The Globe and Mail is running an article on the Ontario health privacy law, the Personal Health Information Protection Act (PHIPA). One caveat though ... it seems to suggest that the law binds employers. The law only applies to "Health Information Custodians", which generally includes healthcare professionals, hospitals and the like. Employers and insurance companies are only affected by the rules that state that non-health information custodians can only use personal health information for the purposes for which it was disclosed to them by health information custodians:
New Ontario rules protect personal health data:"The rules will affect daily conduct of business for organizations such as insurance companies, hospitals, doctors and medical service providers, Mr. Zinn says.
However, in practical terms, employers can face questions about the way they collect and distribute employee health information for insurance plans or even who sees notes from doctors to confirm sick leave taken by employees.
Employees can file complaints with the office of the Information and Privacy Commissioner of Ontario for investigation. Individuals within organizations can be personally liable for fines of up to $50,000 for breaches of the regulations. Organizations could be fined up to $250,000. "
No comments:
Post a Comment