Legal & Scope

Platform Disclaimer
& Scope of Service.

This page clearly defines what Auditra is — an organized document storage and template management platform — and what it is not. Please read this carefully before subscribing.

Document Storage Platform Not legal advice Updated: March 1, 2026
01

Nature of the Platform

Auditra is a document storage and template management platform. It is not a law firm, a compliance certification body, a regulatory authority, or a substitute for qualified legal or professional advice. Nothing on this website, within the Auditra platform, in the Gap Assessment tool, in any email, or in any communication from Infortex Inc. constitutes legal advice, compliance certification, or a guarantee of any regulatory outcome.

No solicitor-client relationship, professional advisory relationship, or fiduciary duty of any kind is created by your use of Auditra or by any interaction with Infortex Inc.

Auditra exists to help organizations keep their compliance-related documentation organized, accessible, and structured in one place. It is a practical organizational tool — purpose-built for the kinds of records that privacy-conscious healthcare organizations typically need to maintain internally.

How those documents are used, whether they satisfy any legal obligation, and what regulatory outcomes follow are entirely outside the platform's scope and entirely within your own responsibility as the subscribing organization.

02

Templates, Not Legal Documents

All content provided within the Auditra platform — including but not limited to policy frameworks, procedure outlines, incident report forms, staff training acknowledgement records, vendor agreement structures, breach response workflows, and any other pre-built document — is provided exclusively as a starting-point template for your own internal use and adaptation.

Templates are generic by design. They have not been drafted, reviewed, or approved by legal counsel on your behalf. They are not legal opinions and do not account for your organization's specific circumstances, patient population, information systems, vendor relationships, staff structure, regulatory history, or any other factor particular to your organization.

Before relying on any template for any purpose — including responding to a regulatory inquiry, submitting any document to any body, or representing your compliance posture to any third party — you should have the document independently reviewed and adapted by a qualified Ontario privacy lawyer.

Infortex Inc. makes no representation, express or implied, that any template provided through Auditra is legally sufficient, current with regulatory interpretation, or appropriate for your specific use case. Templates are organizational scaffolding. They are not legal instruments.

03

What Auditra Provides

Auditra is an organized document vault. It provides a structured digital environment where Ontario clinics and PHI-handling organizations can store, organize, and access the types of records that an internal privacy program typically involves. Specifically, Auditra provides storage and template scaffolding across the following categories:

Privacy Governance
Policy Template Storage

A structured place to store and version your internal privacy policy documents. Templates are starting points only — your organization is responsible for adapting and finalizing them.

Access Control
Staff Access Record Templates

Template forms for recording which staff have access to which systems. Auditra does not monitor, enforce, or independently verify any actual system access.

Audit Logging
Audit Log Record Storage

A place to store audit documentation your team generates. Auditra does not connect to your systems, does not generate logs independently, and performs no monitoring of any kind.

Incident Records
Incident Report Templates

Template forms for internally documenting incidents your team identifies. Auditra does not file notifications on your behalf or assess whether a breach has legally occurred.

Training Records
Staff Training Log Templates

Template forms to record training your organization conducts. Auditra does not deliver, assess, verify, or certify any training content or program.

Vendor Management
Vendor Record Templates

Template frameworks to help organize vendor-related records. These are not legally binding agreements and have not been reviewed by counsel on your behalf.

Think of Auditra as a well-structured digital filing system. Like any filing system, it is only as reliable as what you put into it and how accurately you complete the materials stored within it. The platform organizes your documentation — it does not validate, verify, or guarantee the legal adequacy of any document.

04

What Auditra Does Not Do

The following is a non-exhaustive list of things Auditra explicitly does not do. Subscribers should not purchase or rely on Auditra under the assumption that any of the following is within scope:

  • Auditra does not provide legal advice in any form — including the content of templates, platform guidance text, tooltips, email communications, or any conversation with Infortex Inc. staff
  • Auditra does not guarantee, warrant, or represent that any organization using the platform will pass, satisfy, or be favourably treated in any IPC investigation, audit, complaint process, or regulatory proceeding
  • Auditra is not a PHIPA compliance certification. Use of Auditra does not confer any certification, accreditation, or verified compliance status on your organization
  • Auditra does not audit your actual practices. The platform stores documents — it has no visibility into and makes no assessment of your organization's actual information handling, staff conduct, or technical security
  • Auditra does not connect to, monitor, or access your EMR, practice management system, clinical records, or any patient-facing system
  • Auditra does not store, access, or process patient health records of any kind — it manages internal compliance documentation only
  • Auditra does not file any document on your behalf with the IPC, any court, any regulatory body, or any other party
  • Auditra does not replace qualified legal counsel, a privacy impact assessment, a formal audit, or any other professional service
  • Auditra does not verify the accuracy, completeness, or legal adequacy of any document you create or store within the platform
05

Your Sole Responsibility

Use of Auditra does not transfer, share, reduce, or in any way modify your organization's legal obligations under PHIPA, PIPEDA, or any other applicable legislation. All compliance obligations remain entirely and solely with your organization.

Infortex Inc. bears no responsibility whatsoever for the outcome of any IPC investigation, regulatory proceeding, complaint, audit, enforcement action, fine, order, or legal finding involving your organization — regardless of whether your organization subscribes to or uses Auditra.

Subscribing to Auditra creates no duty of care, advisory obligation, or liability of any kind on the part of Infortex Inc. with respect to your organization's regulatory compliance, legal standing, or conduct of any regulatory proceeding.

You are solely and entirely responsible for:

  • The accuracy, completeness, and legal adequacy of all documents you create, upload, or store within the platform
  • Ensuring your organization's actual practices align with any documentation you maintain — Auditra cannot and does not verify this alignment
  • Adapting any template to your specific organizational circumstances, with the assistance of qualified counsel as appropriate
  • Independently determining what your legal obligations are and whether your compliance program satisfies them
  • All communications with the IPC, patients, regulatory colleges, or any other regulatory or legal body
  • All decisions made in reliance on documents stored or generated within the platform
  • Keeping your program current as legislation, regulatory guidance, and your organization evolve

Organized documentation is not the same as legal compliance. Auditra helps you maintain structured records — but your actual practices, staff behaviours, and information handling must independently satisfy your legal obligations. The platform supports your organizational effort; it does not substitute for it.

06

Data Processing Scope

Auditra is a document storage platform. To the extent any personal information — such as a staff member's name appearing in a document stored within the platform — is incidentally processed in the course of operating the service, Infortex Inc. handles such data in accordance with our Privacy Policy and, where applicable, a Data Processing Agreement (DPA).

The DPA is:

  • Included automatically with all Enterprise plan subscriptions
  • Available upon written request for Starter and Professional subscribers at no additional cost

The DPA governs the narrow scope of data processing incidental to platform operation. It does not expand Infortex Inc.'s role, create any advisory obligation, or alter the allocation of compliance responsibility described in this disclaimer. To request a copy, contact us at .

Auditra does not store patient health records. The platform is designed exclusively for internal compliance-related administrative documentation — policies, training logs, vendor records, and similar materials. It is not an EMR, not a clinical records system, and is not intended to hold any personal health information about patients.

07

Gap Assessment Scope & Limitations

The Auditra Gap Assessment is an 18-question self-reporting questionnaire provided as a free organizational tool to help clinic operators reflect on which documentation categories may benefit from attention.

The Gap Assessment is not a PHIPA audit, a legal assessment, or a compliance certification of any kind. It is a self-reporting tool based entirely on answers you supply. Infortex Inc. does not independently verify your answers, review your documents, audit your systems, or assess your actual compliance posture in any way.

Any score or risk indication generated reflects your own self-reported answers only. A high score does not mean your organization is compliant. A low score does not constitute a legal finding of non-compliance. Neither result should be relied upon for any legal, regulatory, or business purpose without independent professional review.

The Gap Assessment is designed solely to help you identify which documentation areas you may wish to focus on as you build out your internal records. It is not a substitute for a formal privacy impact assessment, legal review, or independent audit.

08

No Guarantee of Any Outcome

To the fullest extent permitted by applicable law, Infortex Inc. expressly disclaims any representation or warranty, whether express or implied, that:

  • Use of Auditra will result in compliance with PHIPA, PIPEDA, or any other law or regulation
  • Use of Auditra will prevent, reduce, or mitigate the likelihood of an IPC investigation, complaint, audit, enforcement order, fine, or any other regulatory action
  • Any template provided is legally sufficient, appropriate, or suitable for your organization's specific circumstances
  • The platform covers every documentation category relevant to every type of organization or health information custodian
  • Platform content reflects the most current legislative text, IPC orders, or regulatory interpretations at any given time
  • A well-organized document vault, in and of itself, constitutes or demonstrates compliance with any legal obligation

Maintaining organized compliance documentation is a genuinely valuable practice that reflects operational discipline and internal accountability. Auditra is built to make that organizational work practical, structured, and manageable. But organization is not legal compliance. The responsibility for meeting your legal obligations rests entirely with your organization.

09

Regulatory Bodies

The following bodies have jurisdiction over health privacy matters and may be relevant to your organization. This information is provided for reference only:

  • Information and Privacy Commissioner of Ontario (IPC) — the independent officer responsible for overseeing PHIPA. The IPC investigates complaints, conducts audits, issues orders, and publishes findings publicly. Website: ipc.on.ca
  • Office of the Privacy Commissioner of Canada (OPC) — oversees PIPEDA compliance for private-sector organizations operating federally or across provincial boundaries. Website: priv.gc.ca
  • College of Physicians and Surgeons of Ontario (CPSO) — expects member physicians to maintain PHIPA-compliant privacy programs as part of professional standards
  • Other regulatory colleges — the College of Nurses of Ontario, Ontario College of Pharmacists, College of Physiotherapists of Ontario, and other health profession colleges have analogous expectations for their registrants

Infortex Inc. has no affiliation with, endorsement from, approval from, or formal relationship with any of these bodies. No use of Auditra constitutes engagement with, notification of, or approval by any regulatory body.

10

Seek Independent Advice

Auditra is a practical tool for keeping your internal compliance documentation organized. It is not a replacement for professional advice. If you are establishing a new clinic, responding to a complaint or IPC investigation, implementing a new records system, dealing with a privacy incident, or want confidence that your privacy program satisfies your legal obligations — please consult a qualified Ontario privacy lawyer independently of, and in addition to, your use of this platform.

Finding Ontario health privacy counsel:

The Law Society of Ontario (lso.ca) maintains a lawyer referral service. Look for counsel with experience in health law, privacy law, or regulatory compliance. Many Ontario firms offer initial consultations for a fixed fee.

The IPC's website (ipc.on.ca) also publishes practical PHIPA guidance, fact sheets, and order summaries that are publicly available and free to use.

Questions about Auditra's platform scope, our Data Processing Agreement, or how the platform fits into your document management workflow? We're happy to discuss. Contact us at .