The Health Information Protection Act (HIPA)
The Health Information Protection Act is designed to improve the
privacy of people’s health information while ensuring adequate sharing of
information is possible to provide health services. Development of the Act started
in 1997 and it was proclaimed in force on September 1, 2003. New regulations created
under the authority of this Act called The Health Information Protection Regulations
came into force on July 22, 2005.
The Health Information Protection Act legislates rights of individuals
and obligations of the “trustees” in the health system with respect
to personal health information. A trustee includes persons or organizations prescribed
in the Act or regulations who have custody or control of personal health information
and includes, the Department, physicians, regional health authorities, the Saskatchewan
Cancer Agency, ambulance operators, health profesionals to name but a few. Please
see clause 2(t) of HIPA for a complete list of trustees.
HIPA applies to personal health information in the health system in any form,
including paper and electronic records. It provides protection for privacy of
personal health information, while ensuring that information is available, as
needed, to provide health services to those in need and to monitor, evaluate and
improve the health system in Saskatchewan.
Documents available for download:
The following documents are created in Adobe Acrobat. In order to read them
you must download and install Adobe Acrobat Reader 4.0 or higher. Click on the
following link to download Adobe Acrobat Reader.
- For a checklist designed to assist trustees evaluate the level of preparedness
for compliance with the Act click here: Checklist
for Compliance. Completing this checklist will help identify where policy
or practices may need to be changed to ensure compliance with key parts of the
Act.
- For an overview document describing the requirements for consent under the
Act for the collection, use and disclosure of personal health information click
here: Overview of Consent Requirements
in The Health Information Protection Act.
- For the purposes of section 29 (Use and Disclosure for Research) of HIPA:
- For a guideline that can be used by trustees and information management service
providers (IMSPs) to review existing agreements or to draft new agreements click
here: Guidelines for Agreements
Between Trustees and IMSPs. An information management service provider
is an individual, an organization or company that processes, stores, archives,
destroys or combines personal health information on behalf of a trustee.
Related Documents:
The Health Information Protection Act Trustee
Information Session - pdf
News Release,
May 8, 2003 - Confidentiality of health information better protected
Report on the Public Consultation
on the Protection of Personal Health Information
<< back to top
>>
|