The province announced on June 10th that it will remove barriers to prosecuting those who breach the Personal Health Information Protection Act (PHIPA). The Toronto Star reported (http://goo.gl/LKMmx3) that Ontario will introduce amendments to multiple legislation to strengthen health privacy, including streamlining the prosecution process by removing a six month deadline to lay charges, doubling fines for “snoopers” from $50,000 to $100,000, and forcing hospitals to report breaches to regulatory colleges and the provincial privacy commissioner.
According to Health Minister Dr. Eric Hoskins, recent high profile privacy breaches spurred the province to introduce the changes to “boost accountability across the whole health sector”. The Star further reported that the Ministry held a number of meetings with Information and Privacy Commissioner Brian Beamish and is acting on “every single one of the Commissioner’s recommendations to strengthen PHIPA”.
When PHIPA’s new teeth come into force, will health organizations be ready? One way to prepare is for organizations to implement good information governance. Organizing and securing private information is one tool to ensure that should a breach occur, organizations are ready.