Programs and Services | Online Forms | The Reading Room | Common Questions

The Health Information Protection Act (HIPA)

The Health Information Protection Act is designed to improve the privacy of people’s health information while ensuring adequate sharing of information is possible to provide health services. Development of the Act started in 1997 and it was proclaimed in force on September 1, 2003. New regulations created under the authority of this Act called The Health Information Protection Regulations came into force on July 22, 2005.

The Health Information Protection Act legislates rights of individuals and obligations of the “trustees” in the health system with respect to personal health information. A trustee includes persons or organizations prescribed in the Act or regulations who have custody or control of personal health information and includes, the Department, physicians, regional health authorities, the Saskatchewan Cancer Agency, ambulance operators, health profesionals to name but a few. Please see clause 2(t) of HIPA for a complete list of trustees.

HIPA applies to personal health information in the health system in any form, including paper and electronic records. It provides protection for privacy of personal health information, while ensuring that information is available, as needed, to provide health services to those in need and to monitor, evaluate and improve the health system in Saskatchewan.

Documents available for download:

The following documents are created in Adobe Acrobat. In order to read them you must download and install Adobe Acrobat Reader 4.0 or higher. Click on the following link to download Adobe Acrobat Reader.

For a complete copy of the Act click here: The Health Information Protection Act

For a complete copy of the regulations click here: The Health Information Protection Regulations

Quick Reference to HIPA

HIPA: What a Trustee Needs To Focus On

For an overview document describing the provisions of the Act including the amendments click here: An Overview of The Health Information Protection Act

For a checklist designed to assist trustees evaluate the level of preparedness for compliance with the Act click here: Checklist for Compliance. Completing this checklist will help identify where policy or practices may need to be changed to ensure compliance with key parts of the Act.

For an overview document describing the requirements for consent under the Act for the collection, use and disclosure of personal health information click here: Overview of Consent Requirements in The Health Information Protection Act.

For the purposes of section 29 (Use and Disclosure for Research) of HIPA:
- Criteria and Process for the Evaluation and Approval of Research Ethics Committees
- Minister Approved Research Ethics Committees.

For a guideline that can be used by trustees and information management service providers (IMSPs) to review existing agreements or to draft new agreements click here: Guidelines for Agreements Between Trustees and IMSPs. An information management service provider is an individual, an organization or company that processes, stores, archives, destroys or combines personal health information on behalf of a trustee.

Related Documents:

The Health Information Protection Act Trustee Information Session - pdf

News Release, May 8, 2003 - Confidentiality of health information better protected

Report on the Public Consultation on the Protection of Personal Health Information

<< back to top >>