On January 1, 2024, changes to the General Regulation made under the Personal Health Information Protection Act (PHIPA) took effect (see O. Reg. 343/23). The changes stipulate how the Information and Privacy Commissioner of Ontario (IPC) determines the amount of administrative monetary penalties (AMPs) issued as part of its enforcement powers for violations of PHIPA….
Tag: Personal Health Information Protection Act 2004 (PHIPA)
CMOH Issues New Directive #5 on PPE, And More
In this edition of the HR Healthcheck, we discuss the newly revised Directive #5 issued by Ontario’s Chief Medical Officer of Health (CMOH) with respect to personal protective equipment use in public hospitals and long-term care homes. We also discuss a new regulation filed under the Personal Health Information Protection Act which expands administrative responsibilities under that statute. Finally, we mention Ontario’s recent announcement limiting visitors to long-term care homes in Toronto, Ottawa and Peel Region.
Ontario Proposes Regulations on Interoperability Specifications that Pertain to Digital Health Assets Selected, Developed or Used by Health Information Custodians under PHIPA
On May 22, 2020, Ontario’s Minister of Health (MOH) issued a notice of proposed regulation pertaining to interoperability specifications for digital health assets under the Personal Health Information Protection Act, 2004 (PHIPA). Under the proposed regulation, a “digital health asset” (DHA) means a product or service that uses electronic means to collect, use, modify, disclose,…
Ontario Proposes Regulations on Reporting Obligations of Health Information Custodians under PHIPA and on Electronic Health Records
On May 2, 2020, Ontario’s Minister of Health issued notice of proposed regulations that (1) provide clarity on the existing reporting obligations of Health Information Custodians under the Personal Health Information Protection Act, 2004 (PHIPA) and (2) empowers Ontario Health to develop and maintain amalgamated Electronic Health Records (EHRs) while refining the rules relating to…
Extraordinary Times – Limitations on Liberty and Privacy under the Health Protection and Promotion Act
On April 1, 2020, Ontario’s Chief Medical Officer urged his local public health counterparts to order COVID-19 patients and their contacts into quarantine. The situation, according to the Chief Medical Officer, is such that measures need to be put in place in order to manage this pandemic. Extraordinary times call for extraordinary measures and implementing the broad order-making powers of medical officers of health under the Health Protection and Promotion Act (HPPA) may be where we are headed. This means placing limitations on a person’s liberty and privacy.
Employers Take Note: New PHIPA Amendments
On March 25, 2020, the provincial government passed Bill 188, Economic and Fiscal Update Act, 2020, which amends various statutes, including the Personal Health Protection Information Act, 2004 (PHIPA). Included among these amendments are new requirements for health information custodians relating to electronic audit logs, requirements for “consumer electronic service providers,” the ability of justices to make production orders, administrative penalties that can be issued by the Information and Privacy Commissioner of Ontario (Commissioner) and a significant increase in the amount of penalties and possible imprisonment for offences. Unless otherwise indicated, these amendments came into force on March 25, 2020.
IPC Provides Important Guidance on New PHIPA Annual Reporting Obligations
Organizations which provide healthcare and are governed by the Personal Health Information Protection Act (PHIPA) should note that recent amendments to PHIPA require health information custodians (HICs) to file an annual report disclosing all security incidents involving theft, loss and unauthorized use or disclosure of personal health information to the Information and Privacy Commissioner. At…
Colleges and Universities: Who is the Health Information Custodian under PHIPA?
This is a short note to our college and university clients – all of whom provide various services to their communities that are properly characterized as “health care” and therefore governed by the Personal Health Information Protection Act. Recent amendments to PHIPA give rise to questions about personal health information governance and the proper identity…