Infoway’s Privacy Mandate
Canada Health Infoway’s (Infoway) privacy mandate is to incorporate the protection of personal health information in its activities in accordance with applicable Canadian laws and privacy principles.
The provinces and territories are responsible for health care delivery, privacy legislation and electronic health records (EHR) solutions within their own geographical areas. To date, each is at various points in developing and implementing legislation and/or policies for the information systems that will make up the electronic health records network.
Achieving Infoway’s Privacy Mandate
Infoway’s Electronic Health Record Solution (EHRS) Blueprint includes a privacy and security component.
Infoway requires that all Infoway funded projects, involving personal health information, conduct privacy-impact assessments (PIA).
Infoway also works closely with the jurisdictions to integrate privacy into the interoperable EHR (iEHR) and to identify and leverage best practices for re-use across the country. The Privacy Forum established in 2007 and sponsored by Infoway, includes representatives from each federal/provincial/territorial Ministry of Health and privacy oversight body. The Forum offers a mechanism for members to share and leverage their collective knowledge and experience on privacy matters in the development of interoperable iEHR initiatives.
Infoway also sponsors the Health Information Privacy (HIP) Group. Established in 2008, this group, made up of health ministry representatives only, is focused on the consideration of common approaches to information governance issues as they pertain to privacy in electronic health information systems.
Infoway Certification Services reviews EHR solutions to determine whether the product conforms to assessment criteria. Privacy and security are key components of the certification.
Privacy Contact
Privacy at Canada Health Infoway is handled through the Chief Privacy Strategist and the Group Director of Privacy and Security. The Chief Privacy Strategist promotes Infoway’s commitment to addressing privacy issues in the iEHR, communicates our privacy position to external stakeholders, and deals with privacy issues related to corporate matters.
The Group Director of Privacy and Security is responsible for the development and adoption of interoperable privacy and security standards in addition to alignment with the Infoway Privacy and Security Conceptual Architecture as part of Infoway investments. This role is held by the Group Director, Implementation Solutions, Products and Services.
For more information on Infoway’s Privacy Mandate please contact:
Chief Privacy Strategist
Canada Health Infoway
1000 Sherbrook West
Montreal, Quebec
H3A 3G4
privacy@infoway-inforoute.ca
For specific privacy queries or concerns related to the implementation of electronic health records please contact your respective ministry or department of health.
For more information
For more information on privacy and electronic health records please read our FAQs.
Key Privacy Resources
- EHRS
The EHRS Blueprint is a technology framework for sharing health information securely and appropriately across Canada. - EHR Privacy and Security Conceptual Architecture
The architecture defines privacy and security requirements for an interoperable EHR based on existing legal and regulatory requirements, as well as standards and best practices. - Conceptual Privacy Impact Assessment (PIA) on Canada’s EHR Solution
Read our PIA on the conceptual EHRS, part of Infoway’s efforts to ensure that privacy is considered in the development of the EHRS blueprint. - White Paper on Information Governance of the Interoperable Electronic Health Record (iEHR).
This paper is intended to contribute to understanding information governance topics in the interoperable EHR context. - EKOS Surveys - Electronic Health Information and Privacy Survey:
Canadian attitudes towards electronic health information and their privacy.