I’m Kate Dewhirst.

I’m a lawyer who writes about legal issues affecting healthcare in Canada

Kate Dewhirst Health Law - bringing the law to life. Meet Kate (in 13 seconds)

Category: FHTs


Start keeping track of all privacy breaches – Report due March 2019

Posted by

Just a reminder that as of January 1, 2018 if you are a health information custodian you need to start keeping track of certain information relating to privacy breaches. The Information and Privacy Commissioner of Ontario released guidelines that will come into effect March 2019 but require you to start tracking certain kinds of privacy breaches now…. Read more »


Health Privacy Update – November 2017 – 4 new decisions of the IPC

Posted by

The Information and Privacy Commissioner of Ontario released four new PHIPA decisions today. These are relevant to any health care organization in Ontario. Read the summaries of all 60 IPC PHIPA Decisions here. Decision 57: A patient made an access request at a hospital. The patient wanted to know why he was being told by physicians at the… Read more »


Talking about risk and statutory compliance without scaring or boring your board

Posted by

If you are a CEO or ED of a healthcare organization, you need to talk to your board about risk. How do you do it without scaring them or boring them? You make risk real. You explain real situations that have happened to similar organizations. Here are a couple of pointers: Give them a risk architecture:… Read more »


Cyber Risk Management – What’s a Privacy Officer to Do?

Posted by

Have you seen this tool from HIROC – the Health Insurance Reciprocal of Canada? Cyber-Guide If you are a Privacy Officer in healthcare – you should read this tool.  It’s great. It’s brand new – November 2017. You may have a vague understanding of words like “ransomware” and “phishing” and “social engineering“.  And maybe you… Read more »


New guidelines from IPC require Ontario’s healthcare organizations to start tracking privacy breaches in January 2018

Posted by

The Information and Privacy Commissioner of Ontario released new guidelines that will come into effect March 2019 but require healthcare organizations to start tracking certain kinds of privacy breaches as of January 2018. Click here for the Annual Reporting of Privacy Breach Statistics to the Commissioner guidelines. Starting January 1st, Ontario’s healthcare organizations (all those who… Read more »



Health Privacy Update #3 – October 2017 – WOW! 6 new decisions of the IPC released last week

Posted by

Ontario’s Information and Privacy Commissioner just released six new health privacy decisions at the end of last week. Want to know what they are about? You can read my updated summaries of all 56 of the IPC PHIPA Decisions. Or keep reading this blog for summaries of these six. The decisions are not listed in chronological… Read more »


What you say matters: Mission, vision and values

Posted by

What commitments have you made to your patients, team members and the public? When I work with a healthcare organization through a difficult situation (like a patient complaint or a privacy breach) I always look at their mission, vision and values.  These public statements should guide all decision making through difficult times.  These statements are your guide… Read more »


Health Privacy Update #2 – October 2017 – 2 new decisions of the IPC

Posted by

Last week the IPC issued two new decisions for health care organizations in Ontario. The first one has practical impact on group practices like family health teams. Group practices should proactively clarify who is the health information custodian  Decision 50 – This one will interest all family health teams and other group practices. It relates to… Read more »


Health Privacy Update – October 2017 – New IPC Privacy Breach Report Form for new required reporting as of October 1st

Posted by

The IPC has posted their new Privacy Breach Reporting Form online. This is what health care organizations will use to alert the IPC to reportable privacy breaches as described in my previous post   These requirements came into effect October 1st. Here’s a PDF version of the Privacy Breach Report Form.    


Some of Kate’s recent and upcoming events

Free healthcare privacy webinar - ask me anything!
the first Wednesday of every month

Free webinars - advance registration needed

Whether you're an experienced privacy officer or new in the field, pick Kate’s brain for free for an hour, in this live webinar. No charge, but you’ll need to register in advance.

Health Privacy Officer Foundations training
April 12, 19, 26, May 3, 10, 17, 24 2021

For Privacy Officers within healthcare organizations.

This course focuses on how to become a more confident privacy officer and gives you the tools to document your privacy program. Full details and registration here...

Join the Shush: a collective of health privacy officers
Annual membership 2021

For Privacy Officers within healthcare organizations

This is an annual membership program that takes theory into practice and tackles real life scenarios to build Privacy Officer skills.
Full details and registration here.

Team Privacy Training Events
March 24, 25, 31 and April 6, 8, 22, 28

For Primary Care clinics, Hospitals, Community Agencies, Public Health Units, Schools, Police departments

Kate trains health professionals from many more health care organizations how being privacy-respectful can improve therapeutic relationships. More details...

Primary care webinars: Employment Law Update & Legal Issues for EDs and Board members

Part of Kate’s monthly webinar series.

Our April program will address how to run a meeting and in May we discuss the legal pit of doom in having your employees also as your patients.
Full details of the 2021 webinar series and registration here.

Part X CYFSA Privacy Designate Course - video course online

For Privacy Designates in the child welfare sector including children's aid societies and indigenous children's well-being centres

We focus on how to implement Part X of the Child Youth and Family Services Act in your organization.
Full details and registration here.

Osgoode Health Law Certificate

Kate is presenting at the Osgoode Health Law Certificate on March 11 on Privacy Issues

Kate Dewhirst Health Law

Kate says:

My mission is bringing the law to life. I make legal theory understandable, accessible and fun! I’m available and love to work for all organizations in the healthcare sector across Ontario and beyond.

Subscribe to my mailing list and keep up to date with news:

Latest Tweets

[JUNE 3 – WEBINAR SERIES] Risk registers - How should you be reporting on risk Register now:… https://t.co/k23RggybUh

about 12 hours ago


[JUNE 2] Register for my free upcoming Ask Me Anything About Health Privacy webinar at this link...… https://t.co/16pQCRvuMn

01:01 PM May 11th

contact details

P.O. Box 97010 Roncesvalles
Toronto Ontario M6R 3B3

(416) 855 9557

.