Ontario Poised to Toughen Medical Privacy Laws
The minister of health in Ontario, Canada wants to double fines for breaches of patient medical information and remove a major barrier to investigating breaches.
The minister of health in Ontario, Canada wants to double fines for breaches of patient medical information and remove a major barrier to investigating breaches.
Eric Hoskins is proposing new legislation to be introduced in the fall that would double maximum fines levied against individuals to $100,000, and against businesses to $500,000, multiple Canadian news outlets report.
The legislation if enacted as proposed would scrap a requirement that prosecutions resulting from a breach start no later than six months following the breach. The Canadian Press news service reports that because the requirementintroduced in 2004is so tough to meet, only three cases have been referred for prosecution with one case unsuccessful and two others still being considered.
Also See: Insurer Says Provider Misrepresented Security Controls
Hoskins also proposes that reporting of breaches to the Ontario Information and Privacy Commissioner and to entities governing health professionals be made mandatory. Moves to strengthen protections of medical information in the province follow a series of high profile breaches in recent months. These include multiple breaches while Rob Ford, former Toronto mayor and now a council member was hospitalized for cancer treatments, and a massive privacy breach at Scarboroughs Rouge Valley Health System that saw the identities of new moms allegedly sold to a firm offering education investment vehicles, according to the Toronto Sun.
A press secretary for Hoskins did not respond to a request for additional information on the proposed legislation.
Eric Hoskins is proposing new legislation to be introduced in the fall that would double maximum fines levied against individuals to $100,000, and against businesses to $500,000, multiple Canadian news outlets report.
The legislation if enacted as proposed would scrap a requirement that prosecutions resulting from a breach start no later than six months following the breach. The Canadian Press news service reports that because the requirementintroduced in 2004is so tough to meet, only three cases have been referred for prosecution with one case unsuccessful and two others still being considered.
Also See: Insurer Says Provider Misrepresented Security Controls
Hoskins also proposes that reporting of breaches to the Ontario Information and Privacy Commissioner and to entities governing health professionals be made mandatory. Moves to strengthen protections of medical information in the province follow a series of high profile breaches in recent months. These include multiple breaches while Rob Ford, former Toronto mayor and now a council member was hospitalized for cancer treatments, and a massive privacy breach at Scarboroughs Rouge Valley Health System that saw the identities of new moms allegedly sold to a firm offering education investment vehicles, according to the Toronto Sun.
A press secretary for Hoskins did not respond to a request for additional information on the proposed legislation.
More for you
Loading data for hdm_tax_topic #reducing-cost...