Today the IPC issued annual privacy breach reporting requirements to the health sector. Starting in March 2019 health information custodians will be required to provide our office with an annual report on the number of privacy breaches that occurred during the previous calendar year.
Under the Personal Health Information Protection Act, custodians must inform us of incidents where personal health information in their care was lost, stolen, or used or disclosed without authorization.
To prepare for this reporting requirement, custodians must start tracking their privacy breach statistics as of January 1, 2018. Health privacy breach statistics will be collected through the IPC’s Statistics Submission Website in early 2019.
Reporting a Privacy Breach to the Commissioner
Reporting requirements
If you have any questions about tracking or submitting privacy breach statistics to the IPC, contact us at [email protected] or 1-800-387-0073.
This post is also available in: French
