Background The following decisions involved different cyberattacks against four different organizations. Three involved health information custodians (HICs) subject to the Personal Health Information Protection Act (PHIPA), and the fourth involved a Children’s Aid Society subject to Part X of the
Background The following decisions involved different cyberattacks against four different organizations. Three involved health information custodians (HICs) subject to the Personal Health Information Protection Act (PHIPA), and the fourth involved a Children’s Aid Society subject to Part X of the
Case of Note: PHIPA Decision 243 Introduction Health information research plays a vital role in improving medical treatments and the quality of care. To conduct health research, researchers require access to personal health information, the collection and use of which is regulated under health
Case of Note: PHIPA Decision 243 Introduction Health information research plays a vital role in improving medical treatments and the quality of care. To conduct health research, researchers require access to personal health information, the collection and use of which is regulated under health
Case of Note: PHIPA Decision 249 Introduction Unfortunately, ransomware attacks are not an uncommon occurrence, especially in this era of rapidly advancing technologies. Bad actors use ransomware attacks to extract money and cause harm to others. As these types of attacks become increasingly common
Letter to the Ministry of Health responding to the changes proposed under the PHIPA regulation mandating contribution of personal health information to the electronic health record, and reiterating the need to ensure that personal health information is protected in systems used to assist in
Case of Note: PHIPA Decision 249 Introduction Unfortunately, ransomware attacks are not an uncommon occurrence, especially in this era of rapidly advancing technologies. Bad actors use ransomware attacks to extract money and cause harm to others. As these types of attacks become increasingly common
The Office of the Information and Privacy Commissioner of Ontario (IPC) is committed to protecting personal health information using a flexible and balanced approach that addresses privacy violations while encouraging accountability, learning, and continuous improvement. As of January 1, 2024, the...
As of January 1, 2024, the IPC has the discretion to issue administrative monetary penalties as part of its enforcement powers for violations of the Personal Health Information Protection Act (PHIPA). Download the guidance document to learn more.
In this letter to Brian Riddell, Chair of the Standing Committee on Social Policy, the IPC makes recommendations in relation to proposed amendments to the Connecting Care Act, 2019.
