The Health Information Management Department at St. Francis Memorial Hospital is responsible for the collection, storage and retention of patient health records. It respects and maintains the confidentiality of all patients’ personal health information.
St. Francis Memorial Hospital (SFMH) recognizes that privacy, confidentiality, and security of personal health information (PHI) are fundamental patient rights that must be protected. This includes the right of each individual patient to determine when, how, and to what extent their personal health information is disclosed. Additionally, each patient shall be assured that PHI is secure from unauthorized use or disclosure. Protection of personal health information includes all PHI related to patients, employees, medical staff, students, volunteers, and contractual workers. Staff members are accountable for maintaining the privacy and confidentiality of PHI, as outlined in our policies and procedures both during and after their employment or professional contact with SFMH. Collection, use, access, and disclosure of personal information by staff members is solely on a need-to-know basis to perform job duties.
On November 1, 2004, the Personal Health Information Protection Act (PHIPA) became law. PHIPA is Ontario’s health-specific privacy legislation. It governs the way personal health information may be collected, used and disclosed within the health care system. It also confirms a patient’s right to access one’s own personal health information.
Learn more here: Personal Health Information Protection Act, 2004, S.O. 2004, c. 3, Sched. A (ontario.ca)
The Freedom of Information and Protection of Privacy Act applies to Ontario’s provincial ministries and most provincial agencies, boards and commissions, as well as community colleges, universities, Local Health Integration Networks (LHINs) and hospitals (as of January 1, 2012). The Act requires that the government protect the privacy of an individual’s personal information existing in government records. It also gives individuals the right to request access to government- held information, including general records and records containing their own personal information.
Learn more here: https://www.ontario.ca/laws/statute/90f31
At St. Francis Memorial Hospital, we are committed to protecting the privacy of our patients and the confidentiality and security of all personal health information that we are entrusted with by our patients. Your personal health information will only be used in compliance with The St. Francis Hospital’s Privacy Policy.
The St. Francis Memorial Hospital and its health-care partners now use EPIC’s health information system. We collect and share your personal health information with other partners so that you get the best care possible, no matter where you get your care within our partner network. We will do so safely, using privacy and security controls to help keep your personal health information safe, meet health-care best practices and keep your care as a top priority. Visit our website to learn more about our health-care partnership and the digital health network.
Personal health information includes any identifiable information about your health or health care history. It can include things like your medical history, details of visits to your doctor, test results or your health number.
We use a variety of technical and administrative privacy safeguards such as confidentiality agreements to protect your personal health information. We also track all access to your personal health information.
All staff are trained to protect patient privacy. Staff are only allowed to access only the information they need to give or support your care. This is required by law and by hospital policies.
Your personal health information resides in Ontario.
Under Ontario’s Personal Health Information Protection Act, hospitals are allowed to use and disclose personal health information for purposes such as providing health care and planning the services patients receive.
Through Epic, we can digitally share health information with the other partner hospitals in real time. When you visit one of the hospital partners, your care provider will have up-to-date information about your health. You only have to tell your health story once, and your care provider has all of the information they need to help you make the best decisions for your care.
Yes. You can limit access to your personal health information for healthcare purposes by asking for a consent directive, also known as a lockbox. There are several kinds of consent directives. You can lockbox your entire record, a specific visit, or a staff member at one of the hospital partners from seeing your record. If you want to add a consent directive, contact the Health Records Department where you normally receive care for more information.
Please note, there are some risks for you to consider when adding a Consent Directive to your record. These risks include:
You may reduce these risks by considering a request for the Consent Directive to apply only to specific individuals or records rather than to your entire chart.
Through MyChart, Epic’s patient portal, you can view your personal health information online, at any time, anywhere. In MyChart you can view test results when they are ready, see future appointments and review other health information. To learn more about MyChart, visit The St. Francis Memorial Hospital website and using the MyChart link on the homepage, or you can contact the Health Records Department. You may also get a copy of your chart by contacting the Health Records Department or by completing this form and submitting it to our facility. To correct something in your health record, talk to your health-care provider at your next visit or contact the Health Records Department for more information.
If you have any questions about the privacy of your personal health information, please contact the Information and Privacy Office: 613-739-6668 or kpietrangelo@sfmhosp.com