RCDSO Guidelines on AI in Dentistry: What Ontario Dental Clinics Need to Know

The Royal College of Dental Surgeons of Ontario (RCDSO) published its official Guidance: Artificial Intelligence in Dentistry in September 2025, and the core message is clear: Ontario dentists can use AI tools, but they remain fully responsible for patient care, clinical decisions, and data protection regardless of whether AI assisted in those outcomes. The RCDSO AI dentistry guidelines do not create new professional requirements. Instead, they map existing obligations under the Dentistry Act, PHIPA, and the RCDSO Standards of Practice onto the emerging AI landscape - covering everything from diagnostic imaging software to AI voice receptionists and appointment-notification systems. For clinic owners and office managers evaluating AI tools right now, this guidance is the regulatory baseline you need to understand before making any purchasing decision.

What the RCDSO AI Guidance Actually Says (and What It Doesn't)

The RCDSO states explicitly that the guidance "does not set out new professional requirements, but instead highlights existing responsibilities that may be relevant to the use of AI in dentistry." Rather than building a new compliance layer, the College is telling you: the rules you already follow - around patient care, informed consent, record-keeping, and privacy - apply when you add AI into your practice. If you're already running a compliant clinic, you're starting from a strong position.

The guidance defines artificial intelligence broadly as computer systems that perform tasks associated with human intelligence, and separately flags generative AI as carrying heightened risks due to the potential for inaccurate, misleading, or biased outputs. That distinction matters because many of the newest tools in dental practice, from AI-drafted patient letters to chatbot interfaces, fall under the generative AI umbrella.

Critically, the guidance applies to all AI tools used in a dental practice. The RCDSO's companion FAQ confirms this directly: when asked whether the guidance covers AI tools used for "writing or for sending notifications about appointments," the answer is yes. However, "dentists may need to exercise greater caution and oversight depending on the specific tool." The guidance formalises that proportionality through a risk-based framework.

The Risk-Based Framework: 3 Factors That Determine Your Compliance Obligations

The RCDSO's central organising principle is proportional oversight. The greater the risk an AI tool poses to patients, the greater the caution and oversight required from the dentist using it. Risk increases along three dimensions: whether the tool directly influences clinical decision-making, whether it affects patient health and safety, and whether it accesses personal health information (PHI) that triggers PHIPA obligations.

The 4-Tier Risk Model

One critical caveat: risk classification can shift based on how data is handled. A closed, encrypted AI system that doesn't reuse patient data for training carries less risk than an open, externally connected system where data governance is unclear. The same tool can sit in different risk categories depending on its configuration and the vendor's data practices.

For dental clinics evaluating AI administrative tools like voice receptionists, this is good news. These tools fall squarely in the limited-risk tier - provided they don't access patient health records and their data handling meets PHIPA standards. When you're evaluating AI vendors for your healthcare practice, the RCDSO's risk factors give you a ready-made checklist for the conversation.

The 3 Pillars: Accountability, Transparency, and Data Protection

The guidance organises its 16 numbered recommendations under three pillars. Here's what each one means for your clinic in practice.

Pillar 1: Accountability and Responsibility (10 Guidance Items)

This pillar covers two stages: before you adopt an AI tool (items 1-4) and while you use it (items 5-10).

Before adoption, dentists must verify the tool complies with PHIPA, understand the vendor's data protection and storage policies (including where data is stored geographically), assess whether the tool has been validated for the patient populations served, and examine training-data limitations for demographic bias. If you can't get satisfactory answers to these questions, the guidance is direct: "avoid using the AI tool."

During use, dentists must critically review all AI-generated outputs for accuracy, completeness, and bias before including them in patient records or acting on clinical recommendations. Staff who use AI tools - including front-desk and administrative staff - need training on appropriate uses, limitations, risks, and mitigation steps.

Pillar 2: Transparency and Disclosure (4 Guidance Items)

Two requirements stand out. First, patients must know when they're interacting with AI rather than a human - this applies directly to AI phone receptionists, chatbots, and automated messaging. Second, for AI tools that directly impact clinical care, patients must be informed about how the AI will be used before it is applied. Disclosure methods are flexible: consent forms, signage, automated messages, or direct conversation. Whatever method you choose, document the disclosure in the patient record. The guidance also requires clinics to provide reasonable accommodation to patients who prefer no or minimal AI involvement in their care.

Pillar 3: Protecting Patient Health Information (2 Guidance Items)

PHIPA compliance is non-negotiable. Dentists must understand the privacy and security settings of every AI tool they use and confirm that patient data is securely stored. AI-generated outputs containing personal health information must not be used for other purposes - including training the AI model - unless patients have provided express and knowledgeable consent under PHIPA Section 18. The RCDSO FAQ adds that clinics should conduct a privacy impact assessment before deploying AI tools that handle PHI and verify where data is stored, since jurisdictions outside Canada may allow broader uses of de-identified health information without consent.

For a deeper look at how compliant AI tools handle patient data, visit our security and compliance overview.

Professional Liability: 5 Things Ontario Dentists Must Know

The RCDSO's position on liability is unambiguous, and every dentist considering AI adoption should internalise these five points.

How the RCDSO Guidelines Apply to AI Phone Systems

For dental clinics evaluating AI voice receptionists and scheduling assistants specifically, the RCDSO guidance creates a clear compliance pathway. These tools fall under the guidance - the College confirmed this in its FAQ - but they occupy the lower end of the risk spectrum when properly designed.

At JustReva, we built REVA - our AI voice receptionist - with these requirements in mind from day one. REVA identifies itself as AI at the start of every call, never provides clinical or dental advice, stores Canadian clinic data in Canada with zero data retention on voice processing, and is PHIPA compliant by design. Under the RCDSO's framework, it sits in the lowest risk tier: a purely administrative tool that handles scheduling, FAQ responses, and message-taking without accessing patient health records.

Take the Next Step

If you're exploring AI for your dental clinic's phone operations and want a tool that already aligns with the RCDSO's guidance, we built REVA for exactly this use case - PHIPA compliant, transparent by design, and in the RCDSO's lowest risk category. Start with a free 30-day pilot at justreva.com to see how it works for your practice.

Written by Janvi Patel, Founder of JustReva. Janvi builds AI tools that help healthcare clinics stop missing patient calls.

Sources: RCDSO Guidance: Artificial Intelligence in Dentistry (September 2025), RCDSO FAQ on AI, Oral Health Group Risk Framework (October 2025)