Skip to main content

Protecting Your Privacy and Personal Information

Information and Privacy Practices

Our Information and Privacy Practices describe how we use the personal health information we collect from you, how we protect your information, and the purposes and conditions under which we may share it. We value the trust you have placed in us and are committed to ensuring your information remains confidential and secure.

These practices are consistent with our obligations to collect, use, protect and disclose your information under the Personal Health Information Protection Act, 2004 (PHIPA).

1. Accountability and Openness
Our hospital is accountable for protecting the privacy of personal health information in our custody or under our control in accordance with the Personal Health Information Protection Act (PHIPA). Physicians, employees, contractors, consultants, volunteers and students all have accountability over the course of their day-to-day work, for complying with our privacy obligations. The Vice President and Chief Information Officer is ultimately accountable for compliance with privacy policies at the hospital. There are serious consequences for not complying with privacy policies.

At Trillium Health Partners, we are open about how we protect the privacy of your personal health information. We have assigned a contact person to address your privacy-related inquiries or complaints. The Information and Privacy Office may be reached at (905) 848-7580, ext. 7548.

2. Collection
In the course of providing healthcare, we collect personal health information from you or someone who has been designated as your substitute decision-maker. We may also collect the information from other sources. Examples include but are not limited to health care professionals who are or who have been involved in your treatment and from the Electronic Health Record. The data collected is used for permissible purposes. THP collects information from authorized sources even where patient consent may be withheld, due to technical limitations, at this time.

3. Use
Trillium Health Partners uses your personal health information for the delivery of health care, administration of the health care system, quality improvement, research, teaching, statistics, fundraising, and to meet legal and regulatory requirements.

Examples of potential uses include:

  • Evaluation and monitoring of our programs
  • Educating our agents to provide health care
  • Contacting you to gather information on your satisfaction with or concerns about your visit
  • Research by internal and external researchers which has been approved by the hospital's Research Ethics Board on the basis that it meets high scientific, ethical, privacy and security standards

4. Disclosure
Your personal health information will be shared with other health care professionals involved in your treatment, including electronically through our hospital information system (Epic), which allows your patient health record to be securely accessed by partner hospitals should you attend at one of these hospitals for care.

In cases where you are unable to provide consent, we may discuss some parts of your personal health information with your substitute decision maker to obtain their consent for ongoing treatment.

Disclosure of personal health information is permitted, or required, to the following:

  • You, your legal guardian or substitute decision maker
  • Your primary care provider may receive admission and discharge notifications to facilitate the delivery of your health care
  • Registries or entities prescribed in legislation, including Better Outcomes Registry Network (BORN) Ontario, Cancer Care Ontario, the Cardiac Care Network, Canadian Stroke Network, Pediatric Oncology Group of Ontario, the Institute for Clinical Evaluation Services, the Canadian Institute for Health Information, and health regulatory agencies
  • Health Information Networks such as the Rapid Electronic Access to Clinical Health Information (REACH), Diagnostic Imaging Repository GTA West (GTA West DI-r),  the electronic Child Health Network (eCHN) and Connecting GTA (cGTA), which is an initiative of eHealth Ontario, consisting of a central clinical data repository that stores patient health information collected from multiple health care sources. If you do not want your information shared through cGTA or other Health Information Networks, please tell us. For more information about cGTA, please visit the eHealth website at http://www.ehealthontario.on.ca/en/regional-partners/view/cgta
  • Ministry of Health and Long-Term Care e-health projects such as the Ontario Laboratories Information System (OLIS) and the Diabetes Testing Report
  • Researchers if the research proposal has been approved by our Research Ethics Board
  • The Medical Officer of Health to report communicable diseases
  • The Workplace Safety & Insurance Board
  • Law enforcement officers who present a warrant or subpoena
  • The Children's Aid Society where child abuse is suspected
  • The Public Guardian and Trustee
  • The Coroner

We will disclose your general status and location as a patient to individuals enquiring about you, unless you tell us not to.

We will disclose your information for the purposes of processing insurance claims.
If you indicate that you would like spiritual care while in the hospital, we will share your name, religious affiliation and location with our spiritual advisors.

5. Consent
When you provide us with your personal health information we believe you understand that the information will be used and shared with others involved in your care.

If you do not wish your personal health information to be used or shared, you have the right to refuse to provide all or part of the information to us at the time we request the information or anytime afterwards. We may not be able to fulfill your wishes if they impact our ability to deliver quality health care to you, or if we are legislated to use or disclose the information you are objecting to. In these cases we will discuss the impact of your objection with you.

If we find it necessary to disclose your information for purposes other than providing health care, we will notify you of the purpose for the disclosure and ask you for consent to disclose the information. The way we collect your consent may vary depending on the purpose for the consent.

6. Notice
We have posted notices at key areas in our hospital. The notices explain why we collect, use and disclose your personal health information and tell you where to get more detailed information.

7. Accuracy
We strive to keep your personal health information as accurate, complete and up to date as possible, taking into account its uses and your interests.

8. Safeguards
We maintain a high level of security with respect to the confidentiality of your personal health information. Our staff, physicians and volunteers are required to abide by our privacy policy and sign an agreement to that effect. We use up-to-date technology standards to secure your information, and we monitor internal compliance with our information practices. In some cases, we may share your personal health information with third party data processors, vendors, suppliers or providers responsible for administering our programs. These organizations must sign a contract with us to follow privacy and health information practices that are the same or similar to our own.

9. Individual Access and Correction
We establish and maintain a record of your personal health information. You have the right to access your health record by submitting a written request to our Health Information Management Department. We must provide you with access to your file within 30 days of your request. If your request requires us to conduct a lengthy search, we may request an extension for another 30 days.

You may request corrections to the information in your file by providing us with additional information that supports your request. If your file contains information that was not provided by our hospital, we may not have the knowledge to correct that particular information and you may need to go back to the source request the correction.

10. Inquiries and Challenging Compliance
You may direct any inquiries about our information practices, or complaints with respect to our compliance with our information practices, to our Information and Privacy Office at (905) 848-7580, ext. 7548. 

You may also make a formal complaint to the Information and Privacy Commissioner/Ontario, located at:
Information and Privacy Commissioner/Ontario
2 Bloor Street East, Suite 1400
Toronto, ON M4W 1A8
(416) 326-3333