There is a new and interesting decision out of Peterborough that raises but doesn’t answer a lot of questions. These questions revolve around the intersection of PHIPA, class action law and tort law. This is not something you see everyday although we may have to wait awhile before the dust (and the law) settles. 

Canada’s Yukon Territory joins other domestic jurisdictions in moving to implement personal health information legislation. The Health Information Privacy and Management Act, introduced in November, is now in second reading. Leaving aside the trend to including EHR governance in personal health information statutes, there are some intriguing aspects to the bill not found in other statutes […]

I had previously written on the subject of electronic health records here, as well as about their governance here. The latter post was about the state of EHR governance in Ontario, especially when one considers legislative developments in Alberta and BC. It seems that the current Liberal government has decided to address the issue with the […]

How can employers use locational information without running afoul of data protection laws? No doubt the question will appear more prominently in queries to lawyers as we evolve into a more technologically mobile society but the first place it comes up is in the context of motor vehicle telematics. “Telematics” refers to the merger of […]

A “tipping point” is the culmination of small events that cause a significant change. Malcolm Gladwell tells us it comes from the world of epidemiology: that point in time in an epidemic where a virus reaches critical mass. Have we now seen the tipping point where business takes cybersecurity far more seriously than ever before?

I was asked the other day if I thought identity issues were any different from when I dealt with them at TBS some 10 years ago. I paused, thought about it, hummed a bit, thinking of the intervening work done — Oasis (SAML), Liberty Alliance, WS-* — and finally said I didn’t think so. The […]

When you consider the vast pool of personal health information that exists in electronic health record databases as well as the growing number of registries (both public and private) a large number of unanswered questions exist as to just what people, as patients and stakeholders, should accept as the “rules” surrounding such data.

The subject of medical research and personal information protection can quickly become a quagmire. Even raising the subject risks one being tagged as a Grinch-like character who surely must drown kittens and tell those young cancer-stricken children appearing in telethons that there’s no Santa Claus. The win-win scenario is de-identified information with good security around […]

Privacy has become less valued by society than in previous eras. Whether it’s security, convenience or the seemingly inevitable march of technology, we talk of “managing” privacy; of the balancing of business needs with individual interests; of data being the new currency; of generational change in attitudes; all ultimately leading one down the road of […]

While in San Francisco for the ABA annual meeting earlier this month, I had lunch with John Tomaszewski, the General Counsel of TRUSTe. At the end of a very good conversation on privacy, security and identity, I couldn’t help but think that Cloud computing, as it actually is supposed to work, raises a lot of […]