Get more information on FIPPA from the Ontario Government
FAQs brochure from the Information and Privacy Commissioner (IPC) of Canada
What is FIPPA?
Freedom of Information and Protection of Privacy Act (FIPPA) is legislation that gives the public right to request the records of public institutions, including hospitals as of Jan. 1, 2012. FIPPA regulates the collection, use and disclosure of personal information, and the retention, destruction, security and accuracy of personal information; it requires hospitals to maintain certain data banks; it applies to all existing corporate records. Read the complete Freedom of Information and Protection of Privacy Act online.
Is it always necessary to go through a formal process to access records?
No, the formal process is not always required. In fact, as much as possible, TDH will proactively post information on its public website www.tadh.com to make accessing information convenient. The information that you are seeking may be readily available, on the hospital’s public website. When it is not available on the public website, a formal request may be made.
How do I make a formal request for access to information under FIPPA?
If you are making a formal request for access to information or access to personal information or to have your personal information corrected, you must fill out the Access to Information Request form, for which public institutions may charge an application fee of $5. (The $5 cheque would be made out to Timmins and District Hospital. Additional fees may apply relevant to the cost of research, gathering and sending the information requested.
What if I disagree with the results of a formal access to information request?
You have the right to appeal a decision of the FIPPA officer to the provincial Information and Privacy Commissioner of Ontario. Appeals must be made within 30 days of when you receive the decision that you wish to appeal. You may contact the Commissioner at:
Information and Privacy Commissioner/Ontario 2 Bloor Street East, Suite 1400 Toronto, ON M4W 1A8
Pour joindre l'agente des communications bilingue, veuillez composer le (416) 326-4804.
What is PHIPA?
The Personal Health Information Protection Act(PHIPA) came into effect in Ontario, Canada on Nov. 1, 2004. PHIPA prescribes rules for the collection, use and disclosure of personal health information (PHI) in all types of health care settings, including hospitals, psychiatric facilities, laboratories, ambulance services, and nursing homes. PHIPA applies to all regulated health professionals (doctors, nurses, allied health professionals) and to non-regulated health professionals, who provide health care for payment, such as acupuncturists, psychotherapists, and ultrasonographers. PHIPA also gives patients rights related to access to their health records and how their health information is used. PHIPA defines personal health information (PHI) as identifiable information relating to an individual’s health and health care history. For example, information contained in medical files such as diagnostic, treatment and care information, OHIP numbers, genetic information and other health record details. To make a request related to Personal Health Information please email firstname.lastname@example.org or call ext. 6005.
Who is affected by PHIPA?
PHIPA applies to “health information custodians” in Ontario, Canada. Health information custodians include hospitals, doctors, health care practitioners, long-term care facilities, health care clinics, laboratories, pharmacies, the Ontario Ministry of Health and Long-Term Care and other health-related organizations. The Act also applies to organizations outside the health system that receive information such as insurance companies, employers and schools.
Under PHIPA you have the right to:
Be confident that your personal health information (PHI) held by us remains accurate, confidential and secure
Know how to collect, use, disclose and store personal health information
Look at or receive a copy of your personal health information. Please note there is per page cost to obtain a record and requests must be made in writing
Ask us to correct your client health record
Expect that your personal health information remains private. We will not share your personal health information with others without your consent unless we are permitted or required by law
Ask questions or make a complaint to the Privacy Officer of TDH or the Privacy Commissioner about our information management practices
Withdraw your consent (if the law allows) for some of the above uses and disclosures by contacting us
What is Personal Health Information (PHI)?
PHIPA defines personal health information (PHI) as identifiable information relating to an individual’s health and health care history. PHI includes medical file information such as:
Diagnostic, treatment and care information
Payments or eligibility for health care
Donations, testing or examination of any body part or bodily substance
Your health card number, OHP number
Information identifying your substitute decision maker
Other health record details
How do I update/change/access my Personal Health Information?
To update/change/access your Personal Health Information, please email email@example.com
What’s the difference between PHIPA and FIPPA?
Personal Health Information Protection Act (PHIPA) prescribes rules for the collection, use and disclosure of personal health information (PHI) in all types of health care settings, including hospitals, psychiatric facilities, laboratories, ambulance services, nursing homes and applies to all regulated and non-regulated health care professionals. PHIPA only governs the collection, use and disclosure of personal health information and not other types of information. Under PHIPA, you are entitled to request access to your own records of personal health information, including hospital records. PHIPA also allows a substitute decision-maker to access records of personal health information on behalf of another individual in defined circumstances.
Freedom of Information and Protection of Privacy Act (FIPPA) relates to records of an institution, such as hospitals (as of Jan. 1, 2012). FIPPA regulates the collection, use and disclosure of personal information, and the retention, destruction, security and accuracy of personal information; it requires hospitals to maintain certain data banks; it applies to all existing corporate records. What is personal information?
The definition of "personal information" as given in FIPPA is recorded information about an identifiable individual, including:
Information relating to the race, national or ethnic origin, colour, religion, age, sex, sexual orientation or marital or family status of the individual
Information relating to the education or the medical, psychiatric, psychological, criminal or employment history of the individual or information relating to financial transactions in which the individual has been involved
Any identifying number, symbol or other particular assigned to the individual
The address, telephone number, fingerprints or blood type of the individual
The personal opinions or views of the individual except where they relate to another individual
Correspondence sent to an institution by the individual that is implicitly or explicitly of a private or confidential nature, and replies to that correspondence that would reveal the contents of the original correspondence
The views or opinions of another individual about the individual
The individuals name where it appears with other personal information relating to the individual or where the disclosure of the name would reveal other personal information about the individual
What is a personal information bank?
The definition of a "personal information bank" as given in FIPPA is a collection of personal information that is organized and capable of being retrieved using an individuals name or an identifying number or particular assigned to the individual.
Who can I contact for further information?
TDH's FOI office: send email to firstname.lastname@example.org or call 705.267.2131 ext. 6005