Merakey Blog

Insights for healthcare
technology leaders

AI compliance, data privacy, and technology strategy for Ontario developmental services agencies and Canadian healthcare organizations.

Featured

ComplianceApril 6, 2026

The QAM audit preparation checklist: what Ontario DS agencies actually need ready

A practical checklist for preparing for your next QAM compliance review under Regulation 299/10. Covers all six compliance areas, common findings, and a 90-day preparation timeline.

Merakey Team

10 min read

Recent articles

AI SafetyMarch 30, 2026

The yes-machine problem: AI sycophancy and clinical safety in home care

Research across 11 AI systems found chatbots affirm user actions nearly 50% more often than humans. In home care, where staff often have no second opinion available, an agreeable AI isn't neutral — it's a patient safety risk.

7 min read

Supply Chain SecurityMarch 27, 2026

When the scanner becomes the weapon: inside the TeamPCP supply chain attack

This week, TeamPCP compromised Trivy, Checkmarx KICS, and LiteLLM via PyPI. The tools developers use to secure and build AI software became the attack vector. Here's what happened and what it means.

9 min read

ComplianceMarch 17, 2026

Why Ontario DS agencies are still doing QAM compliance by hand, and what it costs them

Regulation 299/10 requires Ontario DS agencies to track training, eMAR, incidents, and more. Most still use spreadsheets. Here's what that costs them and how automation changes the equation.

8 min read

PIPEDAMarch 14, 2026

PIPEDA and AI chatbots: what healthcare organizations need to know in 2026

PIPEDA applies the moment a chatbot touches patient data. Cloud-hosted LLMs create cross-border data flows most agencies haven't accounted for. Here's what the law requires.

6 min read

AI SafetyMarch 10, 2026

ECRI's #1 health tech hazard of 2026: AI chatbot misuse

ECRI named AI chatbot misuse as the top health technology hazard for 2026. Why chatbots topped the list, what the risks are in clinical settings, and what healthcare organizations should do.

5 min read

TechnologyMarch 7, 2026

Self-hosted vs. cloud AI: why 43% of healthcare orgs are choosing local

Healthcare organizations are moving AI workloads off the cloud. We compare self-hosted and cloud AI for regulated industries, covering data sovereignty, PIPEDA compliance, and the real cost of a breach.

7 min read

ComplianceMarch 3, 2026

Understanding Regulation 299/10: the 6 areas every DS agency must track

A plain-language guide to Ontario Regulation 299/10 under the Services and Supports to Promote the Social Inclusion of Persons with Developmental Disabilities Act. What auditors look for and where agencies fall short.

9 min read

Data PrivacyFebruary 28, 2026

The $7.4M question: what a healthcare data breach actually costs

Healthcare data breaches cost an average of $7.4 million, the highest of any industry. We break down why DS agencies are at risk and how data residency, PIPEDA, and the CPPA shape your obligations.