The issue of patient confidentiality has come to the forefront for healthcare organizations after a number of recent privacy breaches in Ontario hospitals have come to light, including hospital staff improperly accessing the medical records of former Toronto mayor Rob Ford.

It is generally accepted that patients seeking healthcare, treatment or advice should be able to expect that their personal information will be kept confidential, and that it will only be disclosed as necessary for their care. Given the sensitive nature of such information, the Government of Ontario passed the Personal Health Information Protection Act, 2004 (the “Act”), which provides both guidance to healthcare professionals and peace of mind to patients.

When it first came into force ten years ago, the Act was Canada’s first consent-based health statute. In the years following its enactment, the Act has been highlighted as a model for personal health information laws in Canada and the United States. Moving forward, employers in healthcare settings must continue to be cognizant of the Act’s requirements, as well as its application in our increasingly digital and interconnected age. The increased use of electronic health records and digital record-sharing systems, for example, may require employers to take additional precautions in the future. The modernization of healthcare provision will necessitate the modernization of privacy policies.
Continue Reading Protecting Patient Privacy: What Employers Need to Know