bttn-login bttn-create



Q. What is Infoway doing to ensure the privacy and security of Electronic Health Records?

A: The privacy and security architecture is a key component of the Electronic Health Records (EHR) Blueprint. It ensures that the framework and vision for electronic health records can accommodate and respect privacy requirements across the country. Privacy rules may vary by jurisdiction, but the architecture has been designed so that it can accommodate these differences.

Infoway also recognizes that privacy has non-technical as well as technical aspects that need to be considered in interoperable electronic health information systems in Canada. Infoway supports work on non-technical issues through mechanisms such as the Privacy Forum and the Health Information Privacy group as well as other projects.

In addition, to promote consistency in legislative approaches and solutions, Infoway offers input on any legislative activity that could impact the EHR, such as the creation of new types of custodians or provisions dealing with inter-jurisdictional data flow. We have recently contributed to consultation processes in: New Brunswick, Nova Scotia, Newfoundland and Labrador, Yukon, and Ontario.

↑ back to top

Q: What is Infoway’s privacy mandate and role in respect to the implementation of EHRs in Canada? 

A: Infoway acts as a strategic investor to foster and accelerate the development and adoption of interoperable electronic health information systems in Canada.

Infoway’s privacy mandate is to incorporate the protection of personal health information in its activities in accordance with applicable laws and privacy principles.

Infoway achieves this by:

  • requiring projects that impact personal health information to conduct a Privacy Impact Assessment (PIA);
  • working to identify and leverage best practices for re-use across the country;
  • working to ensure that projects adopt an interoperable approach.

↑ back to top

Q: Does Infoway issue guidelines on privacy or set the privacy policy for the EHR?

A: Provinces and territories are responsible for health care delivery, privacy legislation and EHR solutions within their own jurisdictions. To date, they are all at various points in developing and implementing legislation and/or policies for the information systems that will make up the electronic health records network within their jurisdictions.

Infoway raises awareness of the issues, facilitates jurisdictional collaboration, and provides guidance on architecture development. For example:

  • Infoway released a white paper on Information Governance of the Interoperable EHR environment – it raises for discussion the issues surrounding the rules, requirements (legal, ethical, practical) and mechanisms that are involved in handling personal health information that would be collected and used in a pan-Canadian interoperable EHR in a secure and privacy-protective manner.The paper’s objective is to raise awareness, foster discussion and stimulate action on important information governance topics associated with supporting a pan-Canadian interoperable EHR.
  • Infoway facilitates collaboration among jurisdictions at the national level to help support the goal of interoperability across the country in a privacy-protective manner. Infoway does this through the creation and sponsorship of the Privacy Forum and the Health Information Privacy group as well as other projects.
  • Infoway has worked with technology and privacy experts across the country to develop a statement of privacy requirements based on the guiding principles set out in legislation and in other standards, such as the CSA Model Code for the Protection of Personal Information.
  • A privacy and security architecture based on this statement of privacy requirements has been developed to provide a guide for the development and implementation of secure and privacy enhancing interoperable EHRs. Infoway has developed the EHRS Blueprint, a fully validated, scalable architecture that lays out the business and technical considerations and approaches that will ultimately guide the sustainable development of interoperable EHR systems in Canada.This technical architecture allows jurisdictions to implement the privacy protective features that are consistent with their local legislative requirements.

↑ back to top

Q: Does Infoway create or manage electronic health record (EHR) systems?
A: Infoway neither creates nor manages any personal health information systems. These systems are created and managed by the respective jurisdictions.

↑ back to top

Q: Does Infoway hold or manage repositories of personal health data?

A: Infoway does not hold or manage any repositories of personal health data. However we do hold personal information as required for Human Resource and Financial Management within the Infoway organization. Infoway also collects limited personal information through its website for registrations, subscriptions or other purposes, as governed by our Website Privacy Policy.

↑ back to top

Q: Does Infoway conduct Privacy Impact Assessments (PIAs)?

A: Infoway requires that all Infoway-funded projects involving personal health information complete a PIA. These PIAs are completed and then submitted to Infoway in confidence by the applicable jurisdictional bodies.

↑ back to top

Q: Have Canadians been consulted regarding EHRs and privacy? What views or concerns to they have?

A: Provinces and territories are responsible for and are taking a variety of approaches to developing and implementing the information systems that will make up the electronic health records network within their jurisdictions.

In addition to any public opinion polling or consultations conducted by the provinces and territories, Canada Health Infoway has conducted public opinion surveys and focus groups on the subject of “Electronic Health Information and Privacy”. The findings indicate that Canadians support the use of electronic health records (EHRs) and expect their privacy to be protected in the collection, storage and use of their personal health information.

Almost nine in 10 Canadians (88 per cent) support the development of EHRs -- a five per cent increase since 2003. Read the survey – Electronic Health Information and Privacy: What Canadians think, conducted by EKOS Research Associates.

↑ back to top

Q: Who do I contact if I need more information on privacy as it relates to the pan-Canadian electronic health initiatives?

A: For specific privacy queries related to the implementation of electronic health records please contact your respective ministry or department of health.

For Infoway-related initiatives, please contact:

Chief Privacy Strategist
Canada Health Infoway
1000 Sherbrook West
Montreal, Quebec
H3A 3G4

↑ back to top

Provide Feedback
Commencer le sondage
Take a minute and tell us what you think!
Upon completion of your Canada Health Infoway visit click on this icon at the bottom right corner of the website and help us improve our website.
Will you participate in this research?
No, thank you
More Info ...
The information you provide will be reported in aggregate only and no personal identifiable information will be associated with your feedback.
Your input is greatly appreciated.
Accordez-nous une minute pour nous donner votre avis
À la fin de votre visite, vous poirrez cliquez sur l'icône à droite en bas de la page sure laquelle vous vous trouverez
Voulez-vous nous aider à améliorer le site?
Non, merci
Plus d'information ...
Les informations recuelilles seront regroupées, et aucun renseignement ne pourra être associé directement à vos commentaires.
Votre participation est grandement appréciée.