Privacy is a fundamental right of every Ontarian. To protect this right, public institutions, which handle personal health information, are required to abide by the Personal Health Information Protection Act (PHIPA). As an organization governed by PHIPA, all TBRHSC employees and affiliates are obligated to safeguard patient privacy by limiting the collection, use, and disclosure of patient information to that which is necessary to provide care.

The Information and Privacy Commissioner (IPC) of Ontario is the provincial body, which provides oversight of Ontario’s access and privacy laws. The IPC has legal authority to ensure Health Information Custodians (and their agents), which includes TBRHSC, comply with the provisions of the legislation. One of these obligations involves reporting privacy breaches to the IPC for their further review and action if need be.

Role of the Privacy Officer:        

• Promote Confidentiality and Privacy
• Provide guidance on privacy policies, procedures and legislation
• Orient new staff and provide privacy training to all staff
• Conduct Privacy Audits and Breach Investigations
• Advise staff on matters of privacy, confidentiality and consent

Privacy Breaches occur when personal information is collected, retained, used or disclosed in ways that are not in accordance with the provisions of the Acts, (PHIPA, FIPPA, MFIPPA).

Your Responsibility:

Your personal responsibility is to safeguard patient and organizational privacy in all aspects of your job, and outside of the organization by limiting the collection, use, and disclosure of Personal Health Information to only that which is required to provide care or complete assigned work

Change in Reporting Privacy breaches should no longer be logged through the Hospital’s Safety Reporting system. Instead, any privacy questions or concerns can be directed to the Privacy Officer via phone at 807-684-6988, by email at TBRHSC.Privacy@tbh.