In addition to taking immediate action if the privacy of a patient’s personal health information has been breached, all health information custodians must report breaches to the Information and Privacy Commissioner of Ontario (IPC) each year.
Privacy breaches may include information about a patient that was stolen, lost, used without authority and/or disclosed without authority. Any regulated health professional who had at least one privacy breach of a patient’s personal health information during the 2018 reporting year—from January to December, are required by law to complete the online reporting questionnaire below, by Friday, March 1, 2019.
Do not submit a statistical report if you did not have any patient health information privacy breaches in 2018. Download the letter below for more information, including what NDs must report.