Office privacy compliance — part one
Of interest to all physicians
A CMPA member, one of the physician owners of a large walk-in clinic, called in his capacity as the managing partner. His query had to do with the obligations of the clinic in light of existing privacy legislation. From the ensuing conversation, several issues became clear which are likely representative of clinics and physician offices across the country.
We confirmed to the member that in some jurisdictions, compliance failure—validated through the associated complaint process—could result in harsh penalties. At the time this article was originally written (2005), Québec, Ontario, Manitoba, Saskatchewan, Alberta and British Columbia all had in place privacy legislation that has an impact on the collection, use and disclosure of personal information, including health information. Federal privacy legislation also exists and applies in
If members are uncertain as to which legislation applies in their jurisdiction, they may wish to contact the CMPA or the appropriate medical organization in their province or territory. Privacy tool kits specific to physicians' offices have been developed, and are available through the Canadian Medical Association or certain provincial medical organizations, licensing authorities or privacy commissioner offices.
We further explained to the member that, while it is not the CMPA’s role to assist a member to become privacy compliant, CMPA will generally assist with a medico-legal problem arising from a privacy complaint or investigation.
The CMPA will continue to publish articles on privacy in future Information Letters including topics based on questions received from the members.