- Report a privacy breach
- Collection, use and disclosure of personal health information
- Responding to a privacy breach
- Unauthorized access
- Access and correction
- PHIPA complaint process
- Safeguarding personal health information
- PHIPA Code of Procedure
Potential consequences of a breach under PHIPA
WHAT ARE THE CONSEQUENCES FOR COMMITTING AN OFFENCE UNDER PHIPA?
An individual found guilty of committing an offence under PHIPA can be liable for a fine of up to $100,000, while an organization or institution can be liable for a fine of up to $500,000.
If a corporation commits an offence under PHIPA, every officer, member, employee or agent of that corporation found to have authorized the offence, or who had the authority to prevent the offence from being committed but knowingly refrained from doing so, can also be held personally liable.
CAN AN INDIVIDUAL SEEK COMPENSATION FOR DAMAGES?
An individual affected by an order of the IPC, or an individual affected by conduct leading to a conviction for an offence under PHIPA, may seek damages for actual harm suffered. If a court determines that the harm suffered was caused by wilful or reckless misconduct, PHIPA permits the court to award up to $10,000 in damages for mental anguish.
MUST CONSENT BE OBTAINED FROM THE ATTORNEY GENERAL BEFORE COMMENCING A PROSECUTION UNDER PHIPA?
Yes. A prosecution cannot be commenced without the consent of the Attorney General of Ontario.
WHAT IS THE TIME LIMITATION FOR PROSECUTIONS UNDER PHIPA?
There is no time limitation period for commencing a prosecution for an offence under PHIPA.