Dernières décisions

Affichage de 15 sur 437 résultats

Decision Number Type Collection Adjudicator Published
MO-4540 Order Access to Information Orders Steven Faughnan En savoir plusExpand

This order determines whether the Toronto District School Board (the board) conducted a reasonable search for records responsive to a request made under the Act. In this order, the adjudicator finds that the board conducted a reasonable search for responsive records in accordance with its obligations under section 17 and dismisses the appeal.

MO-4538 Order Access to Information Orders Anna Kalinichenko En savoir plusExpand

The city denied access to records relating to a trespass notice issued by it to the appellant. Responsive records were withheld pursuant to section 38(a) (discretion to refuse requester’s own information) read with law enforcement exemptions at section 8(1) of the Act. In this order, the adjudicator upholds the city’s decision to deny access to responsive records pursuant to section 38(a) read with section 8(1)(e) (endanger life or safety).

PHIPA DECISION 252 Decision - PHIPA Health Information and Privacy Stella Ball En savoir plusExpand

The complainant asserted that a doctor had not conducted a reasonable search for his medical records. The complainant relied on an affidavit of documents from an existing court proceeding between himself and the doctor to identify the allegedly missing records and to argue that they should exist.
In this decision, the adjudicator concludes that the existing court proceeding between the complainant and the doctor could more appropriately and completely address the complaint, since it concerns the affidavit of documents. The adjudicator concludes there are no reasonable grounds to conduct a review of the complaint and she exercises her discretion not to proceed with a review.

MO-4539 Order Access to Information Orders Katherine Ball En savoir plusExpand

The City of Ottawa received a request under the Act for access to records relating to the successful bid response to a specified RFP for healthcare procurement services. The city granted partial access to the records, withholding portions pursuant to various exemptions. The requester appealed the city’s decision and claimed a public interest in the disclosure of the withheld information.
In this order, the adjudicator finds that the third party information exemption in section 10(1) of the Act applies to the remaining information at issue. She finds that the public interest override in section 16 does not apply. She upholds the city’s decision and dismisses the appeal.

MO-4537 Order Access to Information Orders Alec Fadel En savoir plusExpand

The appellant requested records relating to criminal investigations he was involved in from the police. The police decided to grant access to some of the records, but withheld information pursuant to the personal privacy exemption in section 38(b). In this order, the adjudicator upholds the police’s decision and dismisses the appeal.

MO-4536 Order Access to Information Orders Justine Wai En savoir plusExpand

The appellant submitted a request under the Act to the police for an audio/video statement made by her deceased brother to the police. The police denied the appellant access to the record, claiming the application of the personal privacy exemption. The appellant appealed the police’s decision, claiming the application of the compassionate grounds exception to the personal privacy exemption in section 14(4)(c) of the Act. In this decision, the adjudicator upholds the police’s decision, finding the record is exempt under the personal privacy exemption at section 38(b) and not subject to section 14(4)(c).

PHIPA DECISION 251 Decision - PHIPA Health Information and Privacy Chris Anzenberger En savoir plusExpand

Asserting the correction rights in the Act, the mother of a child requested that the hospital make several corrections to her child’s medical record regarding a previous diagnosis and references to other matters regarding the child and his father. The hospital granted some corrections, but denied two corrections related to a specific diagnosis.

In this decision, the adjudicator finds that the references to the diagnosis are professional opinions or observations made in good faith by a hospital physician, and the section 55(9)(b) exception to the duty to correct therefore applies. He upholds the decision of the hospital and dismisses the complaint.

PO-4526-F Order - Final Access to Information Orders Steven Faughnan En savoir plusExpand

This final order determines whether the Workplace Safety and Insurance Board (the WSIB) conducted a reasonable search for responsive records. In the first interim order PO-4402-I, the adjudicator ordered the WSIB to conduct a further search for responsive records. In the second interim order PO-4424-I, the adjudicator again ordered the WSIB to conduct a further search for responsive records. In this final order, the adjudicator finds that the WSIB has now conducted a reasonable search for responsive records and dismisses the appeal.

PHIPA DECISION 250 Decision - PHIPA Health Information and Privacy Jessica Kowalski En savoir plusExpand

The complainant requested a copy of her entire file from the custodian. The complainant was dissatisfied with the completeness of the records she received and challenges the search for records. The adjudicator finds that the custodian has complied with her search obligations under PHIPA and dismisses the complaint.

PHIPA DECISION 249 Decision - PHIPA Health Information and Privacy Jennifer Olijnyk En savoir plusExpand

A medical imaging clinic notified the Office of the Information and Privacy Commissioner of Ontario (the IPC) of a breach under the Personal Health Information Protection Act (the Act or PHIPA), following a ransomware attack against the clinic. The threat actor encrypted and exfiltrated files from the electronic medical records and file sharing servers and deleted the clinic’s backups. The clinic shut off the servers immediately, and these remained off while the clinic engaged in discussions with the threat actor. The threat actor provided the clinic with a file tree indicating which files they had exfiltrated, and the clinic ultimately decided to pay the ransom. The clinic was then able to decrypt all information on the affected servers and recover all files.
The clinic’s virtual private network kept logs of connections to its systems, but these logs had limited data storage. Because there was so much activity during the attack, the logs ran out of storage and the more recent data wrote over older events. The records from the earlier part of the attack were therefore lost before the clinic could review them. This limited the clinic’s investigation, though they did find that a dormant account belonging to a former internal application developer had been active during the attack. They concluded that this account, which had significant administrative privileges, was used by the threat actor to first gain access to the system and then move to other servers.
The clinic posted notices regarding the cyberattack within its physical locations and online. These notices listed the categories of information in the file tree. Later notices also acknowledged that patient medical records were stored in the affected servers, but that there were no signs that these records had been accessed. The clinic clarified to the IPC that its forensic experts examined all files for indications of access by the threat actor. The areas for which there was evidence of access correlated with what the threat actor had set out in its file tree.
The clinic revised its guidance to include improved password security, limitation on privileges granted to accounts, deletion of dormant accounts, and improved patch management. It put in place additional security measures, including replacement of the virtual private network with a newer model with enhanced storage to keep logs indefinitely, and extended detection and response capabilities. The clinic now always keeps one backup offline. In light of the steps taken by the clinic to remediate the situation, I have concluded that it is not necessary to pursue a review of this matter under Part VI of the Act.

PO-4525 Order Access to Information Orders Diane Smith En savoir plusExpand

The appellant sought access from the Ministry of the Solicitor General (the ministry) to statements of certain individuals in police reports regarding a property damage dispute with his neighbour. The ministry denied access to the requested information, relying on the discretionary personal privacy exemption in section 49(b).

PHIPA DECISION 248 Decision - PHIPA Health Information and Privacy Jennifer Olijnyk En savoir plusExpand

The complainant submitted a twelve-part correction request under the Act to a health information custodian for the correction of her personal health information within a psychotherapy consultation report. The custodian denied the request on the basis that it did not have a duty under section 55(8) of the Act to make the corrections. In this decision, the adjudicator upholds the custodian’s refusal to correct the report, finding that the exception to the duty to correct at section 55(9)(b) of the Act applies to the personal health information at issue. She dismisses the complaint.

MO-4535 Order Access to Information Orders Diane Smith En savoir plusExpand

The City of St. Thomas (the city) received a request under the Act for records related to by-law complaints about the appellant’s property. The city denied access to portions of a responsive by-law complaint form on the basis of the mandatory personal privacy exemption in section 14(1) of the Act.

In this order, the adjudicator upholds the city’s decision that the personal information in the complaint form is exempt by reason of section 14(1).

MO-4534 Order Access to Information Orders Lan An En savoir plusExpand

The City of Vaughan received a request under the Act for access to records relating to development applications for a particular condominium project. The city granted partial access to the responsive records, relying on the exemptions at sections 7(1) (advice or recommendation) and 12 (solicitor-client privilege). In this order, the adjudicator upholds the city’s decision, in part. She finds that section 7(1) applies to the record for which it was claimed and that the public interest override does not apply to permit its disclosure. She also finds that section 12 applies to all but one of the records for which it was claimed and orders the city to disclose that record to the appellant.

MO-4532 Order Access to Information Orders Chris Anzenberger En savoir plusExpand

The appellant submitted a request under the Act for records related to all motor vehicle collisions involving him in 2020 and 2021 and the police located responsive records for two incidents. Portions of records for the first incident were withheld under sections 38(a) (discretion to refuse requester’s own information) read with section 8(1)(l) (facilitate commission of an unlawful act) and 38(b) (personal privacy), while records for the second were excluded from the Act under section 52(2.1) (ongoing prosecution), and in the alternative were withheld under sections 38(b) and 38(a) read with sections 8(1)(l) and 15(a) (information published or available to the public). The appellant also claimed that the police did not conduct a reasonable search for records.

In this order, the adjudicator upholds the decision of the police for the first incident and upholds the search of the police as reasonable. For the second incident, he finds that that the section 52(2.1) exclusion does not apply because the prosecution had been completed during the inquiry. He finds that the records are not exempt from disclosure under section 15(a) because, while they are available to the appellant through an alternative disclosure process, they are not available to the general public. He finds that the section 38(b) exemption applies to the withheld records, with the exception of a witness statement provided by the appellant. He orders the police to disclose this witness statement to the appellant.

Aidez-nous à améliorer notre site web. Cette page a-t-elle été utile?
Lorsque l'information n'est pas trouvée

Note:

  • Vous ne recevrez pas de réponse directe. Pour toute autre question, veuillez nous contacter à l'adresse suivante : @email
  • N'indiquez aucune information personnelle, telle que votre nom, votre numéro d'assurance sociale (NAS), votre adresse personnelle ou professionnelle, tout numéro de dossier ou d'affaire ou toute information personnelle relative à votre santé.
  • Pour plus d'informations sur cet outil, veuillez consulter notre politique de confidentialité.