In this special retrospective episode of Info Matters, Commissioner, Patricia Kosseim revisits season four’s standout conversations. Highlights include junior high students' views on privacy, Cynthia Khoo on facial recognition, and Robert Fabes on how people experiencing homelessness perceive...
Case of Note: PHIPA Decision 266 Background A complaint was brought to the Information and Privacy Commissioner of Ontario (IPC) alleging that a health clinic had failed to securely dispose of records of personal health information (PHI). To support the allegations, photographs of patient records
IPC comments on proposed amendments to Ontario Regulation 329/04 to support the transfer of the Critical Care Information System from Hamilton Health Sciences Corporation to Ornge, and to maintain the practices and procedures to ensure continued protection of personal health information during the
Schedule 6 of Bill 231, the More Convenient Care Act introduces a complex initiative to enable Ontarians' use of a digital health identity tool with the intent that Ontarians will use it to access their health records. It contains significant changes to Ontario’s health privacy law that put
The joint investigation report concerning the 2019 cyberattack on LifeLabs’ computer systems was completed in June 2020. The Ontario Court of Appeal recently dismissed LifeLabs’ bid to block public release of the report.
Case of Note: PHIPA Decision 260 Background A public hospital was alerted to suspicious activity on a patient chart, and initiated an investigation, which included a targeted audit. The audit revealed that nearly 4,000 patient charts had been accessed by a physician without authorization, from a
In her letter, Commissioner Kosseim recommends that the m inistry reconsider its proposal to better facilitate Ontarians’ easy and meaningful access to their records in the provincial Electronic Health Record. The commissioner also recommends that the m inistry carefully consider transparency and
A prescribed person under the Personal Health Information Protection Act reported a breach to the IPC regarding a cyberattack that involved the unauthorized copying of approximately 3.4 million individuals’ personal health information from the prescribed person’s secure file transfer server. The
Background The following decisions involved different cyberattacks against four different organizations. Three involved health information custodians (HICs) subject to the Personal Health Information Protection Act (PHIPA), and the fourth involved a Children’s Aid Society subject to Part X of the
Background The following decisions involved different cyberattacks against four different organizations. Three involved health information custodians (HICs) subject to the Personal Health Information Protection Act (PHIPA), and the fourth involved a Children’s Aid Society subject to Part X of the
