DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

Privacy Commissioner Cavoukian and seven health organizations team up to eliminate confusion over key element of health privacy law

Posted on September 2, 2009 by Dissent

Ontario’s Information and Privacy Commissioner, Dr. Ann Cavoukian, today released a new publication that includes specific practical examples to help clarify any confusion over when health information custodians can assume a patient’s implied consent to collect, use or disclose personal health information.

The brochure, Circle of Care: Sharing Personal Health Information for Health-Care Purposes, was developed with the collaboration of seven health organizations. “This brochure cuts through the confusion surrounding the term circle of care,” said the Commissioner. “We are using seven relevant examples from across the broader continuum of the health sector to provide such clarification.”

“There had been some confusion in the health sector as to the meaning and scope of the circle of care concept,” explained Commissioner Cavoukian. “In part, this may have been because the term does not appear in the Personal Health Information Protection Act, 2004. It is, however, commonly used in the health-care community to describe the provisions in the Act that permit health-care providers to assume a patient’s implied consent to collect and use personal health information – and to share that information with other health-care providers – in order to provide health care to that patient, unless the patient expressly indicates otherwise.”

The Act is based on the premise that privacy can be protected, without needless delays in the health system.

“Overall, the Act is working very well, but clarity needed to be brought to bear on the circle of care concept,” said Commissioner Cavoukian.

The seven examples in the brochure address this. As a fictional 61-year-old patient is followed through much of the health-care system, the examples provide specific guidance relating to when a health provider can assume implied consent.

The seven health organizations that worked with the IPC include (in alphabetical order): the College of Physicians and Surgeons, the Ontario Association of Community Care Access Centres, the Ontario Association of Non-Profit Homes and Services for Seniors, the Ontario Hospital Association, the Ontario Long Term Care Association, the Ontario Medical Association and the Ontario Ministry of Health and Long-Term Care.

Here is a condensed version of one of the examples used in the brochure:

A patient is sent by his family doctor to a laboratory for blood and urine testing. A geriatrician, a specialist whom the patient has been referred to by his family doctor, would like to obtain the results of those tests. He would also like to obtain a list of the patient’s current prescriptions from the pharmacy where he fills all his prescriptions.

Can the laboratory and pharmacy disclose this personal health information and can the geriatrician collect information based on assumed implied consent?

Yes. The laboratory, pharmacy and geriatrician may assume implied consent. The personal health information was received by the laboratory and pharmacy – and will be received by the geriatrician – for the purpose of providing health care to this patient.

“Personal health information may be shared within the circle of care – among health-care providers who are providing health care to a specific patient – but not outside that circle,” stressed Commissioner Cavoukian. “Any sharing of personal health information with other health-care providers for purposes other than the provision of health care – or the sharing of personal health information with persons or organizations that are not health-care providers, such as insurers and employers – requires the express consent of the patient.”

To see a copy of the brochure, visit www.ipc.on.ca.

Source: CNW. You can download a copy of the press release here (pdf).

Related posts:

  • Commissioner Cavoukian issues new publication in collaboration with the National Association for Information Destruction: Best Practices for the Secure Destruction of Personal Health Information
Category: Uncategorized

Post navigation

← Bits ‘n Pieces
5 men named in racket that netted $4m in stolen card data →

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • Hacker helped kill FBI sources, witnesses in El Chapo case, according to watchdog report
  • Texas Centers for Infectious Disease Associates Notifies Individuals of Data Breach in 2024
  • Battlefords Union Hospitals notifies patients of employee snooping in their records
  • Alert: Scattered Spider has added North American airline and transportation organizations to their target list
  • Northern Light Health patients affected by security incident at Compumedics; 10 healthcare entities affected
  • Privacy commissioner reviewing reported Ontario Health atHome data breach
  • CMS warns Medicare providers of fraud scheme
  • Ex-student charged with wave of cyber attacks on Sydney uni
  • Detaining Hackers Before the Crime? Tamil Nadu’s Supreme Court Approves Preventive Custody for Cyber Offenders
  • Potential Cyberattack Scrambles Columbia University Computer Systems

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • Hacker helped kill FBI sources, witnesses in El Chapo case, according to watchdog report
  • Germany Wants Apple, Google to Remove DeepSeek From Their App Stores
  • Supreme Court upholds Texas law requiring age verification on porn sites
  • Justices nix Medicaid ‘right’ to choose doctor, defunding Planned Parenthood in South Carolina
  • European Commission publishes its plan to enable more effective law enforcement access to data
  • Sacred Secrets: The Biblical Case for Privacy and Data Protection
  • Microsoft’s Departing Privacy Chief Calls for Regulator Outreach

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.