Skip to main content
;

Bill C-311

If you have any questions or comments regarding the accessibility of this publication, please contact us at accessible@parl.gc.ca.

PDF

SCHEDULE
(Section 5, subsections 6(1) and (3), section 7, paragraphs 13(a) and 18(c) and subsection 19(3))

1. Constraints on Purposes and Limitation on Collection, Use, Disclosure and Access

1.1 Provided that the principles contained in this Schedule are complied with, and that the principles related to patient consent are applied, health information may be collected, used, disclosed or accessed for the following purposes:

      (a) primary purposes, being

(i) primary therapeutic purposes, that relate to the initial reason for a patient seeking or receiving care in the therapeutic context and other needs or problems that are diagnosed in relation thereto, and which pertain to the delivery of health care to a particular patient with respect to the presenting health needs or problems and encompasses consultation with and referral to other providers on a need-to-know basis, or

(ii) primary longitudinal purposes, which concerns developing composite health information about a particular patient, such as a detailed medical history, beyond a direct application to the presenting health needs or problems, in order to enhance ongoing general health care to that person;

      or

      (b) secondary purposes, being

(i) secondary legislated purposes, which is to health information collection, use, disclosure or access required or permitted by or pursuant to an Act of Parliament or the legislature of a province, or

(ii) secondary non-legislated purposes, which are any other purposes, such as education or research, not regulated by or pursuant to an Act of Parliament or the legislature of a province, that meet the provisions of this Act and the requirements of this Schedule.

1.2 Health information collection, use, disclosure or access for primary therapeutic and longitudinal purposes may be as extensive as necessary to fulfil such purposes.

1.3 Health information collection, use, disclosure or access for secondary purposes shall be as restricted as possible and as necessary to protect the patient's right of privacy in the therapeutic context.

1.4 Health information collection, use, disclosure or access without patient consent shall only occur when

      (a) permitted or required by or pursuant to an Act of Parliament or the legislature of a province; or

      (b) ordered or determined by a court.

1.5 Every existing or proposed secondary purpose for health information collection, use, disclosure or access, including health information systems or networks, shall be subjected to a patient privacy impact analysis initiated by the health information custodian, and at their expense.

1.6 No existing or proposed secondary purpose shall continue or commence after the day that is one year after the coming into force of this Act unless the Commissioner has stated in writing that it has been demonstrated to the satisfaction of the Commissioner that a patient privacy impact analysis has been conducted, the analysis covered the requirements of section 1.7, the results have been provided to the Commissioner and show that the use will conform with section 1.7.

1.7 In respect of a secondary purpose,

      (a) the results of the patient privacy impact analysis must be made public in the manner directed by the Commissioner;

      (b) collection of health information by persons beyond the therapeutic context must not exploit or compromise the trust of the patient-physician relationship;

      (c) the use of health information must not be likely to inhibit patients from confiding information for primary purposes;

      (d) the ability of physicians to discharge their fiduciary duties to patients must not be compromised;

      (e) patient vulnerability must not be exploited;

      (f) collection of health information must be restricted to what is necessary for the identified purpose and must not intrude upon a primary purpose;

      (g) patients must be fully informed of the secondary purpose and the patient must be informed that consent is voluntary;

      (h) patient privacy will be intruded upon only to the most limited degree possible in light of the purposes consented to;

      (i) linkage of health information must be restricted and consented to by the patient;

      (j) all reasonable steps must be taken to make health information permanently anonymous, but if has been demonstrated to the satisfaction of the Commissioner that making health information permanently anonymous will render it inadequate for legitimate uses, the information must be collected and stored in a format in which the patients identity has been removed or codified but may be restored, commonly referred to as a deidentified-relinkable format;

      (k) any third party to whom health information is released must be bound by the provisions of this Act or have equivalent and enforceable provisions in place;

      (l) use for the secondary purpose must not be applied retroactively to existing health information unless patient consent is given; and

      (m) uses for the secondary purpose must not be continued if there is an adverse effect on the privacy of patients.

1.8 Before a health information custodian uses health information in its custody for secondary non-legislated purposes, or before it releases or makes health information accessible to an external third party for secondary non-legislated purposes, it must demonstrate or require the third party to demonstrate that the provisions of section 1.6 of this Schedule have been complied with.

1.9 Health information shall not be collected by means that are unlawful, unfair or exploit the patient's vulnerability, nor shall any of the patient's beliefs or potentially false expectations about subsequent collection, use, disclosure or access be exploited.

1.10 Health information shall be retained only as long as it is necessary to fulfil authorized purposes and once the authorized purposes are fulfilled it shall be securely destroyed, unless some issue or decision related to the patient and pertinent to the patient's health information is pending.

2. Knowledge and Specification of Purpose, Collection, Use, Disclosure and Access

2.1 Knowledge must be provided to patients to ensure that before they confide health information or permit health information to be collected, they actually understand what can or will subsequently happen with the information, particularly with respect to uses without any further specific consent being requested.

2.2 Every health information custodian must establish and maintain a system of documentation that lists all purposes for which the custodian uses or discloses the health information it collects, including to whom it permits access, to what information is access given, in what format it is provided, whether the patient's consent is required and which provides adequate safeguards to ensure compliance with this Act.

2.3 Every provider must recognize that, within a therapeutic context, health information is confided or provided by patients in the knowledge or with the belief that the confiding or providing is necessary to achieve therapeutic purposes and therefore patients must be explicitly informed about any other purposes.

2.4 No person shall use health information for a purpose not identified to the patient at or before the time it is confided or collected, unless the patient's consent is subsequently sought and obtained before it is used for any previously unidentified purpose.

2.5 Every patient must either have or be provided by reasonable means with knowledge about what can or will happen with their health information. The degree of detail or specificity of this knowledge is what a reasonable person would presume to be germane to the decision of the patient in the circumstances of the patient.

2.6 Unless a particular patient has given indication to the contrary, the conveyance of generic information is a reasonable means of providing knowledge. When the preferences of a particular patient for being informed are known or can be reasonably inferred given his or her circumstances, the provision of knowledge should as much as possible be adapted to these preferences.

3. Consent

3.1 Subject to section 1.4 of this Schedule, the patient's consent is required for health information collection, use, disclosure or access for any purpose.

3.2 For the purposes of this Act, consent for health information collection, use, disclosure or access in emergency situations is deemed to have been given to the extent necessary to allay the emergency as consistent with legal principles governing emergency medical care. The protection accorded this information shall be consistent with the provisions of this Act.

3.3 Consent to health information collection, use, disclosure and access for the primary therapeutic purpose may be inferred. Consent to subsequent collection, use, disclosure and access on a need-to-know basis by or to other physicians or providers for this purpose may be inferred, if there is no evidence that the patient would not have given express consent to share the information.

3.4 Consent to health information collection, use, disclosure and access for longitudinal primary purposes must be express unless the provider has good reason to imply patient consent.

3.5 For the purposes of this Act, disclosure of health information to the patient's relatives or significant others is recognized as assisting in primary purposes. Consent to this disclosure must be express unless the provider has good reason to imply patient consent.

3.6 Consent can only be inferred in the case of primary purposes; collection, use, disclosure or access thus authorized must be limited either to the known expectations of a particular patient or to what the reasonable person in similar circumstances would likely believe necessary to receive health care.

3.7 Implied consent does not deprive the patient of the right to refuse consent or the right to challenge the provider's finding of implied consent.

3.8 Patient consent for secondary non-legislated purposes shall be express, voluntary and fully informed.

3.9 Where express consent is required, patients must be informed of their right to refuse consent.

3.10 Patient care shall not be deliberately compromised as a consequence of the patient's refusal to provide express consent, nor shall any fear that the patient might have that this could occur be exploited.

3.11 Consent must not be obtained by coercion, deception or manipulation. Failure to inform the patient by reasonable means of relevant information pertinent to the consent invalidates the consent.

3.12 All health information is sensitive and should be treated as such. The more sensitive the health information is likely to be, in light of the circumstances or preferences of the patient, the more important it is to ensure that consent is voluntary and informed.

4. Individual Access

4.1 The patient is entitled to know about and, subject to 4.5 of this Schedule, to have access to any information about himself or herself under the custody of the health information custodian.

4.2 Patients must be informed that they have the right to access their health information, to read it and to have copies of it.

4.3 Patients who wish to access their health information must be given the opportunity to do so and receive any explanation they need from a health professional who is knowledgeable about this information and capable of interpreting it for the patient.

4.4 Patients must be able to receive copies of their health information at a reasonable cost that does not exceed the cost of providing the information.

4.5 A provider may withhold health information from a patient if the provider has made a written record of a determination that there is a significant likelihood of a substantial adverse effect on the physical, mental or emotional health of that particular patient or substantial harm to a third party, and the onus is on the provider to justify the withholding.

4.6 Patients are entitled to know who has gained access to their health information and for what purposes.

5. Accurate Recording of Information

5.1 Health information shall be recorded as accurately as possible, and shall be as complete and current as necessary for authorized purposes.

5.2 The recording of statements of fact, clinical judgements and determinations or assessments shall reflect as nearly as possible what has been confided by the patient and what has been ascertained, hypothesized or determined to be true using professional judgement.

5.3 Patients who have reviewed their health information and believe it to be inaccurately recorded or false have the right to suggest amendments and to have their amendments appended to the health information.

5.4 Whenever possible, health information should be recorded in a form that allows for authorized secondary purposes consented to by the patient.

5.5 Standardization of recording requirements relevant to subsequent secondary purposes shall not impede recording of information for primary purposes.

6. Security

6.1 Health information, regardless of the information format, shall be protected by security safeguards to ensure compliance with the provisions of this Act.

6.2 The development of security safeguards with respect to levels of access for various users shall recognize the differences in the sensitivity of health information and permit access accordingly.

6.3 Security safeguards shall impede as little as possible health information collection, use, access and disclosure for primary purposes.

6.4 A health information custodian shall ensure that only authorized persons are able to collect, use, disclose or access health information in its control. Persons thus authorized must have a clear understanding of the authority, parameters, purposes and responsibilities of their access, and of the consequences of failing to fulfil their responsibilities.

6.5 An authorized person's access to health information, including persons or groups external to the health information custodian, shall be limited to only the information needed for the authorized purpose, and be in the least intrusive format.

6.6 Security safeguards shall be used to prevent unauthorized health information collection, use, disclosure and access and must include both physical and human resource safeguards including locked filing cabinets, restricted access to certain offices or areas, and the use of passwords, encryption and lock-boxes, personnel security clearances, sanctions, training and contractual undertakings.

6.7 A health information custodian must protect health information in its custody so as to ensure its integrity and have assurance that the integrity of information received from other health information custodians has been similarly safeguarded.

6.8 Security safeguards must include, where appropriate, corporate identification, authentification procedures, information integrity and availability safeguards and assurances that the procedures and undertakings are not subject to repudiation.

7. Accountability

7.1 Health information custodians are responsible for the security of health information they collect, use, disclose or permit access to.

7.2 Health information custodians must ensure that persons, including administrative and technical support staff, receive authorization to access health information only as necessary to fulfil authorized purposes.

7.3 A health information custodian must ensure that anyone permitted to have access to health information has clearly defined and understood responsibilities in connection with health information, agrees to accept those responsibilities, and is subject to appropriate sanctions for failing to fulfil the accepted responsibilities.

7.4 Health information custodians must designate a qualified person responsible and accountable for monitoring and ensuring internal compliance with this Act. The designated accountable person must have the autonomy, authority, and resources necessary to ensure the health information custodian's adherence to the Act. In the case of small private practices the practitioner or one of them may be designated.

7.5 Policies and procedures to ensure compliance with this Act must consider the special, direct accountability of health professionals to their patients and protect the high level of trust vested in health professionals that is essential to secure initial confiding of health information for therapeutic purposes.

7.6 Health information custodians must ensure that third parties privy to health information are bound by this Act or are bound by equivalent and enforceable provisions. Provided that this has been determined before health information is disclosed or made accessible, health information custodians are not accountable for the actions of third parties or for what subsequently happens to the information.

7.7 Although it is the responsibility of the health information custodian to ensure that patients are appropriately informed, secondary users whose information requirements impose a burden upon the health information custodian are responsible for covering their share of any related costs or resource requirements, such as preparation of brochures. Health information custodians may reasonably require secondary users to cover their own costs as a condition of making health information available to them as authorized.

8. Transparency and Openness

8.1 Health information custodians must have transparent, explicit and open policies, procedures and practices, tailored to their practice setting, that seek to ensure that patients are provided with information about what can or must happen with their health information without their consent.

8.2 Policies, procedures and practices must be as explicit as necessary to ensure that patients are aware of any considerations that could be relevant to deciding what information they elect to freely confide or consent to be collected, used, disclosed or accessed. Nothing must be left implicit that, if made explicit, could reasonably be expected to alter a patient's decision to freely confide information. Information about non-consensual collection, use, disclosure and access must be made explicit.

8.3 Patients must be able to discuss the health information custodian's policies, procedures and practices concerning health information with a knowledgeable person and have specific questions about their own health information answered in a timely fashion.

8.4 A health information custodian's policies, procedures and practices must ensure that patients can understand what may or must happen to their health information, that consent is sought as required by this Act and that nothing is left implicit or unknown to patients that if known or made explicit could reasonably be expected to alter a patient's decision to freely confide information.

8.5 Patients must be able to challenge the health information custodian's compliance with the provisions of this Act by addressing their concerns to an individual designated by the custodian for the purpose.

8.6 Procedures must be in place to enable and require the health information custodian to receive and respond to complaints or inquiries about policies, procedures and practices relating to health information collection, use, disclosure and access. The complaint process must be easily accessible and simple to use.

8.7 Patients who make inquiries or lodge complaints must be informed of the relevant complaint procedure.

8.8 All complaints must be investigated by the health information custodian to whom they are directed and if found to be justified, the custodian must take appropriate remedial measures such as amending policies, procedures or practices.

9. Health Information Policies

9.1 Health information custodians must have in place and implement policies, procedures and practices that give effect to the principles of this Act.

9.2 Health information policies, procedures and practices must be adapted to the health care function of the health information custodian and address and provide for

      (a) complying with and giving effect to the principles of this Act;

      (b) protecting the security of health information;

      (c) ensuring the accurate recording and integrity of health information;

      (d) documentation of all purposes for which the health information custodian uses or discloses the health information it collects, including to whom it permits access to what information, in what format and whether consent is required;

      (e) documentation of what health information may be linked to other pieces of information;

      (f) documentation of what health information is made available to third parties;

      (g) restricting access only to authorized users in the appropriate format and for the limited purposes for which they are authorized;

      (h) identifying the person who is accountable for the policies, procedures and practices and to whom complaints or inquiries can be made;

      (i) receiving and responding to complaints and inquiries;

      (j) ensuring that persons who collect, use, disclose or access health information can be held accountable and are under an enforceable duty to keep information secure;

      (k) ensuring that persons who work for or in the health institution know sufficiently and receive sufficient training about this Act and related institutional policies, procedures and practices to ensure accountability;

      (l) specifying the means of gaining access to one's own health information held by the health information custodian;

      (m) making available information that a particular patient specifically requests or reasonably can be presumed to wish to know;

      (n) ensuring that patients have, or by reasonable means are provided with, knowledge about their health information and that consent is sought and obtained as appropriate; and

      (o) specifying minimum and maximum retention periods and rules for the succession, transfer and destruction of health information.

9.3 The health information custodian's policies must be readily available to patients and specify the custodian's practices and procedures.