Privacy & Freedom of Information

The issue of patient confidentiality has come to the forefront for healthcare organizations after a number of recent privacy breaches in Ontario hospitals have come to light, including hospital staff improperly accessing the medical records of former Toronto mayor Rob Ford.

It is generally accepted that patients seeking healthcare, treatment or advice should be able to expect that their personal information will be kept confidential, and that it will only be disclosed as necessary for their care. Given the sensitive nature of such information, the Government of Ontario passed the Personal Health Information Protection Act, 2004 (the “Act”), which provides both guidance to healthcare professionals and peace of mind to patients.

When it first came into force ten years ago, the Act was Canada’s first consent-based health statute. In the years following its enactment, the Act has been highlighted as a model for personal health information laws in Canada and the United States. Moving forward, employers in healthcare settings must continue to be cognizant of the Act’s requirements, as well as its application in our increasingly digital and interconnected age. The increased use of electronic health records and digital record-sharing systems, for example, may require employers to take additional precautions in the future. The modernization of healthcare provision will necessitate the modernization of privacy policies.
Continue Reading Protecting Patient Privacy: What Employers Need to Know

On July 1, 2014, key components of Canada’s “anti-spam legislation” came into force, but the full impact is still uncertain, particularly with respect to labour relations communications.  Our colleague, William Watson, has posted an interesting article on this in his blog, The Legal Playing Field Click here to read.

In Evans v Bank of Nova Scotia, an employee of the Bank of Nova Scotia (“Bank”), Richard Wilson, provided highly confidential information about the Bank’s customers to his girlfriend, who disseminated the information to third parties for fraudulent purposes.  On June 6, 2014, the Ontario Superior Court of Justice certified a class action brought on behalf of the affected customers, alleging that they were victims of identity theft and fraud as a result of the intrusion upon seclusion.

This is the province’s first-ever class action involving the new tort of “intrusion upon seclusion”, which allows individuals to advance a civil claim for damages against an intruder who intentionally invades their privacy, without legal justification, in a manner that is highly offensive to the reasonable person.
Continue Reading “Intrusion Upon Seclusion” Class Action Certified in Ontario

In Bernard v Canada (Attorney General), 2014 SCC 13, the Supreme Court of Canada confirmed that employee privacy rights do not override a union’s right to receive the information that it requires to fulfill its representational duties.  Accordingly, employers may be required to disclose information that will allow a certified union to contact members of its bargaining unit at home, and failure to do so may constitute an unfair labour practice.


Continue Reading Privacy in the Labour Relations Context: Union Entitled to Contact Employee at Home

On November 11th, 2013, the Supreme Court of Canada (“SCC”) released an interesting decision favouring a union’s freedom of expression over an individual’s right to privacy in Alberta (Information and Privacy Commissioner) v. United Food and Commercial Workers, Local 401, 2013 SCC 62.
Continue Reading Freedom of Expression on the Picket Line Trumps Privacy

In Communications, Energy and Paperworkers Union of Canada, Local 30 v. Irving Pulp & Paper, Ltd., 2013 SCC 34 [“Irving”], the Supreme Court of Canada (“SCC”) issued a landmark decision concerning workplace drug and alcohol testing. Irving strikes a new balance between the competing interests of employee privacy and workplace safety.
Continue Reading Workplace Drug and Alcohol Testing: Current Best Practices