Health information is one of the most sensitive types of personal information. Healthcare professionals must do everything possible to ensure a person's health information is kept safe and secure and is not accessible to other parties. Privacy is essential because it affects a person's autonomy or ability to make personal decisions. If people are not confident that their health information is kept private, they may be less likely to disclose it. Privacy also conveys respect and dignity as human beings.
Confidentiality ensures that healthcare professionals do not share personal health information with other parties unless provided with explicit verbal or written consent. For example, if a health professional shares or gains access to a relative's health data without their permission, this could be a breach of confidentiality.
Let's now take a brief look at some of the laws and regulations about privacy and confidentiality in healthcare.
The Privacy Act of 1983 is a federal law governing the handling practices of personal information. It applies to all personal information the federal government of Canada collects, uses and discloses. It also ensures individuals have the right to access their personal information.
The Personal Information Protection and Electronic Documents Act (PIPEDA) sets the rules for how private-sector organizations collect, use and disclose personal information. Generally, each province will have laws governing private organizations, but if personal information crosses provincial borders, businesses are subject to abiding to PIPEDA.
Each province or territory has public sector legislation governing personal health information. For example, the Personal Health Information Protection Act helps protect personal health information across Ontario's province.
Reference: Canada, Office of the Privacy Commissioner of. Summary of Privacy Laws in Canada. 15 May 2014, https://www.priv.gc.ca/en/privacy-topics/privacy-laws-in-canada/02_05_d_15/.