Public policy

Mitigating risks when implementing electronic records


Electronic records are becoming integral to healthcare delivery in Canada. While electronic records hold great promise to improve the overall effectiveness of the healthcare system, they may also contribute to liability issues. Legislation and regulation have not, in all cases, kept pace with the technology and many privacy-related issues still need to be resolved.

The introduction of electronic records changes the practice environment for physicians and other healthcare providers, requiring the development and implementation of new policies to address the stewardship and management of data, transmission of data, and privacy and consent. Policies are also needed regarding access to and accuracy of information, information security, secondary uses of the information, and evidentiary requirements.


To address the accountability and liability issues associated with electronic records, the CMPA has proposed specific recommendations and has provided Canadian physicians with guidance when entering into a data sharing agreement for an electronic records system.

The CMPA advances that a strong jurisdictional approach to information governance is necessary to prevent potential privacy issues amongst physicians, other healthcare professionals, and patients. Policies are also needed regarding access to and accuracy of information, information security, secondary uses of information, and evidentiary requirements. While physicians have an ethical and legislative responsibility to ensure that appropriate privacy protocols are in place, interpreting privacy legislation and regulations is complex and can place physicians at risk.


The CMPA supports the use of electronic records. It is also committed to working collaboratively with all stakeholders to support the development and implementation of a data stewardship framework that effectively addresses the healthcare delivery community's concerns with the appropriate management of patient information, as well as liability.

The CMPA encourages regulators, health care authorities, institutions, and physicians to actively work within their respective areas of responsibility to build patients' and healthcare providers' trust in electronic records.

The CMPA encourages the creation of data sharing agreements between key stakeholder groups to address accountability issues and to clarify roles. The key groups involved — government, medical associations, and the Colleges — must come to an understanding on the need to create consistent data sharing agreements and common solutions.

The CMPA has published the following document on ehealth records:


DISCLAIMER: The information contained in this learning material is for general educational purposes only and is not intended to provide specific professional medical or legal advice, nor to constitute a "standard of care" for Canadian healthcare professionals. The use of CMPA learning resources is subject to the foregoing as well as the CMPA's Terms of Use.