Category: Hospitals

Health Privacy Update – September 2017 – 2 new IPC guidance documents for health care organizations

The Information and Privacy Commissioner of Ontario just released a new practice guideline last week to assist health care organizations to better understand their upcoming new obligations to report privacy breaches to the IPC. Here is the document: health-privacy-breach-notification-guidelines Those new obligations come into effect on October 1st. A few weeks ago, the IPC released another practice direction related to  Frivolous and… Read more »

Health Privacy Update #2 – August 2017 – Precedent setting new case Decision 49

The Information and Privacy Commissioner of Ontario just released two more decisions all health care providers in Ontario should read. Decision 48: A hospital received a request for access to records. The hospital provided the complainant with a full copy of his health records but the complainant believed there should be additional records (specifically letters from… Read more »

What does a Privacy Officer do in a health care organization?

I train Privacy Officers to understand their role. So, what does a Privacy Officer do for a health care organization? In Ontario, every health care organization must have a “contact person” to do the following five tasks: Facilitate compliance with the health privacy law, PHIPA Ensure that everyone who works for the organization is informed… Read more »

Do you know how to apologize?

A note popped into my inbox this morning from Michael Hyatt, who is an extraordinary business coach.  The topic is “The anatomy of a true apology”. I am working right now with a medical office on a privacy breach and notifying patients.  And we have had some heartfelt discussions about how to convey sincerity in… Read more »

Health Privacy Update – August 2017

The Information and Privacy Commissioner of Ontario has just released two new correction request decisions – 46 and 47 (dated June 2017 but released the last week of July).  Decision 45 has not yet been released. Bottom Line: These decisions do not change your practice. So long as you respond to correction requests (as you… Read more »

Health Privacy Update – July 2017

Mandatory reporting by health information custodians in Ontario to the IPC will now come into effect October 1, 2017 The new regulations requiring the mandatory reporting of privacy breaches to the Information and Privacy Commissioner of Ontario will come into effect October 1st (not July 1st as we originally expected). The link to the new… Read more »