In addition to taking immediate action if the privacy of a patient’s personal health information has been breached, all health information custodians must report breaches to the Information and Privacy Commissioner of Ontario (IPC) each year.

Privacy breaches may include information about a patient that was stolen, lost, used without authority and/or disclosed without authority. Any regulated health professional who had at least one privacy breach of a patient’s personal health information during the 2018 reporting year—from January to December, are required by law to complete the online reporting questionnaire below, by Friday, March 1, 2019.

Do not submit a statistical report if you did not have any patient health information privacy breaches in 2018. Download the letter below for more information, including what NDs must report.
Letter from the IPC
(Adobe PDF File)