Ontarioâ€™s Example on Privacy
Ann Cavoukian, the Privacy Commissioner of Ontario, has a letter to the editor in the New York Times in which she recommends Canadian medical privacy law as a model for us:
Re â€œSafeguarding Private Medical Dataâ€ (editorial, March 26):
I couldnâ€™t agree with you more. In Ontario, we take privacy very seriously, especially when it comes to medical data.
Four years ago, we passed the Personal Health Information Protection Act, or Phipa, and havenâ€™t looked back. This law provides solid privacy protection for health data but doesnâ€™t act as a barrier to the delivery of health services. It doesnâ€™t interfere with health care but ensures that it comes wrapped in a layer of privacy.
As privacy commissioner of Ontario, I can investigate complaints and issue orders if Phipa is breached. One order I issued requires that any identifiable health data must be encrypted if removed from a health care facility on a laptop or any other medium.
Medical privacy is far too important to be left to chance, or to the well intentioned. Strong legislated safeguards are needed.
Take a look at Phipa, which could serve as an excellent model.
Toronto, March 27, 2008