• Home

  • Documents

  • February 2006 Health Information Custodians … · Health Information Custodians Working for...
4

Click here to load reader

February 2006 Health Information Custodians … · Health Information Custodians Working for Non-Health Information Custodians The Personal Health Information Protection Act, 2004

Embed Size (px)

Citation preview

Page 1: February 2006 Health Information Custodians … · Health Information Custodians Working for Non-Health Information Custodians The Personal Health Information Protection Act, 2004

Health Information Custodians Working for Non-Health Information Custodians

The Personal Health Information Protection Act, 2004 (PHIPA) sets out rules for the collection, use and disclosure of personal health information by health information custodians (custodians).

While these rules are generally the same for all custodians, special considerations may apply in the case of custodians working for non-custodians.

What is a Health Information Custodian?

As defined in PHIPA, health information custodians include health care practitioners (see below), hospitals, psychiatric facilities, pharmacies, laboratories, nursing homes and long-term care facilities, homes for the aged and homes for special care, community care access corporations, ambulance services, boards of health, the Minister of Health and Long-Term Care and the Canadian Blood Services.

PHIPA defines a health care practitioner as: a person who is a member within the meaning of the Regulated Health Professions Act, 1991 who provides health care; a person registered as a drugless practitioner under the Drugless Practitioners Act who provides health care; a person who is a member of the Ontario College of Social Workers and Social Service Workers who

provides health care; and any other person whose primary function is to provide health care for payment. Examples of health care practitioners include: doctors, nurses, audiologists and speech-language pathologists, chiropractors, chiropodists, dental professionals, dieticians, medical radiation technologists, medical laboratory technologists, massage therapists, midwives, optometrists, occupational therapists, opticians, pharmacists, physiotherapists, psychologists and respiratory therapists.

PHIPA defines health care as any observation, examination, assessment, care, service or procedure that is done for a health-related purpose and that is carried out or provided:

•to diagnose, treat or maintain an individual’s physical or mental condition;

•to prevent disease or injury or to promote health; or

•as part of palliative care.

Persons who do not provide health care are not health care practitioners.

Examples of Custodians Working for Non-CustodiansThere are many examples of custodians working for non-custodians, including:

Number 11 February 2006

Information and Privacy Commissioner of Ontario

Page 2: February 2006 Health Information Custodians … · Health Information Custodians Working for Non-Health Information Custodians The Personal Health Information Protection Act, 2004

INFORMATIONAND PRIVACYCOMMISSIONER OFONTARIO

2

•a nurse employed by a school board to provide health care;

•a doctor employed by a professional sports team to provide health care;

•a registered massage therapist providing health care to clients of a spa; or

•a nurse employed in-house by a manufacturing firm to provide health care.

A custodian may work for a non-custodian as an employee, as an independent contractor or as a volunteer.

Agents of CustodiansA custodian may have an “agent,” which PHIPA defines as a person that, with the authorization of the custodian, acts for or on behalf of the custodian in respect of personal health information for the purposes of the custodian, and not the agent’s own purposes, whether or not the agent has the authority to bind the custodian, whether or not the agent is employed by the custodian and whether or not the agent is being remunerated.

For the purposes of PHIPA, the providing of personal health information between a custodian and an agent of the custodian is considered to be a use by the custodian, and is not viewed as a disclosure by the person providing the information nor as a collection by the person to whom the information is provided.

In the case of custodians working for non-custodians, the custodian’s agent may also be a person who works for the non-custodian. For example, a school nurse might arrange to use the services of a secretary employed at the school for the purpose of managing and administering records of personal health information.

Responsibilities of Custodians Under PHIPALike all custodians generally found under PHIPA, custodians working for non-custodians have a number of responsibilities, including:

•ensuring that they do not collect, use or disclose personal health information unless:

•they have the individual’s consent and the collection, use or disclosure is necessary for a lawful purpose; or

•the collection, use or disclosure is permitted or required by PHIPA;

•taking reasonable steps to safeguard personal health information, including:

•protecting against theft, loss and unauthorized use or disclosure;

•protecting against unauthorized copying, modification or disposal; and

•notifying an individual at the first reasonable opportunity if his or her personal health information is stolen, lost or accessed by unauthorized persons;

•taking reasonable steps to ensure that the personal health information they use is as accurate, complete and up-to-date as is necessary for the purposes for which they use or disclose it;

•ensuring that all personal health information records in their custody or control are retained, transferred and disposed of in a secure manner and in accordance with any prescribed requirements;

Page 3: February 2006 Health Information Custodians … · Health Information Custodians Working for Non-Health Information Custodians The Personal Health Information Protection Act, 2004

3

INFORMATIONAND PRIVACY

COMMISSIONER OFONTARIO

•making available to the public a written statement describing their information practices and certain other information specified in PHIPA;

•subject to certain exceptions, giving individuals access to their own personal health information and correcting personal health information that is incorrect or incomplete; and

•ensuring that there is a contact person to perform certain duties specified in PHIPA.

Disclosure of Personal Health Information by CustodiansA custodian cannot disclose personal health information to a non-custodian, including the non-custodian for whom the custodian is working, unless:

•the individual whose personal health information is at issue has given express consent;

•the disclosure is permitted or required by PHIPA; or

•the disclosure is permitted or required by another law.

Health Information Records Kept In Other Places

As noted above, PHIPA requires custodians to take reasonable steps to ensure that personal health information in their custody or control is protected against theft, loss and unauthorized use or disclosure and to ensure that the records containing the information are protected against unauthorized copying, modification or disposal. It also requires custodians to ensure

that records of personal health information in their custody or under their control are retained, transferred and disposed of in a secure manner and in accordance with any prescribed requirements.

In most cases, custodians keep records of personal health information in a location within their control (e.g., in a locked file cabinet within the health care practitioner’s office). PHIPA recognizes, however, that in some circumstances it may not be practical or convenient for individuals or health care practitioners (including those working for non-custodians) to do so. PHIPA permits health care practitioners to keep a record of personal health information about an individual in a place other than the individual’s home and other than a place in the practitioner’s control (e.g., in a locked central file cabinet located in a locked room other than the health care practitioner’s office) if all of the following requirements are met:

•the record is kept in a reasonable manner;

•the individual consents;

•the health care practitioner is permitted to keep the record in the place in accordance with a regulation, by-law or published guideline under the Regulated Health Professions Act, 1991, an Act referred to in Schedule 1 to that Act, the Drugless Practitioners Act or the Social Work and Social Service Work Act, 1998, if the health care practitioner is described in any of clauses (a) to (c) of the definition of “health care practitioner;” and

•the prescribed conditions, if any, are satisfied.

Page 4: February 2006 Health Information Custodians … · Health Information Custodians Working for Non-Health Information Custodians The Personal Health Information Protection Act, 2004

is published by the Office of the Information and Privacy Commissioner of Ontario.

If you have any comments regarding this news letter, wish to advise of a change of address, or be added to the mailing list, contact:

30% recycled paper

Communications DepartmentInformation and Privacy Commissioner of Ontario2 Bloor Street East, Suite 1400Toronto, Ontario CANADA M4W 1A8 Telephone: 416-326-3333 • 1-800-387-0073Facsimile: 416-325-9195TTY (Teletypewriter): 416-325-7539 Website: www.ipc.on.ca Cette publication, intitulée « Feuille-info », est également disponible en français.

Fact SheetFact Sheet

INFORMATIONAND PRIVACYCOMMISSIONER OFONTARIO

Custodians Acting as Agents of FIPPA or MFIPPA InstitutionsThe provisions in PHIPA regarding access to, and correction of, personal health information do not apply to records in the custody or under the control of custodians acting as agents of non-custodians that are institutions within the meaning of the Freedom of Information and Protection of Privacy Act (FIPPA) or the Municipal Freedom of Information and Protection of Privacy Act (MFIPPA), if the individual has the right to request access under either of those Acts. In such cases, the individual must make his or her request for access or correction under FIPPA or MFIPPA, as applicable. For example, if an individual wants to access to his or her own personal health information compiled by a nurse who works for a provincially operated correctional facility or by a psychologist who works for a school board, the individual should be directed to make his or her request to the custodian’s institution (i.e., the correctional facility or school board), in accordance with FIPPA or MFIPPA, as the case may be, rather than directly to the custodian.

Application of PIPEDA

By way of background, private-sector organizations in Ontario that collect, use or disclose personal information during the course of commercial activities are governed by the federal Personal Information Protection and Electronic Documents Act (PIPEDA).

In some cases, health information custodians may work for non-custodian private-sector organizations that are subject to PIPEDA. However, it should be noted that since PHIPA has been declared to be substantially similar to PIPEDA, health information custodians are exempt from the rules of PIPEDA. Therefore, although PIPEDA may apply to the non-custodian employer, the collection, use or disclosure of personal health information by custodians working for these non-custodians in the province of Ontario is governed by PHIPA.

For further information on PIPEDA, please visit the Privacy Commissioner of Canada’s website at: http://www.privcom.gc.ca.


Introduction: Pacific Islanders, “custodians of the ocean

Introduction: Pacific Islanders, “custodians of the ocean

Documents
OAIS Open Archival Information System. “Content creators, systems developers, custodians, and future users are all potential stakeholders in the preservation

OAIS Open Archival Information System. “Content creators, systems developers, custodians, and future users are all potential stakeholders in the preservation

Documents
Fannie Mae Requirements for Document Custodians

Fannie Mae Requirements for Document Custodians

Documents
Equipment Management User's Handbook For Property Custodians

Equipment Management User's Handbook For Property Custodians

Documents
Authenticity work and brand custodians: Leveraging ... · Authenticity work and brand custodians: Leveraging interobjective representations in digital advertising contexts Abstract

Authenticity work and brand custodians: Leveraging ... · Authenticity work and brand custodians: Leveraging interobjective representations in digital advertising contexts Abstract

Documents
The Association of Global Custodians · 2014-11-24 · THE ASSOCIATION OF GLOBAL CUSTODIANS 2002-2003 DEPOSITORY INFORMATION -GATHERING PROJECT: A REPORT FOR CLIENTS AND PARTICIPATING

The Association of Global Custodians · 2014-11-24 · THE ASSOCIATION OF GLOBAL CUSTODIANS 2002-2003 DEPOSITORY INFORMATION -GATHERING PROJECT: A REPORT FOR CLIENTS AND PARTICIPATING

Documents
Competency Assessment Tool - Queensland Health...3 Aboriginal and Torres Strait Islander Health Practitioner: Competency Assessment Tool V1 Acknowledgement of Country and custodians

Competency Assessment Tool - Queensland Health...3 Aboriginal and Torres Strait Islander Health Practitioner: Competency Assessment Tool V1 Acknowledgement of Country and custodians

Documents
toolkit for custodians: a guide to the personal health information act

toolkit for custodians: a guide to the personal health information act

Documents
COASTAL CUSTODIANS

COASTAL CUSTODIANS

Documents
PHIA overview (June, 2011) - Newfoundland and Labrador · An overview of PHIA Application –Who? • PHIA applies to “custodians” of personal health information • Custodians

PHIA overview (June, 2011) - Newfoundland and Labrador · An overview of PHIA Application –Who? • PHIA applies to “custodians” of personal health information • Custodians

Documents
National campaign for People's Right to Information · Commonwealth Games scam 2. Stakeholders Primary People as information seekers Government/ public authorities as custodians of

National campaign for People's Right to Information · Commonwealth Games scam 2. Stakeholders Primary People as information seekers Government/ public authorities as custodians of

Documents
23 Custodians and Cooks

23 Custodians and Cooks

Documents
Providing Electronic Services to Health Information Custodians€¦ · 2018-12-06  · • An electronic service provider (ESP) is a person who supplies services that enable a custodian

Providing Electronic Services to Health Information Custodians€¦ · 2018-12-06  · • An electronic service provider (ESP) is a person who supplies services that enable a custodian

Documents
Custodian Bank Health Check - PwC Luxembourg · Products & Services Custodian Bank Health Check The situation Today, custodians are caught in the ambivalence of their role as independent

Custodian Bank Health Check - PwC Luxembourg · Products & Services Custodian Bank Health Check The situation Today, custodians are caught in the ambivalence of their role as independent

Documents
Janitors, Custodians, and Housekeepers Module 5

Janitors, Custodians, and Housekeepers Module 5

Documents
HealthcareBank HSA Overview - PayPro Administrators · Health Savings Account Overview HealthcareBank, one of the top 10 health savings account (HSA) custodians in the U.S., offers

HealthcareBank HSA Overview - PayPro Administrators · Health Savings Account Overview HealthcareBank, one of the top 10 health savings account (HSA) custodians in the U.S., offers

Documents
Purposes - Office of the Information and Privacy … · Web viewUnder the Health Information Act (HIA), custodians and their information managers must take reasonable steps to protect

Purposes - Office of the Information and Privacy … · Web viewUnder the Health Information Act (HIA), custodians and their information managers must take reasonable steps to protect

Documents
Document Custodians Job Aid 1

Document Custodians Job Aid 1

Documents
Board of Custodians-Sept 2015

Board of Custodians-Sept 2015

Documents
Bartle v Ge Custodians (Judgments Template)_jtk

Bartle v Ge Custodians (Judgments Template)_jtk

Documents
COASTAL CUSTODIANS · 2005. 6. 6. · Coastal Custodians 1 COASTAL CUSTODIANS Volume 2, Issue 7 February 2005 From the Editor: It took three visits to Aunty Vic’s and Lorraine’s

COASTAL CUSTODIANS · 2005. 6. 6. · Coastal Custodians 1 COASTAL CUSTODIANS Volume 2, Issue 7 February 2005 From the Editor: It took three visits to Aunty Vic’s and Lorraine’s

Documents
School IPM for Custodians

School IPM for Custodians

Documents
BCP: Emerging Themes for Custodians

BCP: Emerging Themes for Custodians

Documents
CORNELIA WEBER University collections as custodians of

CORNELIA WEBER University collections as custodians of

Documents
Protect heritage, respect custodians

Protect heritage, respect custodians

Services
Privacy Challenges in the Brave New World of the iEHRinicio.ifai.org.mx/EventosDocumentos/PresentacionGD.pdf · and information sharing among trustees/custodians: ... This aligns

Privacy Challenges in the Brave New World of the iEHRinicio.ifai.org.mx/EventosDocumentos/PresentacionGD.pdf · and information sharing among trustees/custodians: ... This aligns

Documents
Growing Public Health - UKPHR › wp-content › uploads › 2016 › 12 › 2016-11...Growing Public Health Assessors and verifiers as the custodians of the standards Paul Southon

Growing Public Health - UKPHR › wp-content › uploads › 2016 › 12 › 2016-11...Growing Public Health Assessors and verifiers as the custodians of the standards Paul Southon

Documents
Acknowledgment of the Traditional Custodians

Acknowledgment of the Traditional Custodians

Documents
EXCELLENT FANNIE MAE DOCUMENT CUSTODIANS

EXCELLENT FANNIE MAE DOCUMENT CUSTODIANS

Documents
CUSTODIANS OF HUMAN RIGHTS IN KASHMIR

CUSTODIANS OF HUMAN RIGHTS IN KASHMIR

Documents