Best Practices
Professional Guidelines

Responding to a Health Privacy Breach: Guidelines for the Health Sector

This publication replaces the guidance document, What to do When Faced With a Privacy Breach: Guidelines for the Health Sector.

This new, updated guide highlights the importance of having a detailed privacy breach protocol and explains the steps to take in responding to a breach under Ontario’s health privacy regulations. It includes advice on how to contain a breach, notify affected individuals and what information you should record for reporting breaches. The guide also describes when to report breaches to the IPC and regulatory colleges and gives some practical advice for minimizing the risk of future breaches.

Help us improve our website. Was this page helpful?
When information is not found


  • You will not receive a direct reply. For further enquiries, please contact us at @email
  • Do not include any personal information, such as your name, social insurance number (SIN), home or business address, any case or files numbers or any personal health information.
  • For more information about this tool, please see our Privacy Policy.