An Overview of Ontario’s New Personal Health Information Protection Act

Health Privacy is Critical

Unique Characteristics of Personal Health Information

Slide 4

Ontario’s Health Information
Protection Act (HIPA)

PHIPA – Based on
Fair Information Practices

Purposes of PHIPA

Strengths of PHIPA

Scope of PHIPA

Health Information Custodians

Records Management: 
General Practices

Requirements With Implications for Health Information Technology

Use of Electronic Means

Providers to Custodians

General Regulations that
Apply to All Providers

Types of Providers

Definition of Health Information Network Provider

Regulations for Health Information Network Providers

Regulations for Health Information Network Providers (cont’d)

Regulations for Health Information Network Providers (cont’d)

Security Requirement

PHIPA Consent

Meaningful Consent Forms

Express Consent

Implied Consent

Collection, Use and Disclosure

Permitted Indirect Collection

Permitted Uses
(Without Consent)

Permitted Uses
(Without Consent)

Permitted Disclosures
(Without Consent)

Permitted Disclosures
(Without Consent)

What is a Lock Box?

Checks on the Lock Box

Further Limitations
to the Lock Box

Delayed Implementation of the Lock Box

Right of Access and Correction

Access

How to Correct Records

Notice of Correction

Statement of Disagreement

Oversight and Enforcement

Role of IPC under PHIPA

Complaint Process

Public Education Program

Public Education Program (con’t.)

Keeping HIC’s Informed

Stressing the 3 C’s

How to Contact Us