Ontario is working to improve privacy and accountability in the health care system with new measures to protect the personal health information of patients. The province will be introducing amendments to the Personal Health Information Protection Act (PHIPA) that, if passed, should strengthen privacy rules, make it easier to prosecute offences and increase fines. These amendments would include:
- Increasing accountability and transparency by making it mandatory to report privacy breaches to the Information and Privacy Commissioner and, in certain cases, to relevant regulatory colleges
- Strengthening the process to prosecute offences under PHIPA by removing the requirement that prosecutions must be commenced within six months of the alleged privacy breach
- Further discouraging “snooping” into patient records by doubling the fines for offences under PHIPA from $50,000 to $100,000 for individuals and from $250,000 to $500,000 for the organization
- Clarifying the authority under which health care providers may collect, use and disclose personal health information in electronic health records
The legislation would also re-introduce protections to electronic and other personal health information, originally presented in 2013. These protections have been endorsed by the Information and Privacy Commissioner.
For more information on these amendments, visit the Government of Ontario website.