DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

Privacy Commissioner Cavoukian and seven health organizations team up to eliminate confusion over key element of health privacy law

Posted on September 2, 2009 by Dissent

Ontario’s Information and Privacy Commissioner, Dr. Ann Cavoukian, today released a new publication that includes specific practical examples to help clarify any confusion over when health information custodians can assume a patient’s implied consent to collect, use or disclose personal health information.

The brochure, Circle of Care: Sharing Personal Health Information for Health-Care Purposes, was developed with the collaboration of seven health organizations. “This brochure cuts through the confusion surrounding the term circle of care,” said the Commissioner. “We are using seven relevant examples from across the broader continuum of the health sector to provide such clarification.”

“There had been some confusion in the health sector as to the meaning and scope of the circle of care concept,” explained Commissioner Cavoukian. “In part, this may have been because the term does not appear in the Personal Health Information Protection Act, 2004. It is, however, commonly used in the health-care community to describe the provisions in the Act that permit health-care providers to assume a patient’s implied consent to collect and use personal health information – and to share that information with other health-care providers – in order to provide health care to that patient, unless the patient expressly indicates otherwise.”

The Act is based on the premise that privacy can be protected, without needless delays in the health system.

“Overall, the Act is working very well, but clarity needed to be brought to bear on the circle of care concept,” said Commissioner Cavoukian.

The seven examples in the brochure address this. As a fictional 61-year-old patient is followed through much of the health-care system, the examples provide specific guidance relating to when a health provider can assume implied consent.

The seven health organizations that worked with the IPC include (in alphabetical order): the College of Physicians and Surgeons, the Ontario Association of Community Care Access Centres, the Ontario Association of Non-Profit Homes and Services for Seniors, the Ontario Hospital Association, the Ontario Long Term Care Association, the Ontario Medical Association and the Ontario Ministry of Health and Long-Term Care.

Here is a condensed version of one of the examples used in the brochure:

A patient is sent by his family doctor to a laboratory for blood and urine testing. A geriatrician, a specialist whom the patient has been referred to by his family doctor, would like to obtain the results of those tests. He would also like to obtain a list of the patient’s current prescriptions from the pharmacy where he fills all his prescriptions.

Can the laboratory and pharmacy disclose this personal health information and can the geriatrician collect information based on assumed implied consent?

Yes. The laboratory, pharmacy and geriatrician may assume implied consent. The personal health information was received by the laboratory and pharmacy – and will be received by the geriatrician – for the purpose of providing health care to this patient.

“Personal health information may be shared within the circle of care – among health-care providers who are providing health care to a specific patient – but not outside that circle,” stressed Commissioner Cavoukian. “Any sharing of personal health information with other health-care providers for purposes other than the provision of health care – or the sharing of personal health information with persons or organizations that are not health-care providers, such as insurers and employers – requires the express consent of the patient.”

To see a copy of the brochure, visit www.ipc.on.ca.

Source: CNW. You can download a copy of the press release here (pdf).

Category: Uncategorized

Post navigation

← Bits ‘n Pieces
5 men named in racket that netted $4m in stolen card data →

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • ICE takes steps to deport the Australian hacker known as “DR32”
  • Hearing on the Federal Government and AI
  • Nigerian National Sentenced To More Than Five Years For Hacking, Fraud, And Identity Theft Scheme
  • Data breach of patient info ends in firing of Miami hospital employee
  • Texas DOT investigates breach of crash report records, sends notification letters
  • PowerSchool hacker pleads guilty, released on personal recognizance bond
  • Rewards for Justice offers $10M reward for info on RedLine developer or RedLine’s use by foreign governments
  • New evidence links long-running hacking group to Indian government
  • Zaporizhzhia Cyber ​​Police Exposes Hacker Who Caused Millions in Losses to Victims by Mining Cryptocurrency
  • Germany fines Vodafone $51 million for privacy, security breaches

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • The Decision That Murdered Privacy
  • Hearing on the Federal Government and AI
  • California county accused of using drones to spy on residents
  • How the FBI Sought a Warrant to Search Instagram of Columbia Student Protesters
  • Germany fines Vodafone $51 million for privacy, security breaches
  • Malaysia enacts data sharing rules for public sector
  • U.S. Enacts Take It Down Act

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.