The Personal Health Information Act (PHIA)
The Personal Health Information Act (PHIA) is a provincial law that governs the collection, use and disclosure of personal health information; including providing individuals with the right to access, or request correction to their own personal health information, subject to limited and specific exceptions set out in the Act.
PHIA recognizes that individuals expect their health information to be kept private and confidential and that it should not be collected, used or disclosed for purposes not related to their care or services, unless permitted or required by law. Personal health information is sometimes needed to manage health care systems, for health research and for other similar purposes. Law enforcement officials, health officials and others may also have a legitimate need to access personal health information, under limited and specific circumstances. PHIA balances an individual's right to privacy with the legitimate needs of persons and organizations that provide health care services to collect, use and disclose personal health information.
Access to Information and Protection of Privacy Act (ATIPPA)
The Access to Information and Protection of Privacy Act (ATIPPA) is a provincial law that governs provincial public bodies (defined in the Act), including government departments, agencies, health boards, school boards and municipalities.
The purpose of the Access to Information and Protection of Privacy (ATIPP) is to make government more open and accountable. It does so in a number of ways:
Gives people the right to access government held records
Requires government to report annually to the House of Assembly on the administration of the ATIPPA
Establishes an ATIPP Office to oversee the administration and coordination of the ATIPPA
Establishes the Office of the Information and Privacy Commissioner which will be an independent review mechanism for people who believe they have been unfairly denied access to information or have a complaint about how a request was handled
Requires a comprehensive review of ATIPPA every five years
The key purpose of ATIPP is to protect the privacy of individuals whose personal information is held by public bodies.
How can I make an ATIPPA request for general or personal non-medical information?
To make a request under the Access to Information and Protection of Privacy Act, 2015 (ATIPPA), please submit the Form 1 – Access to Information Request Form (PDF) via email to email@example.com, or via mail to:
NLHS ATIPP Coordinator
760 Topsail Road
Mount Pearl, NL A1N 3J5
Webmaster: URL for the Form 1 link = https://www.easternhealth.ca/wp-content/uploads/2020/06/forms-pdf-form1-access-to-information-request.pdf
A privacy breach occurs when there is unauthorized and/or inappropriate access, collection, use, disclosure or disposal of personal information or personal health information.
The most common privacy breaches occur when personal information and/or personal health information of clients or employees is stolen, lost or mistakenly disclosed (shared).
Examples of privacy breaches are:
A document containing information about you is sent to the wrong fax machine, office or mailing address.
Unauthorized and/or inappropriate access occurs where by an individual who is not involved in your treatment or health care, accesses your information
If you have a concern or question about your privacy at Central Health please contact the Privacy Manager by email or telephone at (709) 292-1289 or 292-1776.
Systems Audit Request Form - Personal Health Information - To request an audit to ensure your personal health information has not been accessed inappropriately, complete a Systems Audit Request Form and submit to the Privacy Office at James Paton Memorial Health Centre in Gander, NL.