The Personal Health Information Act (PHIA)

The Personal Health Information Act (PHIA) is a provincial law that governs the collection, use and disclosure of personal health information; including providing individuals with the right to access, or request correction to their own personal health information, subject to limited and specific exceptions set out in the Act.

PHIA recognizes that individuals expect their health information to be kept private and confidential and that it should not be collected, used or disclosed for purposes not related to their care or services, unless permitted or required by law. Personal health information is sometimes needed to manage health care systems, for health research and for other similar purposes.  Law enforcement officials, health officials and others may also have a legitimate need to access personal health information, under limited and specific circumstances.  PHIA balances an individual's right to privacy with the legitimate needs of persons and organizations that provide health care services to collect, use and disclose personal health information.

The Personal Health Information Act (PHIA)

 

Access to Information and Protection of Privacy Act (ATIPPA)

The Access to Information and Protection of Privacy Act (ATIPPA) is a provincial law that governs provincial public bodies (defined in the Act), including government departments, agencies, health boards, school boards and municipalities. 

The purpose of the Access to Information and Protection of Privacy (ATIPP) is to make government more open and accountable.  It does so in a number of ways:

  • Gives people the right to access government held records

  • Requires government to report annually to the House of Assembly on the administration of the ATIPPA

  • Establishes an ATIPP Office to oversee the administration and coordination of the ATIPPA

  • Establishes the Office of the Information and Privacy Commissioner which will be an independent review mechanism for people who believe they have been unfairly denied access to information or have a complaint about how a request was handled

  • Requires a comprehensive review of ATIPPA every five years

 

The key purpose of ATIPP is to protect the privacy of individuals whose personal information is held by public bodies. 

 

The general public may request information in the custody or control of Central Health within the provisions of the legislation.  For more information please contact the Access and Privacy Coordinator for our organization:

 

Privacy Manager
Central Health
James Paton Memorial Regional Health Centre
Gander, NL A1V 1P7
Telephone: (709) 256-5452
Email: Privacy Manager

 

Privacy Breach

A privacy breach occurs when there is unauthorized and/or inappropriate access, collection, use, disclosure or disposal of personal information or personal health information.

The most common privacy breaches occur when personal information and/or personal health information of clients or employees is stolen, lost or mistakenly disclosed (shared).

Examples of privacy breaches are:

  • A document containing information about you is sent to the wrong fax machine, office or mailing address.

  • Unauthorized and/or inappropriate access occurs where by an individual who is not involved in your treatment or health care, accesses your information

 

If you have a concern or question about your privacy at Central Health please contact the Privacy Manager by email or telephone at (709) 256-5452.

Privacy Breach - July 28, 2020

Systems Audit Request Form - Personal Health Information  - To request an audit to ensure your personal health information has not been accessed inappropriately, complete a Systems Audit Request Form and submit to the Privacy Office at James Paton Memorial Health Centre in Gander, NL. 

 

Helpful Links