Category: Health laws

New guidelines from IPC require Ontario’s healthcare organizations to start tracking privacy breaches in January 2018

The Information and Privacy Commissioner of Ontario released new guidelines that will come into effect March 2019 but require healthcare organizations to start tracking certain kinds of privacy breaches as of January 2018. Click here for the Annual Reporting of Privacy Breach Statistics to the Commissioner guidelines. Starting January 1st, Ontario’s healthcare organizations (all those who… Read more »

Health Privacy Update #2 – October 2017 – 2 new decisions of the IPC

Last week the IPC issued two new decisions for health care organizations in Ontario. The first one has practical impact on group practices like family health teams. Group practices should proactively clarify who is the health information custodian  Decision 50 – This one will interest all family health teams and other group practices. It relates to… Read more »

Health Privacy Update – September 2017 – 2 new IPC guidance documents for health care organizations

The Information and Privacy Commissioner of Ontario just released a new practice guideline last week to assist health care organizations to better understand their upcoming new obligations to report privacy breaches to the IPC. Here is the document: health-privacy-breach-notification-guidelines Those new obligations come into effect on October 1st. A few weeks ago, the IPC released another practice direction related to  Frivolous and… Read more »

Health Privacy Update #2 – August 2017 – Precedent setting new case Decision 49

The Information and Privacy Commissioner of Ontario just released two more decisions all health care providers in Ontario should read. Decision 48: A hospital received a request for access to records. The hospital provided the complainant with a full copy of his health records but the complainant believed there should be additional records (specifically letters from… Read more »

What does a Privacy Officer do in a health care organization?

I train Privacy Officers to understand their role. So, what does a Privacy Officer do for a health care organization? In Ontario, every health care organization must have a “contact person” to do the following five tasks: Facilitate compliance with the health privacy law, PHIPA Ensure that everyone who works for the organization is informed… Read more »

Health Privacy Update – August 2017

The Information and Privacy Commissioner of Ontario has just released two new correction request decisions – 46 and 47 (dated June 2017 but released the last week of July).  Decision 45 has not yet been released. Bottom Line: These decisions do not change your practice. So long as you respond to correction requests (as you… Read more »

What is health law?

When asked what I do, I say “I’m a health lawyer”.  Which always gets a head tilt response: What’s that? Q: Does that mean you sue doctors? A: Nope Q: Oh, so you sue hospitals? A: Nope Then they say – Ok. I don’t get it. I explain … I work for hospitals and doctors’ offices and… Read more »