Category: Mental health facilities

Cyber Risk Management – What’s a Privacy Officer to Do?

Have you seen this tool from HIROC – the Health Insurance Reciprocal of Canada? Cyber-Guide If you are a Privacy Officer in healthcare – you should read this tool.  It’s great. It’s brand new – November 2017. You may have a vague understanding of words like “ransomware” and “phishing” and “social engineering“.  And maybe you… Read more »

New guidelines from IPC require Ontario’s healthcare organizations to start tracking privacy breaches in January 2018

The Information and Privacy Commissioner of Ontario released new guidelines that will come into effect March 2019 but require healthcare organizations to start tracking certain kinds of privacy breaches as of January 2018. Click here for the Annual Reporting of Privacy Breach Statistics to the Commissioner guidelines. Starting January 1st, Ontario’s healthcare organizations (all those who… Read more »

What you say matters: Mission, vision and values

What commitments have you made to your patients, team members and the public? When I work with a healthcare organization through a difficult situation (like a patient complaint or a privacy breach) I always look at their mission, vision and values.  These public statements should guide all decision making through difficult times.  These statements are your guide… Read more »

Health Privacy Update #2 – October 2017 – 2 new decisions of the IPC

Last week the IPC issued two new decisions for health care organizations in Ontario. The first one has practical impact on group practices like family health teams. Group practices should proactively clarify who is the health information custodian  Decision 50 – This one will interest all family health teams and other group practices. It relates to… Read more »

Health Privacy Update – September 2017 – 2 new IPC guidance documents for health care organizations

The Information and Privacy Commissioner of Ontario just released a new practice guideline last week to assist health care organizations to better understand their upcoming new obligations to report privacy breaches to the IPC. Here is the document: health-privacy-breach-notification-guidelines Those new obligations come into effect on October 1st. A few weeks ago, the IPC released another practice direction related to  Frivolous and… Read more »

Health Privacy Update #2 – August 2017 – Precedent setting new case Decision 49

The Information and Privacy Commissioner of Ontario just released two more decisions all health care providers in Ontario should read. Decision 48: A hospital received a request for access to records. The hospital provided the complainant with a full copy of his health records but the complainant believed there should be additional records (specifically letters from… Read more »