FIPPA and Ontario Hospitals: Freedom of Information Laws Apply to Ontario Hospitals on January 1, 2012
Health Law Bulletin
December 19, 2011
On January 1, 2012, Ontario hospitals will become subject to the Freedom of Information and Protection of Privacy Act ("FIPPA"). FIPPA's freedom of information provisions represent a significant change for hospitals, hospital stakeholders and persons who interact or otherwise do business with hospitals. It is important that all such persons are aware of hospitals' obligations to disclose records under FIPPA.
Background
This extension of FIPPA to hospitals is a result of the Broader Public Sector Accountability Act, 2010, which received Royal Assent on December 10, 2010. In line with the other aspects of that Act, the provincial government anticipates that FIPPA will help to increase the transparency and accountability of the hospital system.
FIPPA came into effect in 1988, and initially applied to the provincial government and approximately 200 public institutions. Since that time, freedom of information and protection of privacy obligations have been extended to numerous other publicly-funded institutions.
By extending FIPPA to hospitals, Ontario is aligning itself with many other Canadian provinces (including British Columbia, Alberta, Saskatchewan, Manitoba and Quebec), where public hospitals (or the regional health authorities that operate them) are already subject to freedom of information laws.
Purpose of FIPPA
FIPPA has two core purposes:
- Freedom of Information: to provide a right of access to records under the custody or control of institutions.
- Protection of Privacy: to protect the privacy of individuals and to provide individuals with a right of access to their personal information that is held by institutions.
Freedom of Information
FIPPA's freedom of information ("FOI") provisions represent a significant change for hospitals and for persons who do business with hospitals. Under FIPPA, any person can ask for access to any record, subject to specific limitations. Those limitations are as follows:
- Custody / Control. The record must be in the custody or control of the hospital (and must have come into the custody or control of the hospital on or after January 1, 2007). This generally means that if the record is held by the hospital, by another person on the hospital's behalf, or the hospital has a specific right to access the record, it will be subject to FIPPA (unless excluded, see below).
- Exclusions. Certain records are excluded from FIPPA, meaning that FIPPA does not apply to them. Generally, excluded records contain or relate to:
- personal health information (subject to the Personal Health Information Protection Act, e.g., patient information);
- quality of care information (subject to, and as defined in, the Quality of Care Information Protection Act);
- the operations of a hospital foundation;
- administrative records of regulated health professional regarding his or her personal practice;
- ecclesiastical records of a church or religious organization affiliated with a hospital;
- charitable donations made to the hospital;
- the provision of abortion services;
- certain labour relations, employment matters;
- certain appointment, privileging matters; or
- certain records respecting or associated with research or teaching.
- Exemptions. Certain records may be subject to mandatory or discretionary exemptions to the right of access. These exemptions include records that contain:
- personal information (other than the personal information of the requester);
- third party confidential information;
- advice or recommendations to the hospital;
- information affecting economic and other interests of the hospital;
- legally privileged information, law enforcement information;
- information that could seriously threaten safety or health; or
- information that is published or is soon to be published.
- Frivolous / Vexatious. Hospitals may refuse to provide access if the FOI request is frivolous or vexatious. These sorts of request are very rare, and the threshold for deeming a request frivolous or vexatious is quite high – generally requiring evidence of bad faith or an abuse of the right of access.
It is also important to note that the identity or the motivation of requestors is largely irrelevant in processing an FOI request. FOI requests could be made by former employees, unsuccessful bidders, private-sector competitors and the news media, without any variation in a hospital's treatment of the request under FIPPA.
The application of FIPPA to Ontario hospitals, including the issues noted above (i.e., custody / control, exclusions and exemptions), involves many complexities and nuances which should be understood both by hospital personnel and by persons who interact with hospitals.
For more information on the application of FIPPA to Ontario hospitals, please refer to any of the following bulletins on FIPPA, or contact the authors.
FIPPA Series Bulletins:
FIPPA and Ontario Hospitals: Issues for Shared Service Entities
FIPPA and Ontario Hospitals: Maximizing the Records Inventory
FIPPA and Ontario Hospitals: Delegation of Authority
FIPPA and Ontario Hospitals: Setting-up a FIPPA Compliance Office
FIPPA and Ontario Hospitals: Implementing Change
View additional information about how to access the FIPPA Helpline
