(Photo credit: Kurhan/SXC)
Ontario was once a leader in its health privacy law, but over the past few years, it’s been slow to implement mandatory reporting of privacy violations, according to a recent Toronto Star article.
In other provinces, hospitals have implemented or are moving towards requirements to report any privacy breaches to the proper privacy organization. But this isn’t the case in Ontario where hospitals that experience privacy breaches are not required to report them to Ontario’s privacy commission. Acting information and privacy commissioner Brian Beamish is pushing for changes, according to the Star.
In 2004, the first health information privacy law in Canada, the Personal Health Information Protection Act, was implemented in Ontario, which allowed hospitals to investigate privacy breaches, inform affected parties and fire staff related to the issue. Similar versions of this law were soon adopted by other provinces, which have seen their legislation updated since then.
Last year, there was a great deal of attention brought to hospital privacy breaches.
In one case, the Ontario Securities Commission charged a former employee of Rouge Valley Centenary Hospital after it was discovered the clerk sold confidential patient information to a company that sold Registered Education Savings Plans. Contact information was given for patients who’d given birth between 2009 to 2014, which affected more than 8,000 patients. The charged employee could be fined of up to $5 million or be jailed for up to five years, according to the Toronto Star.
Former mayor Rob Ford has also been the victim of a privacy breach with his recent liposarcoma cancer diagnosis when his records were wrongfully accessed in at least three Toronto hospitals. No details have been released by the hospitals in regards to how many employees accessed the records inappropriately, as well as how staff were disciplined, due to privacy reasons, according to the Star.
Meanwhile, unlawful access of medical records looks to be on the rise, a lawyer who’s representing patients in five privacy-related class action lawsuits told the Star.
“As a lawyer who has a number of these cases on the go, I absolutely think hospitals should disclose to the public what has been done, who has done it and what has happened as a result of that,” the lawyer told the Star.
Hospitals are only required to tell patients that the breach occurred, but any additional information they choose to share varies.
“The bottom line is, it varies from hospital to hospital, and that is the most troubling aspect about this — there is absolutely no uniformity right now,” the lawyer told the Star.
“The public deserves to know, because we all use the hospitals, the hospitals are public institutions and the public confidence has to be there.”
If you’ve been injured by negligence by a doctor or healthcare worker, you can be compensated. The personal injury and accident lawyers at Neinstein Personal Injury Lawyers have been handling all types of injuries for over 45 years including injuries from medical malpractice. We understand the impacts injuries can have on your life and we know how to help you. Call us at 416-920-4242. Set up a free consultation and come talk with us.
Greg Neinstein
Latest posts by Greg Neinstein (see all)
- Do I have a personal injury case? - April 23, 2019
- Are your insurance premiums high? Check your postal code - April 17, 2019
- This was an unusually harsh winter for slip-and-falls - April 11, 2019