Latest Blog Posts
For a complete list of all blog posts please click here
Unauthorized Access
This blog is focused on the unauthorized access to electronic health records for purposes such as curiosity, concern, personal gain, spite, or boredom, and the harm that results from such unauthorized access. I note that the majority of trustee employees or individuals in service of a trustee (including physicians) access electronic health records for purposes... read more
Non-Responsive Information in a Responsive Record
FOIP and LA FOIP provides specific exemptions that public bodies must or may apply when preparing records for release in response to an access to information request. There are circumstances in which a public body may consider information within a record to be non- responsive and have to decide whether to sever such information on... read more
Updated: Tips for a Good Submission
So much of what we do here at the OIPC involves reviewing submissions (or representations) from parties. In my time here, I have seen some very persuasive ones. I thought some tips on what, in my view, made a persuasive submission would be helpful. A submission contains a party’s arguments in support of their position. ... read more
Risk Management and Privacy Protection
Most organizations today have addressed the issue of risk management. Many have gone through a process of identifying the risks and the ways of mitigating those risks. They will have a document with the risks and the mitigating factors. Some will report to the CEO, a board council or minister on a regular basis. When... read more