Canadian Healthcare Technology Logo
  • Issues
    • Current Print Issue
    • Print Archive
  • Advertise
    • Publishing Schedule
    • Circulation
    • Unit Sizes and Rates
    • Mechanical Requirements
    • Electronic Advertising
    • White Papers
  • Subscribe
    • Print Edition
    • e-Messenger
    • White Papers
  • Events
  • Vendors
  • About Us

Philips

AGFA 1400x150

Petal Health

Petal Health 1400x150

Privacy & Security

Mandatory reporting for misuse of records

August 23, 2017


med recordsTORONTO – As of October 1, 2017, all health information custodians in Ontario, such as regulated health professionals, hospitals, clinics and long-term care facilities, will be required to notify the Information and Privacy Commissioner (IPC) when personal health information is lost, stolen or used or disclosed without authority.

In addition, health information custodians will be required to report annually to the Information and Privacy Commissioner on the total number of times personal health information was either lost, stolen, or used or disclosed without authority. The first annual reports will be due to the IPC on or before March 1, 2019.

The regulation will come into force on October 1st 2017, so it is important for HICs to think about the policies and procedures they need to put into place to ensure they are meeting their reporting obligations. This should include a breach log template and breach response plan.

Since 2004, section 12(2) of PHIPA has required HICs to notify affected individuals at the first reasonable opportunity if personal information is stolen, lost or used or disclosed without authority. Now the Ontario government is requiring that the law’s regulators know as well.

The consolidated regulation can be viewed at https://www.ontario.ca/laws/regulation/040329.

Privatech, a consulting and training company, notes on its website that the regulation, unfortunately, is not as clear as it could be, stating circumstances under which breaches should be reported, such as those where individual notification is required. However, it also states that the HIC would report to the IPC if the loss or unauthorized use or disclosure of personal health information is significant, considering such attributes such as its sensitivity and the volume of information compromised.

“We also aren’t provided with a clear sense of what exactly needs to be reported to the IPC,” says the Privatech release. “However, the IPC’s Privacy Breach Report form found at https://www.ipc.on.ca/privacy-breach-report/ provides a good indication of what will be expected by the regulators.”

“We can expect to receive further guidance from the Ontario IPC on the new breach reporting requirements. However, it is important to prepare for the amendment now, given that the change comes into force in a short month a half. A strong breach reporting program, as well as adequate training on breach escalation and logging are critical.” For assistance, contact PRIVATECH at https://privatech.ca.

PreviousNext

CHT print

CHT print

e-Messenger

  • HALO set to expand its services Canada-wide
  • Joseph Brant and St. Joseph’s, Hamilton to share EHR
  • Burnaby Hospital deploys advanced surgical robot
  • $60M donation will fund cardio institute in Vancouver
  • Petal Health, Vitr.ai aim to improve patient intake
More from e-Messenger

Subscribe

Subscribe

Weekly blasts are sent each month, via e-mail, to over 7,000 senior managers and executives in hospitals, clinics and health regions. Learn More

Infoway

Infoway

Zebra

Zebra

Zebra

Zebra

Advertise with us

Advertise with us

Sectra KLAS

Sectra KLAS

Stratford Group

Stratford Group

Pure Storage

Pure Storage

Medirex

Medirex

NIHI

NIHI

CHT print

CHT print

Advertise with us

Advertise with us

Sectra KLAS

Sectra KLAS

Stratford Group

Stratford Group

Pure Storage

Pure Storage

Medirex

Medirex

NIHI

NIHI

Contact Us

Canadian Healthcare Technology
1118 Centre Street, Suite 204
Thornhill, Ontario, Canada L4J 7R9
Tel: 905-709-2330
Fax: 905-709-2258
info2@canhealth.com

  • Quick Links
    • Current Print Issue
    • Print Archive
    • Events
    • Vendors
    • About Us
  • Advertise
    • Publishing Schedule
    • Circulation
    • Unit Sizes and Rates
    • Mechanical Requirements
    • Electronic Advertising
    • White Papers
  • Subscribe
    • Print Edition
    • e-Messenger
    • White Papers
  • Resources
    • White Papers
    • Writers’ Guidelines
    • Privacy Policy
  • Topics
    • Administrative Solutions
    • Clinical Solutions
    • Companies
    • Continuing Care
    • Diagnostics
    • Education & Training
  •  
    • Electronic Records
    • Government & Policy
    • Infrastructure
    • Innovation
    • People
    • Privacy and Security

© 2025 Canadian Healthcare Technology

The content of Canadian Healthcare Technology is subject to copyright. Reproduction in whole or in part without prior written permission is strictly prohibited. Send all requests for permission to Jerry Zeidenberg, Publisher.

Search Site

Error: Enter a search term

  • Issues
    • Current Print Issue
    • Print Archive
  • Advertise
    • Publishing Schedule
    • Circulation
    • Unit Sizes and Rates
    • Mechanical Requirements
    • Electronic Advertising
    • White Papers
  • Subscribe
    • Print Edition
    • e-Messenger
    • White Papers
  • Events
  • Vendors
  • About Us