The minister of health in Ontario, Canada wants to double fines for breaches of patient medical information and remove a major barrier to investigating breaches.

Eric Hoskins is proposing new legislation to be introduced in the fall that would double maximum fines levied against individuals to $100,000, and against businesses to $500,000, multiple Canadian news outlets report.

The legislation if enacted as proposed would scrap a requirement that prosecutions resulting from a breach start no later than six months following the breach. The Canadian Press news service reports that because the requirement—introduced in 2004—is so tough to meet, only three cases have been referred for prosecution with one case unsuccessful and two others still being considered.

Also See: Insurer Says Provider Misrepresented Security Controls

Hoskins also proposes that reporting of breaches to the Ontario Information and Privacy Commissioner and to entities governing health professionals be made mandatory. Moves to strengthen protections of medical information in the province follow a series of high profile breaches in recent months. These include multiple breaches while Rob Ford, former Toronto mayor and now a council member was hospitalized for cancer treatments, and “a massive privacy breach at Scarborough’s Rouge Valley Health System that saw the identities of new moms allegedly sold to a firm offering education investment vehicles,” according to the Toronto Sun.

A press secretary for Hoskins did not respond to a request for additional information on the proposed legislation.

Register or login for access to this item and much more

All Health Data Management content is archived after seven days.

Community members receive:
  • All recent and archived articles
  • Conference offers and updates
  • A full menu of enewsletter options
  • Web seminars, white papers, ebooks

Don't have an account? Register for Free Unlimited Access