Surprisingly, ask people what “privacy metrics” mean to them and you’ll often get very different answers.

I was very pleasantly surprised to find Dot Indicia as a “Pick of the Week” of IPOsgoode – the Intellectual Property/Technology Program of Osgoode Hall Law School at York University. For a new blog, it’s nice to be noticed.

This post, written by myself and Michael Martineau, is also posted on eHealth Musings and ITWorld Canada. North Americans appear ready to interact electronically with their healthcare providers and take a more active role in managing their own health care.   A much-talked about tool in this regard is the Personal Health Record (“PHR”).  While there […]

If a government builds an EHR, can it require your data be put into it? Governments in many jurisdictions have embarked on a concerted effort to build and use electronic health records (EHRs) and to encourage health professionals to use electronic medical records (EMRs). Everyone seems to have assumed that creating an EHR would be […]

Dealing with breaches is like treating the symptoms: organizations really need to address the underlying problems. To that end, I would suggest that anyone considering how best to prevent breach management really think in terms of “incident management”. What’s the difference between incidents and breaches? A lot and a thorough understanding the former may help minimize the latter.

Well, it’s not actually a secret but it is something that not too many people have focused on. It’s the fact that the withdrawal of the Personal Information Protection and Electronic Documents Act (“PIPEDA”) from provincial jurisdictions with substantially similar legislation may legally complicate the ability of Canadian organizations in those jurisdictions to receive data […]