The Canadian Privacy Law Blog: Developments in privacy law and writings of a Canadian privacy lawyer, containing information related to the Personal Information Protection and Electronic Documents Act (aka PIPEDA) and other Canadian and international laws.
The author of this blog, David T.S. Fraser, is a Canadian privacy lawyer who practices with the firm of McInnes Cooper. He is the author of the Physicians' Privacy Manual. He has a national and international practice advising corporations and individuals on matters related to Canadian privacy laws.
For full contact information and a brief bio, please see David's profile.
The views expressed herein are solely the author's and should not be attributed to his employer or clients. Any postings on legal issues are provided as a public service, and do not constitute solicitation or provision of legal advice. The author makes no claims, promises or guarantees about the accuracy, completeness, or adequacy of the information contained herein or linked to. Nothing herein should be used as a substitute for the advice of competent counsel.
This web site is presented for informational purposes only. These materials do not constitute legal advice and do not create a solicitor-client relationship between you and David T.S. Fraser. If you are seeking specific advice related to Canadian privacy law or PIPEDA, contact the author, David T.S. Fraser.
Friday, April 29, 2005
Apparently private companies are soon going to enter the market offering to host people's health records. This can be an obvious benefit for those who want to keep all this info in one place. Of course there are privacy risks that have to be addressed; It'll be self-regulation or buyer beware because HIPAA will not apply to the services:
World Peace Herald:
" Companies are expected soon to begin offering the public personal health record or PHR services, allowing individuals to maintain copies of their health records online, regardless of which doctor they may be using.
Such services could make it easier to obtain records in an emergency, and they could make life simpler for busy families that move frequently or face complicated medical situations, such as several young children on different vaccination schedules, or an elderly parent on multiple medications.
Data from such records also could be very valuable to pharmaceutical companies seeking to market new products, to researchers studying health trends or to public health officials monitoring the population for spikes in illness.
Officials are concerned, however, that data submitted to private PHR services could be packaged and sold commercially without appropriate privacy precautions or the informed permission of those submitting the data. Third-party services are not necessarily covered by the Health Insurance Portability and Accountability Act of 1996, which, among other provisions, limits the sharing of health data without the patient's express permission.
'Because of the HIPPA [sic] loophole, third parties, whether they are profit or non-profit, are not covered by HIPPA[sic],' said Paul Tang, chief medical information officer at the Palo Alto Medical Foundation in California. 'In other words, consumers and patients do not have (legal recourse and) I think that is a real concern.'..."
The Canadian Privacy Law Blog is licensed under a Creative Commons Attribution-Noncommercial-No Derivative Works 2.5 Canada License.