CyberLex Insights on cybersecurity, privacy and data protection law

Tag Archives: PHIPA

Health Record Snooping Nets Hefty Fine

Posted in PHIPA

In a recent case out of Goderich, Ontario a $20,000 fine, the highest of its kind in Canada, was handed out for a health privacy violation. Between September 9, 2014 and March 5, 2015, a Masters of Social Work student accessed the personal health information of 139 individuals including family, friends, and local politicians, among… → Read More

Changes to Ontario’s Health Information Privacy Law Include Breach Notification, Increased Penalties

Posted in PHIPA, Privacy

Notification to affected individuals and regulators will be required in the event of unauthorized use or disclosure of personal health information under amendments to Ontario’s health information legislation. The Ontario legislature passed Bill 119[1] in May, which amended the Personal Health Information Protection Act, 2004, c 3, Sched. A (“PHIPA”) and repealed and replaced the… → Read More

No Harm, No Fowl: Chicken Farm Inappropriate Choice for Data Disposal

Posted in PHIPA, Privacy

Here’s a piece of simple, practical advice: when you’re choosing a contractor to dispose of your organization’s personal information, go with a credentialed expert, and not a bunch of chickens. That’s a lesson that Spruce Manor Special Care Home in Saskatchewan had to learn the hard way (as surprising as that might sound). As a trustee with… → Read More

Health Minister Announces Changes Coming to PHIPA in Ontario

Posted in PHIPA, Privacy

The Ministry of Health and Long-Term Care has announced in a news release that it intends to introduce amendments to the Personal Health Information Protection Act (PHIPA) to strengthen PHIPA and protect patient privacy. We have confirmed that the intent is to reintroduce the prior Electronic Personal Health Information Protection Act (EPHIPA), which died due… → Read More

Hospital Privacy Breach Results in OSC Laying Charges

Posted in Data Breach, PHIPA, Privacy

The Ontario Securities Commission (“OSC”) has announced a series of criminal and quasi-criminal charges following an investigation related to the misuse of confidential patient information from the Rouge Valley Health System and the Scarborough Hospital. The OSC charges stem from allegations that a RESP sales representative purchased stolen maternity patient labels from a hospital nurse… → Read More

Recent Breaches Spur Renewed Focus on Strengthening Ontario’s Health Privacy Laws

Posted in Data Breach, PHIPA, Privacy, Uncategorized

According to a recent news report,  Ontario Health Minister Eric Hoskins is looking into re-introducing the Electronic Personal Health Information Act (EPHIPA) and strengthening Ontario’s Personal Health Information Act (PHIPA) following recent health-related privacy breaches. Although PHIPA was introduced over ten years ago, only one person has ever been charged under the legislation: a nurse who… → Read More

PHIPA Does Not Preclude the Recourse to Common Law for Health Privacy Violations

Posted in Privacy, Technology License Agreement

PHIPA Does Not Preclude the Recourse to Common Law for Health Privacy Violations Facts ‘‘With the click of a mouse, personal health records can be accessed by those who have a legitimate interest in properly treating a patient – or they can be accessed for an improper purpose.’’ These were the opening words of the… → Read More