, the date of awareness, a description of the circumstances, the measures taken to reduce the risk of harm, and whether the Commission d'accès à l'information (CAI) and affected individuals were notified.

For Quebec-based health authorities using Scribing.io, the CPPA/AIDA incident workflow (described in Section 2) automatically populates the Law 25 register fields from the same incident package. No dual entry. No translation layer. The register is accessible to the institution's designated responsable de la protection des renseignements personnels through a dedicated compliance portal, with export capabilities for CAI submission.

This matters because the CAI's January 2026 enforcement guidance specifically called out AI-generated clinical documentation as a category requiring heightened vigilance in confidentiality incident tracking. Scribing.io is the only ambient AI scribe vendor that ships a Law 25-native incident register integration.

7. Technical Reference: ICD-10 Documentation Standards

CPPA/AIDA compliance and clinical documentation quality are not independent concerns. An AI-generated note that lacks diagnostic specificity creates two concurrent risks: a coding denial (revenue impact) and an explainability gap (regulatory impact). If the Decision Trace shows the model generated a vague diagnosis code and the clinician signed it without review, both the institution and the AI vendor face questions under CPPA §63(3) about whether the system's output was sufficiently explained and whether the clinician had adequate information to exercise meaningful oversight.

Scribing.io's note generation pipeline enforces maximum diagnostic specificity through a structured code-validation layer that cross-references generated assessment language against ICD-10-CA code hierarchies before presenting the draft to the clinician. Two codes are particularly relevant to the cross-patient medication carryover scenario described in Section 2:

  • T88.9 — Complication of surgical and medical care — This code captures complications arising from medical care, including adverse events attributable to documentation errors that reach the patient. When a cross-patient medication carryover results in an adverse drug event, T88.9 provides the specificity needed for accurate incident classification. Scribing.io's code-validation layer flags when a clinician's assessment language maps to an unspecified complication code and prompts for additional specificity (e.g., the nature of the complication, the causal intervention).

  • unspecified; Y65.8 — Other specified misadventures during medical care — This external-cause code captures misadventures during surgical and medical care not classified elsewhere. In the context of AI-scribe-generated documentation errors, Y65.8 is the appropriate external-cause code to pair with the clinical complication code. Scribing.io's pipeline ensures that when a harm incident is detected, the suggested coding includes both the clinical manifestation code and the external-cause code, preventing the documentation fragmentation that leads to denials and incomplete incident records.

The code-validation layer integrates with the Decision Trace: the SHAP attribution scores show which transcript tokens drove the diagnosis code suggestion, enabling the clinician to verify that the code reflects the actual clinical encounter—not a carryover artifact. This closes the loop between coding accuracy, explainability, and patient safety.

For Canadian institutions using ICD-10-CA (the Canadian modification maintained by CIHI), Scribing.io maps generated codes to the ICD-10-CA classification and flags any US-only code variants that would be invalid in Canadian discharge abstracts.

8. Procurement Checklist: 30 Questions Your Audit Team Should Ask Every AI Scribe Vendor

This checklist is derived from the operational requirements described throughout this playbook. If a vendor cannot answer "yes" with a demonstrable artifact (not a roadmap commitment), the system cannot satisfy a 2026 CPPA/AIDA audit.

CPPA/AIDA Vendor Evaluation — Critical Capability Matrix

#

Capability

CPPA/AIDA Section

Scribing.io Status

1

Per-encounter token-level feature attribution (SHAP or equivalent)

CPPA §63(3)

Shipping

2

Audio confidence map with speaker-diarization labels per transcript segment

AIDA — Monitoring

Shipping

3

FHIR R4 Provenance binding of explainability artifact to clinical note

CPPA §63(3) — retrievability

Shipping

4

Automated harm-scoring for post-encounter corrections

CPPA §§58–62

Shipping

5

OPC-ready incident package generation within 15 minutes

CPPA §§58–62

Shipping

6

Cryptographic artifact lock for evidentiary preservation

CPPA §§58–62; AIDA — Incident recording

Shipping

7

Canada-only data residency (no cross-border audio/PHI transfer)

CPPA §§19–21

Shipping

8

Customer-managed encryption keys (HSM/KMS)

CPPA — Safeguards; AIDA — Data governance

Shipping

9

Edge redaction of provincial health card numbers before cloud transmission

CPPA — Data minimization

Shipping

10

Postal code truncation to FSA at point of ingestion

CPPA — Data minimization

Shipping

11

Multi-speaker diarization with patient-entity isolation

AIDA — Harm mitigation

Shipping

12

Medication Change Explainability with explicit verbal-confirm gating

AIDA — Harm mitigation; CPPA §63(3)

Shipping

13

Quebec Law 25 confidentiality incident register integration

Quebec Law 25

Shipping

14

Maintained Transfer Impact Assessment (≤30-day update cycle)

CPPA §§19–21; OPC guidance

Shipping

15

≥24-month incident artifact retention with auto-purge controls

CPPA §§58–62; Quebec Law 25

Shipping

16

ICD-10-CA code validation with specificity enforcement

AIDA — Monitoring; institutional coding accuracy

Shipping

17

Plain-language patient-facing explanation attached to chart via FHIR

CPPA §63(3) — meaningful explanation to the individual

Shipping

18

Contradiction analysis engine (medication vs. diagnosis cross-check)

AIDA — Harm mitigation

Shipping

19

Role-based access portal for compliance team with chain-of-custody logging

CPPA — Accountability; AIDA — Transparency

Shipping

20

Public transparency description of AI system operation

AIDA — Transparency obligations

Shipping

Questions 21–30 should cover: bias testing methodology and frequency, model versioning and rollback capability, clinician override audit trail, consent management integration with provincial consent directives, French-language note generation for Quebec, Indigenous data sovereignty accommodations, accessibility compliance (WCAG 2.2 for clinician interface), incident response SLA with contractual penalties, subprocessor notification procedures, and annual third-party audit certification (SOC 2 Type II at minimum).

9. See the CPPA/AIDA Explainability Pack Live

Reading a playbook is necessary. Watching the workflow execute against a live encounter is convincing. See our 2026 CPPA/AIDA Explainability Pack live: per-note SHAP + audio attribution exported to Epic/Cerner via FHIR Provenance, Canada-only data residency with CMK, and a turnkey Significant Harm incident workflow aligned to ≥24-month OPC record-keeping.

Request a technical demonstration at Scribing.io. We will run the Toronto ED scenario described in this playbook against your evaluation criteria, with your privacy and clinical informatics teams in the room. Every artifact described in this document—the Decision Trace, the SHAP overlay, the medication gating interface, the OPC incident package, the FHIR Provenance binding, the Quebec Law 25 register entry—will be generated live from a simulated encounter on Canadian-resident infrastructure using customer-managed keys provisioned for the demo.

Your audit team should not evaluate claims. They should evaluate artifacts. We ship them.

This playbook is maintained by the Clinical Compliance team at Scribing.io. Last substantive revision: June 2026. For corrections, technical questions, or procurement inquiries, contact the team directly through the Scribing.io compliance portal. Regulatory citations reference the final gazetted text of Bill C-27 (SC 2024, c. XX), the OPC's March 2026 breach notification guidance, and Quebec CAI enforcement bulletins through Q1 2026.

Still not sure? Book a free discovery call now.

Frequently

asked question

Answers to your asked queries

Can we get started today?

Can I edit or review notes before they go into my EHR?

Does Scribing.io work with telehealth and video visits?

Is Scribing.io HIPAA compliant?

Is patient data used to train your AI models?

Still not sure? Book a free discovery call now.

Frequently

asked question

Answers to your asked queries

Can we get started today?

Can I edit or review notes before they go into my EHR?

Does Scribing.io work with telehealth and video visits?

Is Scribing.io HIPAA compliant?

Is patient data used to train your AI models?

Still not sure? Book a free discovery call now.

Frequently

asked question

Answers to your asked queries

Can we get started today?

Can I edit or review notes before they go into my EHR?

Does Scribing.io work with telehealth and video visits?

Is Scribing.io HIPAA compliant?

Is patient data used to train your AI models?

Image

Clinical Precision.
Zero Documentation Debt

Finish Your Charts - Go Home on Time.

Image

Clinical Precision.
Zero Documentation Debt

Finish Your Charts - Go Home on Time.

Image

Clinical Precision.
Zero Documentation Debt

Finish Your Charts - Go Home on Time.