CyberLex Insights on cybersecurity, privacy and data protection law

Tag Archives: health privacy

Ontario Health Privacy Changes Establish New Breach Notification Requirements

Posted in Legislation, PHIPA

The Ontario Ministry of Health and Long-Term Care intends to ensure that health information custodians (HICs) pay due attention to the personal health information they control by introducing new notification and reporting obligations. If the proposed amendments to O Reg 329/04 under the Personal Health Information Protection Act, 2004 (PHIPA) come into force,[1] notification obligations… → Read More

Genetic Discrimination Bill One Step Closer to Becoming Law

Posted in Legislation, Privacy

On March 8, 2017 Liberal backbench MPs united with opposition parties to pass Bill S-201, an act to prohibit and prevent genetic discrimination. As noted in this prior Cyberlex post, Bill S-201 follows the enactment of legislation in the United States and adoption in the United Kingdom of a voluntary code and protects individuals from… → Read More

Changes to Ontario’s Health Information Privacy Law Include Breach Notification, Increased Penalties

Posted in PHIPA, Privacy

Notification to affected individuals and regulators will be required in the event of unauthorized use or disclosure of personal health information under amendments to Ontario’s health information legislation. The Ontario legislature passed Bill 119[1] in May, which amended the Personal Health Information Protection Act, 2004, c 3, Sched. A (“PHIPA”) and repealed and replaced the… → Read More

No Harm, No Fowl: Chicken Farm Inappropriate Choice for Data Disposal

Posted in PHIPA, Privacy

Here’s a piece of simple, practical advice: when you’re choosing a contractor to dispose of your organization’s personal information, go with a credentialed expert, and not a bunch of chickens. That’s a lesson that Spruce Manor Special Care Home in Saskatchewan had to learn the hard way (as surprising as that might sound). As a trustee with… → Read More

Health Minister Announces Changes Coming to PHIPA in Ontario

Posted in PHIPA, Privacy

The Ministry of Health and Long-Term Care has announced in a news release that it intends to introduce amendments to the Personal Health Information Protection Act (PHIPA) to strengthen PHIPA and protect patient privacy. We have confirmed that the intent is to reintroduce the prior Electronic Personal Health Information Protection Act (EPHIPA), which died due… → Read More

Hospital Privacy Breach Results in OSC Laying Charges

Posted in Data Breach, PHIPA, Privacy

The Ontario Securities Commission (“OSC”) has announced a series of criminal and quasi-criminal charges following an investigation related to the misuse of confidential patient information from the Rouge Valley Health System and the Scarborough Hospital. The OSC charges stem from allegations that a RESP sales representative purchased stolen maternity patient labels from a hospital nurse… → Read More

New Year, New Mandatory Breach Reporting

Posted in Data Breach, Privacy

New Year, New Mandatory Breach Reporting Overview It is rumoured that Bill 12 that amended the Alberta Health Information Act (“HIA”), passed on May 14, 2014, will come into force this year.  Bill 12 made 3 significant changes to the HIA: 1. adds mandatory breach notification provisions; 2. authorizes the Office of the Information and… → Read More