Legislative Assembly of Ontario

The committee met at 0900 in room 151.

Health Information Protection Act, 2016 Loi de 2016 sur la protection des renseignements sur la santé

Consideration of the following bill:

Bill 119, An Act to amend the Personal Health Information Protection Act, 2004, to make certain related amendments and to repeal and replace the Quality of Care Information Protection Act, 2004 / Projet de loi 119, Loi visant à modifier la Loi de 2004 sur la protection des renseignements personnels sur la santé, à apporter certaines modifications connexes et à abroger et à remplacer la Loi de 2004 sur la protection des renseignements sur la qualité des soins.

The Chair (Mr. Shafiq Qaadri): Chers collègues, j’appelle à l’ordre cette séance du comité permanent.

Welcome, colleagues and presenters. We are here, as you know, to consider Bill 119, An Act to amend the Personal Health Information Protection Act, 2004, to make certain related amendments and to repeal and replace the Quality of Care Information Protection Act, 2004.

We have a number of presenters. Just to share the protocol, you have 10 minutes for an opening address, to be followed by three minutes in rotation for questions with each party. As is the tradition of this committee, the times will be enforced with military precision.

Ontario Nurses’ Association

The Chair (Mr. Shafiq Qaadri): It’s now my pleasure to welcome representatives of the Ontario Nurses’ Association: Ms. Kate Hughes, Mr. Walter and colleague. Please do introduce yourselves. Your official 10 minutes begin now.

Ms. Kate Hughes: Thank you very much. Good morning. My name is Kate Hughes, and I’m here with Danielle Bisnar. We’re from the law firm of Cavalluzzo, and we’re here on behalf of the Ontario Nurses’ Association. I’m here with Lawrence Walter from the Ontario Nurses’ Association. I’d like to thank this committee for allowing ONA to come before you and make submissions.

Ontario Nurses’ Association, ONA, represents 60,000 front-line registered nurses, nurse practitioners, registered practical nurses, and allied professionals. As such, Bill 119 will impact all of ONA’s 60,000 members, as they’re health care professionals providing front-line care in hospitals, long-term-care facilities, public health, homes, community clinics and industry.

As a general overview, you should know that ONA supports updating both of the acts that are covered by Bill 119 and supports the principles behind the quality-of-care legislation, which I’m going to refer to as QCIPA, and the Personal Health Information Protection Act, PHIPA. We do, however, have discrete concerns that we would like to flag, and we’ve also provided you with concrete suggestions for amendments to address these concerns.

We have given you a handout. You’ll see in our handout that it has an overview, but it also has two appendices, which are ONA’s submissions with respect to various parts of the act where we would like to flag concerns. We’ve set out those concerns, and our recommendations with respect to amendments. We have tried to be concrete with the amendments, to assist this committee, and we would ask the committee to consider our recommendations.

We would like to start out with dealing with QCIPA, that portion of Bill 119, and that’s schedule 2 of the bill. As you know, Bill 119 proposes to repeal QCIPA, 2004, in its entirety and replace it.

As I’m sure you all know, QCIPA came into place in November 2004. It was designed specifically to encourage health care professionals to share information and have open discussions about improving quality of health care that was delivered—to improve patient care by having these open discussions.

We’re pleased to see that in QCIPA, 2015, in the proposal, there’s a new section 1 which sets out the purpose. We think that it’s important to have that purpose, but I think you have to keep that in mind when you consider all of ONA’s recommendations.

The purpose of QCIPA, as stated, “is to enable confidential discussions in which information relating to errors, systemic problems and opportunities for quality improvement in health care ... can be shared within authorized ... facilities, in order to improve ... health care.”

It was recognized when QCIPA came in in 2004, in the discussions, and recognized in the review committee’s report, that the purpose of QCIPA is to create this protected zone, a protected zone of discussion to facilitate learning and systemic change, and to deal with critical incidents. The purpose is to provide this protective zone so that professionals can speak with candour, as the committee has pointed out in their review, so that whatever they say will not be used against them. That is set out on page 11 of the report.

On page 11 of the report, the committee noted that many of the causes behind these critical incidents are complex. You have to have an environment, as they said, where staff can explore what happened and why. QCIPA is intended to help health care professionals identify system and process failures and provide protection, as they say, to share speculation and opinion as part of the investigation of a critical incident. Without it, there’s real concern that some staff will not be as forthcoming.

When you look at all of our amendments, please see it in terms of the purpose, which is the stated purpose of the actual matter. If you could look at our amendments, if you don’t mind, look at page 10 of the amendments, where we have set out a request that you consider looking at an amendment to clarify what the reviews of critical incidents are. We recommend an amendment to clarify that the review of a critical incident should be conducted under the QCIPA framework.

Our second amendment, on that page below, is to deal with the issue of facts. We’ve put in a very discrete amendment which would put a definition of “facts” in it. Under QCIPA, there is a series of exceptions to the definition of quality-of-care information. The exceptions set out what wouldn’t be protected in that quality-of-care review. This section, as you can see on page 11, creates a definition. What’s excluded is information relating to a patient in respect of a critical incident that describes the facts of what occurred with respect to the incident. This is another matter that the committee flagged.

The concern is that facts are often not clear. In a critical review, for instance, if a nurse or any other health care professional raised speculation and opinion, this does amount to facts. We have concerns that this may have occurred. So we ask that that sort of information must remain in the protected zone. This could be dealt with by adding a definition of “facts,” and we have put that definition in there. We would hope that you would consider that.

I know I have little time, but if you could look at page 12—I’m not going through all of our recommendations—on page 12, we have a recommendation with respect to removing provisions that deal with quality-of-care information: what the quality of care has identified, if anything, as the cause. We recommend removing this provision as it’s inconsistent with regulation 965 of the Public Hospitals Act. The concern is the chilling effect. If you release the information of what people speculate or give opinions on as to cause, this is going to undermine the purpose, which is to have frank discussion and analysis of critical incidents.

Because I’m running out of time I’d like to now touch briefly on PHIPA. Again, our analysis is set out in a chart for the PHIPA. We have three concrete recommendations. I’m just going to speak to one.

One is the reporting provisions with respect to PHIPA. That can be found if you look at page 4. Under the Regulated Health Professions Act there’s a mandatory report when a nurse or any other health professional is terminated or resigns to avoid termination. There’s an expansion in PHIPA to any kind of discipline.

There are two points that are concerning on that matter. First of all, it’s unclear what “discipline” is. That is inconsistent with the Regulated Health Professions Act. It’s important to have consistency, and it expands it. So we’re concerned about the confusion of having two pieces of legislation with two different mandatory reports.

Secondly, the concern is with respect to what is discipline. This could have an effect with respect to either under- or over-reporting to the college. For instance, if a hospital has a minor PHIPA matter and they want to caution a health care professional and they give an oral caution, if that triggers a mandatory report to the college, the hospital may consider either not doing that caution because of the consequences of the mandatory report, which are extremely serious consequences, or there may end up being over-reporting, where the college has too many different reports to the college. So we would ask that you consider our recommendation, and we have set that out on page 4.

0910

Two other matters that we have set out—and you can see our rationale dealing with the limitation period. The limitation period currently is six months. We agree that that’s too short. We would submit that a two-year limitation period would be more appropriate as it’s consistent with civil litigation claims, generally, and it’s important to have consistency in the legislation.

We’ve attached to your report two pieces of legislation—the Regulated Health Professions Act excerpt and the regulation under the hospitals act—for your consideration, to ensure full consistency.

Le Président (M. Shafiq Qaadri): Merci, madame Hughes, pour vos remarques introductoires.

I now offer the floor to the PC Party. Mr. Hillier, you have three minutes.

Mr. Randy Hillier: I’m going to give you my three minutes so that you can continue on if you want some additional time.

Ms. Kate Hughes: Thank you. The other recommendation with respect to PHIPA is the doubling of the fine. We have concerns only with respect to individuals, not institutions. We think that the PHIPA matter is largely a systemic issue. The doubling of the fines for individuals is a considerable hardship and we say is not necessary as $50,000 is a considerable disincentive.

The Chair (Mr. Shafiq Qaadri): You’ve completed? Maintenant, je passe la parole à M^me Gélinas du NPD.

M^me France Gélinas: There have been some who say we haven’t reached the right balance between the right of patients who encounter adverse events in the hospital and who want to be able to gain closure and turn the page, and the need for health professionals to be able to talk freely, look at what went wrong, learn from this and move forward.

Do you feel that the amendments that you’re putting forward will still allow family members to gain closure as to what happened to their loved one?

Ms. Kate Hughes: Yes, very much so. We recognize those competing interests, but in many ways, the competing interests are dealt with by a recognition that if you have a protected zone that deals with the areas where someone can speak with candour—their opinion and speculation—as opposed to what truly are facts. That’s why we have focused with very concrete suggestions on defining facts so that it’s clear that what is then disclosed are truly facts as opposed to areas of, “Let’s raise how we could improve this.”

Health care professionals are saying, “What went wrong? What could we do differently?” That’s not necessarily a fact, and that’s the area that needs to be protected. If it’s not protected, then we’re really not going to have good quality-of-care meetings where people are coming forward with frank and full discussions. I think it meets that tension and that balance, and that’s why we have focused on a number of areas to try to make sure that we ensure that balance so we don’t undermine the whole purpose of the act. We end up throwing out the baby with the bathwater where you would make it a process where people are actually not using these meetings for full and frank discussion.

M^me France Gélinas: I was trying to read quickly while you were speaking. Are you proposing a new definition of what constitutes a fact?

Ms. Kate Hughes: Actually, if you look at the matter, an exception to the protected zone is facts. We have no problem with that, but as the committee noted in their report, there are different views on what are facts. As a lawyer, we know that every day, people have different views of facts. What we’re asking for is a definition of facts so that it’s clear what is to be released and what is not.

M^me France Gélinas: Have you proposed one?

Ms. Kate Hughes: Yes, we have proposed a definition with respect to facts. You can find that definition on page 10, at the bottom right-hand corner, where we add a definition of facts, and we’ve put in a specific suggested wording—

The Chair (Mr. Shafiq Qaadri): Thank you, Madame Gélinas. The floor now passes to the government side: Ms. Indira Naidoo-Harris.

Ms. Indira Naidoo-Harris: Thank you so much, Ms. Hughes, for coming in today. I wanted to thank the Ontario Nurses’ Association for being here. I know that you all represent a very important part of the delivery of health care to our province and to residents in this province. The work that the tens of thousands of nurses and health care professionals do on a daily basis is very much appreciated by the province and by those of us who use the health care system. I just want to make sure that I start out by thanking you for all of this.

I also want to thank you for the submission that you’ve made today. It is very clearly well thought-out and well researched. There’s a lot of information in there that I think will be very useful as this committee looks forward to what our next steps are and as we consider Bill 119.

One of the things that struck me in your presentation was what was clearly a deep commitment by the ONA, concerning the proper delivery of health care and the quality of health care that we’re delivering. It was clear to me that your priorities are delivering good health care under what can of course be very difficult circumstances, when it comes to emergency situations and so on, and taking into account the patient.

My question to you is: From your perspective, how important is Bill 119 to the work of nurses and delivering that quality care?

Ms. Kate Hughes: It’s extremely important, both components of it. For the QCIPA portion, nurses are very interested in making sure that when there are critical incidents, they’re properly reviewed in a full and frank way, so that all members of the team can speak with candour, and that, going forward, the system is changed, because it largely deals with systemic problems. That’s what is dealt with in critical care incidents, as opposed to discrete issues of a health care professional being, for instance, incompetent. It’s very important that this process be properly balanced, with respect to the information that’s given to the patients and the information that is kept confidential, in order to make systemic changes. So that’s very important.

With respect to PHIPA: Nurses have learned a lot about protecting patients’ information, and they want to make sure that there is a system that is in place that does protect patients’ information but that recognizes the realities of nursing: that nurses touch upon personal health information frequently in many different ways. For instance, if there is an inadvertent breach—and the breach could be in a number of ways that are without ill intent, like releasing information to a family member—that the penalties are not too draconian. It has to achieve that balance.

The Chair (Mr. Shafiq Qaadri): Thank you, Ms. Naidoo-Harris, and thanks to you, Ms. Hughes and your colleagues on behalf of the Ontario Nurses’ Association, for your presence and deputation.

Ontario Hospital Association

The Chair (Mr. Shafiq Qaadri): I now invite our next presenters to please come forward: representatives of the OHA—the Ontario Hospital Association. Ms. Reynolds and Ms. Taylor, please come forward.

Welcome. Please be seated. As you’ve seen, you have 10 minutes for your opening remarks. Please begin now.

Ms. Kristin Taylor: Good afternoon. My name is Kristin Taylor, and I am the vice president of legal services and general counsel at the Centre for Addiction and Mental Health. With me today is Rita Reynolds, the chief privacy and freedom of information officer and vice-chair of the research ethics board at North York General Hospital. We’re here today on behalf of the Ontario Hospital Association, the body that represents Ontario’s 147 publicly funded hospitals.

The OHA and its member hospitals support the ongoing commitment to patients’ rights and are dedicated to ensuring appropriate safeguards are in place. We appreciate the opportunity to provide comments to the standing committee regarding Bill 119, the Health Information Protection Act, 2015.

Our comments today will be divided into two parts. Part 1 addresses the proposed changes to the Personal Health Information Protection Act, PHIPA, including additional measures designed to enhance the protection of personal health information and the proposed framework governing a future provincial electronic health record; part 2 will address the revised Quality of Care Information Protection Act, QCIPA, which implements recommendations of the QCIPA review.

0920

Ms. Rita Reynolds: It’s a privilege to be here.

It is the OHA’s belief that the adoption of enabling information technologies and integrated electronic health records is foundational to the future of our health care system and its ongoing efforts to improve the delivery and quality of care. Protecting the privacy, confidentiality and security of patient information is fundamental to the process of facilitating patient care through improved information technology and integrated digital records.

Part of creating the necessary privacy framework is to clearly identify who has custody and control of personal health information. As the legislation is currently drafted, it is not sufficiently clear who has custody and control of personal health information in the electronic health record. As such, when personal health information flows from the health information custodian to the prescribed organization, it is ambiguous whether the health information custodian continues to be accountable for the information in the system, even though they will only have a very limited ability to exercise control over that information.

The OHA believes that any accountability a health information custodian has for personal health information in the electronic health record should reflect the health information custodian’s actual level of control over that information. Accordingly, we recommend that the statute be amended to explicitly acknowledge this, as doing so will help to clarify roles and responsibilities with respect to the electronic health record, and accordingly will also increase patient and health care provider confidence in the system.

Our second recommendation is that the electronic health record privacy advisory committee should play a more central role in the development stage of the electronic health records. By giving the advisory committee the ability to study all aspects of the legislation and the electronic health records, the OHA believes that the most effective mechanisms to address the technical elements of the system will be put into place. The OHA also recommends that the legislation provide additional transparency regarding the advisory committee’s membership and its deliberations, as well as enhancing its discretion to address issues proactively.

Our third recommendation relates to the mandatory reporting of privacy breaches. It is exceedingly important that privacy breaches are dealt with effectively and that health care providers are held accountable for their actions, especially where they intentionally breach privacy. The legislation proposes to add a new requirement for health information custodians to notify the Information and Privacy Commissioner of a privacy breach, in circumstances to be set out in future regulations.

The OHA supports mandatory reporting of significant privacy breaches. We agree that the Information and Privacy Commissioner must be made aware of serious and systemic breaches so that it can provide guidance, as well as support the prevention of further breaches.

The OHA believes that IPC notification should mirror legislation in most other Canadian provinces, specifically where there is a serious or systemic breach, and to provide for other breaches to be addressed at the institutional level. The regulations should set out objective criteria for notification, such as the number of patients affected by a privacy breach, whether the breach is intentional, whether there is the possibility of harm to the patient resulting from the breach, and in consideration of the sensitivity of the information at issue.

If the government were to pursue mandatory reporting of all privacy breaches, the OHA believes that it will be critical to ensure that the reporting structure is something that hospitals can effectively operationalize within their current staffing and resources. Thank you.

The Chair (Mr. Shafiq Qaadri): Thank you very much for your presentation. Now I offer the floor to the—

Ms. Kristin Taylor: Sorry, back to me for part 2.

The Chair (Mr. Shafiq Qaadri): Please. Yes, you have four minutes left.

Ms. Kristin Taylor: My apologies.

In 2014, the OHA participated as a member of the QCIPA Review Committee, which had focused its work on the interpretation and implementation of QCIPA in the investigation of critical incidents. Implementing the QCIPA Review Committee’s recommendations, including amendments to QCIPA, is an important step in providing greater clarity to this legislation to support the enhanced clarity of definitions, support disclosure, and the involvement of patients and their families. The OHA supports the recommendations stemming from the review.

Hospitals and the OHA are working to align practices in the use of QCIPA, in particular working towards more uniformity in the application of the act. As such, the OHA believes that a mandatory approach to QCIPA should be considered. If so, it must be systemic in nature and it must account for the various contexts in which QCIPA is used.

The OHA is concerned that any recommendations allowing the minister to restrict or prohibit the use of the quality-of-care committees for critical incident reviews would be outside of the mandatory public consultation provisions that apply to other regulations made under QCIPA. This may make it possible to target individual providers rather than approaching the issue from a systemic point of view. The OHA believes that such a mandatory approach to the use of QCIPA should be informed by a rigorous public and stakeholder consultation process.

Our final recommendation today relates to an appeal mechanism for QCIPA. The OHA understands amendments to QCIPA may be introduced that would allow the IPC to access quality-of-care information for the purposes of determining whether or not QCIPA would apply to records at issue; specifically, an explicit permission for hospitals to disclose quality-of-care information to the commissioner. The OHA cannot support such an amendment to QCIPA.

Given the ability of IPC to compel production of records, this would effectively require hospitals to disclose quality-of-care information to the IPC upon request. The IPC, as a matter of course, would be making determinations regarding whether or not QCIPA applied in a particular context and whether certain information would be considered quality-of-care information. This has the potential to erode the purpose of QCIPA as the absolute guarantee of a safe place for discussion.

While QCIPA does address disclosure of information, the purpose of the legislation is to improve quality of care by encouraging health care providers to conduct reviews, identify root causes and ultimately improve safety. The OHA firmly believes that any appeal mechanism must support this goal while also ensuring that the legislation is used effectively.

In conclusion, the OHA and its members reaffirm our commitment to patients, enhancing patient care through new technologies and ensuring continuous quality improvement in all aspects of patient care, including those in response to critical incidents. The OHA looks forward to continuing to support Ontario’s hospitals through the transitions to come in the e-health environment and across the health care system.

We’d be happy to take any questions.

The Chair (Mr. Shafiq Qaadri): Thank you very much, and thanks for your precision timing. The floor goes now to Madame Gélinas.

M^me France Gélinas: Thank you. I will start with the last recommendations that you make regarding the Information and Privacy Commissioner. Could you explain what the role of the Information and Privacy Commissioner would be if they are not allowed to ask for that information?

Ms. Kristin Taylor: We would say that the appeal mechanism does not necessarily require the input of the Information and Privacy Commissioner. An appeal mechanism might be something considered to be to the patient ombudsperson or another process where the automatic permission granted to the IPC to look at those records would have a higher threshold or more rigour prior to being provided to the IPC.

M^me France Gélinas: Do you feel that if there is a higher threshold the absolutely guaranteed safe place to talk about what went wrong will be maintained, and where would you put that threshold?

Ms. Kristin Taylor: To answer the first part, I think a higher threshold and more of a formal appeal process—one that would have less of a permissive or discretionary approach to it—would protect, and that’s the goal of the OHA in making this recommendation.

0930

The threshold, similar to other court proceedings when you’re dealing with very delicate and confidential information such as this, would allow a single decision-maker to look at the information. It would be held in great confidence to be looked at in the context, and a decision would be made prior to it being disclosed further, so the IPC process would be less formal than what the OHA would decide—

M^me France Gélinas: So who would be the arbitrator of that? Who would decide?

Ms. Kristin Taylor: Well, it could be, if there was a different process that went to the IPC—something that was a bit more formal so that it was a single person—the commissioner himself, or something potentially into the court system, so you actually had an application made to have this information looked at.

M^me France Gélinas: Okay. You see the value of having those safe places. You see that it has improved our health care system. So the goal of what you’re asking us to do in this recommendation, and the one before it, where you ask the minister to restrict or prohibit the use of the quality-of-care committees for critical incident reviews—so the aim of that is really because you want to protect that safe place? Is this what you’re trying to do?

Ms. Kristin Taylor: Yes. I think that while the OHA believes in the transparency and full accountability of the health care providers in any incident, and the desire to share the information learned with the family, with the patient involved in these, the risk you have is that if the information is openly accessible by the IPC, or the minister has the discretion to simply—

The Chair (Mr. Shafiq Qaadri): Thank you, Madame Gélinas. The floor now passes to the government side: Ms. Naidoo-Harris.

Ms. Indira Naidoo-Harris: Thank you so much for coming in today. I want to thank the Ontario Hospital Association for presenting here before us today. As we all know, you are a very important partner when it comes to the delivery of health care in our province.

I’m very pleased that you’re here today with us, but also pleased—as you mentioned earlier—that you participated as a member of the QCIPA review committee. That committee was fairly thorough and released a number of recommendations in its report to the minister. As we all know, the minister accepted all the recommendations put forward. They were fairly detailed, and a number of different issues were raised and addressed in that report.

I’d like to ask you, on behalf of the Ontario Hospital Association, which is such a key partner in our health care system: does this legislation really address most of the recommendations put forth by the committee?

Ms. Kristin Taylor: I believe it does. I do believe that the review undertaken with respect to this legislation has gone the distance in addressing the issues that had been complained about prior. With regard to the family involvement, the patient involvement, the sharing of information, there were a lot of misunderstandings about QCIPA prior that I believe the legislation, particularly in the preamble comments, will go far to explaining—that this isn’t about hiding information; it’s about learning. However, the learning circle needs to be extended to families and to patients.

I think one of the key aspects that is coming out of this legislation is the sharing of information across the sector. I had the privilege of working with Health Quality Ontario on the development of the reporting system that will be put in place as part of this legislation and following the review. That’s going to take us to an entirely different level of learning and information sharing in this province, because hospitals are no longer going to have their learning kept in silos. They’re going to share it, and hopefully that’s going to go a long way to preventing similar incidents from happening at other health care organizations.

Ms. Indira Naidoo-Harris: Implicit in some of your comments was the idea, of course, that this is also about protecting patients and protecting their personal information and their rights. We’re all aware, when we go into a hospital situation, that it’s usually in a critical situation, and it’s really a crisis kind of situation that people are dealing with, so you feel fairly vulnerable.

Tell me: From your perspective, how important is it that we do protect patients’ information?

Ms. Kristin Taylor: I’ll speak very quickly on that point, from the QCIPA perspective. I think that you’ve actually touched upon the main misunderstanding about QCIPA when it was discussed extensively in the media. Oftentimes it wasn’t QCIPA from preventing—

The Chair (Mr. Shafiq Qaadri): Thank you, Ms. Naidoo-Harris. To the opposition side: Mr. Hillier.

Mr. Randy Hillier: Let’s see if we can speak real quickly here in these three minutes. First, I understand that on page 4, you have the electronic health records advisory committee. Is there a report from that committee, and if so, can that be tabled with the Clerk of the Committee?

Ms. Rita Reynolds: The OHA will be submitting the proposed amendments to the legislation later today.

Mr. Randy Hillier: Okay.

Ms. Rita Reynolds: But I do not have a specific report in my—

Mr. Randy Hillier: From the health record privacy advisory committee, there is no report?

Ms. Rita Reynolds: I do not have a specific report.

Mr. Randy Hillier: Okay.

Ms. Kristin Taylor: That’s the creation of that committee.

Ms. Rita Reynolds: Yes, that’s what it’s really referring to.

Mr. Randy Hillier: Okay. Two other things: Clearly, there’s a concern that the mandatory reporting will be unduly burdensome, and maybe you could take a moment to describe what is happening right now with reporting and how you see that this may be a significant burden.

The other comment is on the appeal mechanism. I find it interesting that you’re suggesting that possibly the courts would be a better remedy or appeal mechanism than the Information and Privacy Commissioner. I’m of the view that appeals and the seeking of remedies ought to be as expeditious as possible, and the courts don’t bring those words to my mind. So if you could address those two points.

Ms. Rita Reynolds: I’ll speak to the question related to the mandatory reporting. There is a very wide variation in the types of privacy issues that can occur in a hospital. One of the things that can happen is that a clinician can hand another clinician a file, and it’s not a file for a patient they are providing care for. Under the legislation, in fact, that is a breach, because they’re not providing care. Immediately, when it’s recognized, it’s passed back. I would suggest that this is not a significant enough breach to report to the Information and Privacy Commissioner.

On the other hand, you can have situations of someone going into patient charts and browsing through them. Intentional breaches of privacy like that are very, very serious and should be reported. But if we were to consider both things equally—both are breaches—there would have to be an extremely sophisticated and onerous reporting mechanism to identify and to report, and I would suggest that it would very quickly be very difficult to operationalize within existing hospital resources.

Mr. Randy Hillier: Once that is reported, though—let’s say that insignificant breach of handing a file—what would that—

The Chair (Mr. Shafiq Qaadri): Thank you, Mr. Hillier, and thanks to you, Ms. Reynolds and Ms. Taylor, for your deputation on behalf of the OHA.

Mr. Joseph Colangelo Ms. Maria Katherine Daskalos

The Chair (Mr. Shafiq Qaadri): We now invite our final presenters of the morning session, Mr. Colangelo and Ms. Daskalos, to please come forward. Your time begins now. Your time has begun.

Mr. Joseph Colangelo: Thank you. Good morning, members of the committee, and thank you for hearing us.

We will split our presentation. Ms. Daskalos will speak from a practical perspective; I am a lawyer and will speak from the legal perspective. My submissions on Bill 119 are limited to schedule 2 only, the QCIPA amendments. I will not read the presentation, but rather supplement it with some comments.

The problem is this: If you read what was said in the QCIPA review and what was said by the minister, the principles and the objectives are laudable—a just, transparent culture, a new age. Great. Then you read the legislation and you ask yourself what happened.

The fact of the matter is that the legislation is confusing. It’s not accessible and, in terms of accessible justice, the average person really doesn’t know what it means.

Is there a difference between the QCIPA review and the critical incident review? The sections are in two different statutes, one under QCIPA and the other one under the regulations in the Public Hospitals Act. They should be consolidated.

But more importantly, you’re talking about an important aspect of access to justice in which we are all participants: not just the legal profession, not just the courts, but the Legislature that makes the laws.

0940

The problem is that the suggestion that there will only be full, true and plain disclosure if there is some protected zone or freedom from retaliation is flawed. There is no evidence of that. Health care professionals have a fiduciary duty of disclosure. They have an obligation to make full, true and plain disclosure of error.

In my respectful submission, the legislation should be rejected. In its place, you should have legislation that simply states the following:

(1) That hospitals, hospital administrators and health care professionals in the team have a fiduciary obligation to make full, true and plain disclosure to the patient, or the patient’s representatives, of all information relating to the care provided or any health care error. That’s entirely consistent with the current law in fiduciary obligations;

(2) That the critical incident and QCIPA review process be consolidated in one statute to make it clear that there is one committee, one body, undertaking the investigation and that has complete control of the process; and

(3) The legislation should state that the patient, or the patient’s representative, has a right to full, true and plain disclosure from this committee of all the information obtained in the course of the investigation and any recommendation.

The provisions in the legislation, particularly sections 9 and 10 of the bill, schedule 2, are out of step with the current state of the law as described in paragraph 13 of my submission. The Court of Appeal has been very clear on the issue of remedial measures: That information is admissible in a court of law. The amendment is going the other way and is inconsistent with the just, transparent culture for which everyone is arguing.

Consistent with the rule in Sandhu, the principle in the legislation should be this: The information obtained by QCIPA and the recommendations may be admitted in any legal proceeding except where its prejudicial effect outweighs its probative value. That’s the exact rule in Sandhu. That is the current state of the law.

In my respectful submission, this bill does not accomplish the very laudable objectives that were stated. It’s time for the Legislature, in my respectful submission, to move forward to be the champion of access to justice of patients’ rights.

Ms. Daskalos will now put this in particular perspective in so far as the case of her mother is concerned.

Ms. Maria Daskalos: Hello, everyone. My name is Maria Daskalos. I’m the daughter of the late Dimitra Daskalos, who passed away at Toronto General Hospital on February 21, 2011. I would like to provide three specific examples—out of several, mind you—that our family personally encountered throughout my mother’s care over the years that highlight the prevalent culture of non-disclosure that exists in our health care system.

In 2007, my mother was admitted to TGH with heart failure. A few days before she was about to be released and on the evening of April 15, 2007, she was overdosed with haloperidol, a drug that was actually removed from her list of medications. The nurse ignored this directive and administered a double dose of haloperidol that put her into a drug-induced coma where she almost died. She required a life-saving blood transfusion and did not wake up for several days, never to be the same.

The hospital refused to provide copies of the chart that clearly showed when the medication was given and the name of the nurse who administered the drug. On December 7, 2010, we finally obtained copies of the actual chart review. The drug was given to my mother at 22:00 hours, 10 p.m., and then again at 23:30 hours, 11:30 p.m., by the attending RN. An incident report was never filed and the nurse was never reprimanded.

My mother was admitted again to Toronto General Hospital in July 2010. On May 19, 2011, we submitted a complete authorization form and a $30 fee to request my mother’s entire patient records, including administrative notes and patient relations documents, for the period of July 11, 2010 until February 21, 2011, the day she passed away.

Her records were prepared with a fee attached of $548.75 in order for them to be released. I contacted the privacy commission to complain and they deemed that the costs were not considered reasonable and, eventually, they were waived by the University Health Network. These documents included the various tests my mother received, but did not include any of the administration’s notes or that of patient relations. We have yet to receive those.

The final and most detrimental act of the hospital administrators that led to my mother’s death occurred when the hospital ignored infection control protocols and placed four infected patients, one right after the other, in her semi-private room. The outcome, of course, was predictable: She contracted the virus that one of the patients was carrying and, unfortunately, she passed away. This was completely avoidable, but the administrators chose to purposely place an older patient, considered high risk, in harm’s way, and we have yet to obtain an explanation.

They also refused to disclose the types of viruses the patients were infected with to the provincial coroner. The coroner’s investigation statement explained that “a coroner does not have the legal right to seek out information about the medical status of the individuals who shared Mrs. Daskalos’s room.”

Since that day, our family has been asking for information, and we have gone to great lengths to attempt to receive it: We presented a petition to the government with 5,400 signatures; we had our case included in the provincial Ombudsman’s annual report; we have written letters to the hospital president, the current and past Premier, the current and past health minister—

The Chair (Mr. Shafiq Qaadri): One minute.

Ms. Maria Daskalos: —all unwilling to provide answers.

It has been five years with no results and no investigation. Crucial information has been withheld, which we are entitled to and that our family needs in order to achieve closure.

How can the government claim that the system is open and transparent after listening to my mother’s case? How is that possible? My mother’s case echoes thousands of others. I hope you make the right decision when it comes to this bill.

Thank you.

The Chair (Mr. Shafiq Qaadri): Thank you, Ms. Daskalos.

We’ll now offer the floor to the government side: Ms. Naidoo-Harris.

Ms. Indira Naidoo-Harris: Thank you so much for coming in, Ms. Daskalos. Thank you very much for presenting what I think has to be difficult for you to do. I want you, first of all, to understand that we all share your loss and how you must be feeling about that, and that people on all sides of the table here really understand how difficult it must have been for you to come in here. A touching and moving presentation, for sure.

I understand, and I know you understand, that sometimes the situations that are presented in hospitals can be very challenging, but I want you to know that that’s why we are here today. We’re here, on all sides, because we want to hear out members of our communities like you. We’re here to try to make sure that we’re doing the right thing when we come up with amendments for a bill.

That’s what this bill is really trying to do. The minister and folks like us who are voices for our communities are here because we want to improve things. This proposed legislation does aim to improve the protection of personal health information and respond to the need for greater transparency and appropriate disclosure.

I understand that you were facing a very difficult situation. We want to affirm the rights of patients to access the information about their health care, but still making sure that QCIPA doesn’t interfere with a health facility’s duty to disclose information to patients.

After hearing your story, I have to ask you: Can you tell us what these amendments really mean to you? I hope you recognize that this is a step the government is trying to take to ensure that we do the right thing.

0950

Ms. Maria Daskalos: Well, I’ll have Joe answer that because he obviously knows the law. He’s a highly respected lawyer in his field. I can tell you, it’s a very simple answer from the patient’s perspective and the family’s perspective: full disclosure, open transparency, no loopholes. This bill does not address that. I’ll let Joe answer that question.

Ms. Indira Naidoo-Harris: Thank you.

Mr. Joseph Colangelo: If I may.

Ms. Indira Naidoo-Harris: Yes.

Mr. Joseph Colangelo: If you look at the bill and you go through the language, it’s a lawyer’s dream come true. You will be arguing about this bill again in four to five years. I can tell you that defence lawyers, as is their job, will work through the language and will see how there is some foundation for the withholding of information. The definition of “quality of care information” is so broad that I suspect a good defence lawyer is going to say that it includes statements taken promptly and immediately after the incident—

The Chair (Mr. Shafiq Qaadri): Thank you, Ms. Naidoo-Harris. The floor passes to the PC side: Mr. Hillier.

Mr. Randy Hillier: I don’t know where to begin. Thanks for your presentation today. I think it’s interesting to hear a very different opinion and view. I’m not sure what else to ask you other than, once this committee is finished, I’d like to get your phone number and have a more detailed discussion on these statements. In a nutshell, I guess I’d say you’re suggesting that this legislation is completely contrary to recognized jurisprudence and due process, and we’re going in the wrong direction here. That’s a significant view, and I think it’s time that we take a little more time, step back and take a look at this legislation in a different light.

Thank you for making your presentation, and I’m sure you’ll be hearing from us on the phone sometime soon.

Mr. Joseph Colangelo: I would be delighted to expand upon my analysis, and I can. I tried to keep it brief with a minimum of legal authorities, but any help I can be to the committee and to the Legislature, I would be delighted to offer.

Mr. Randy Hillier: Yes, 10 minutes doesn’t give us a whole lot of time to get in-depth on this, but you certainly will be hearing from us. Thank you very much.

Mr. Joseph Colangelo: I’m delighted. Thank you.

The Chair (Mr. Shafiq Qaadri): Thank you, Mr. Hillier. To Madame Gélinas.

M^me France Gélinas: All right, so in practical terms, because we have created those quality-of-care discussions that are the safe place where, if you say “quality of care,” you know that none of that information will ever be shared with the people affected—you are telling us that this is at the core of our legislation and this is wrong because it basically keeps people from getting closure. Am I right in what I’m saying?

Mr. Joseph Colangelo: It is wrong for the following reason: I have not seen any evidence-based study that says that the need for the safe place is required in order to compel people with a fiduciary duty to make full, true and plain disclosure, as is their right. I, as a lawyer, have a fiduciary duty to make full, true and plain disclosure to my clients. I can’t claim some quasi-Fifth Amendment right. My profession—my oath of office in the profession, as does the obligation of health care professionals—doesn’t entitle you to stand quiet and doesn’t entitle you to a safe place of protection. That’s part of being a fiduciary. You don’t get that privilege.

M^me France Gélinas: Do any other workers in other fields—I’ll exclude lawyers and judges from that—have this right to, if you think that you screwed up, you will call a quality of care or colleague someplace else, and you can share your screw-up with all of your peers knowing full well that the people that were affected by your screw-up will never know?

Mr. Joseph Colangelo: I’m not sure what happens in other professions, but people with fiduciaries do not have the right to remain silent, nor is there a disciplined, rigorous study that complies with principles that both doctors and lawyers—and legislators, I would assume—require. The gold standard is what’s called a randomized controlled, double-blind study. That is evidence-based medicine; that is evidence-based law. I don’t see any study that justifies the safe-place regime.

M^me France Gélinas: We have the nurses, the hospital administrators and everybody come and tell us that they need that safe place to learn from their mistakes. They use language that is way more political than I do, but at the end of the day, if you screw up, you have this safe place to say, “Hey, guys. We screwed up. Let’s try not to screw up again.” But you certainly don’t want the patient, who lives with consequences of your screw-up, to know. If there was solid, double-blind evidence to say that that helped improve quality, would you change your mind—

The Chair (Mr. Shafiq Qaadri): Thank you, Madame Gélinas, and thanks to our presenters, Mr. Colangelo and Ms. Daskalos.

Before we return in the afternoon, may I just politely suggest that we do away with so much “screwing” and kind of elevate the language of this committee?

The committee is in recess until 2 p.m. today.

The committee recessed from 0956 to 1402.

The Chair (Mr. Shafiq Qaadri): Thank you, colleagues. I call the Standing Committee on Justice Policy to order. As you know, we’re here for the afternoon session to consider Bill 119, An Act to amend the Personal Health Information Protection Act, 2004, to make certain related amendments and to repeal and replace the Quality of Care Information Protection Act, 2004.

Canadian Nurses Protective Society

The Chair (Mr. Shafiq Qaadri): We have four presenters this afternoon, beginning with representatives of the Canadian Nurses Protective Society: Ms. Lawson, Ms. Lawson and Madame Léonard. Are they all here? Yes, go ahead.

Ms. Chantal Léonard: Ms. Lawson and Ms. Lawson are not here today, so it’s myself only.

The Chair (Mr. Shafiq Qaadri): Okay, fair enough. You have 10 minutes to make your intro remarks, to be followed by questions in rotation, three minutes each, and the timing will be enforced rigorously. You are invited to please begin now, and do introduce yourself, please.

Ms. Chantal Léonard: My name is Chantal Léonard and I’m the CEO of the Canadian Nurses Protective Society. Honourable members of Parliament, thank you very much for this opportunity to comment on proposed changes to Bill 119. I know that the proposed amendments to legislation also focus on quality of care, but my comments today will focus primarily on the proposed amendments to Bill 119.

The Canadian Nurses Protective Society is a not-for-profit organization created in 1988. It provides professional liability protection and legal support services to nurse practitioners and registered nurses throughout Canada. While we provide assistance and legal representation in legal proceedings, our assistance primarily focuses on prevention. Our comments today will focus on the implications of the proposed amendments for nurse practitioners and registered nurses, but some may apply as well to other health care professionals.

As a preliminary comment, there is no doubt that the legislative scheme that governs the management of personal health information serves an important purpose. Citizens of Ontario should have confidence that their private health information is protected when they receive care. This includes implementing means to prevent, identify and respond to privacy breaches in a transparent way.

At the same time, access to health information is a critical requirement of the provision of quality of care. It is therefore equally important that the rules in place to prevent unauthorized access to health information do not impair the ability of health care professionals to provide care in accordance with applicable standards.

To that end, I will invite the committee today to consider the potential implication of the legislation for care providers who are entirely respectful of patients’ privacy interests, and specifically consider whether the changes to the draft legislation may have unintended consequences for these nurses and their patients. The comment will focus on two kinds of possible unintended consequences: firstly on the quality of care and secondly on legal implications for registered nurses and nurse practitioners.

With respect to the impact on the quality of care, our comments will focus on the proposed wording of subsections 17(1) and 17(2), which set out when agents or employees of the custodian can use personal health information. Because nurses are often employees, their ability to collect, use and disclose personal health information is most often governed by the provisions that apply to agents.

Under subsection 17(2), the right of agents to collect, use and disclose information is predicated on the custodian’s permission to do so, and whether it is necessary for the purpose of carrying out the agent’s duty.

As you can see, the requirement for permission is set out in subsection 17(1), and subsection 17(2) speaks to the necessity of the use of the information.

Making access, use and disclosure conditional upon the employer’s permission implies that the custodian has ultimately exclusive rights, obligations and authority with respect to personal health information. However, nurses have independent legal obligations in respect of information that apply irrespective of the context in which they provide care and irrespective of whether they are agents or custodians of personal information.

We believe that it is important to recognize expressly in the Personal Health Information Protection Act that these legal obligations exist and that they supersede any decisions that the employer may make with respect to the collection, use and disclosure of health care information.

There is a brief reference to the existence of competing obligations, pursuant to other legislation, in the current subsection 17(2), but this was removed in the proposed amendments. What you see right now before you is the language that exists currently in subsection 17(2).

The other condition for the collection, use and disclosure of information is the requirement for necessity. This is a new criterion to determine when a health care provider can collect, use and disclose information. “Necessity” is problematic because it can have different meanings. As stipulated in Black’s Law Dictionary, “it is a word susceptible of various meanings. It may import absolute physical necessity or inevitability, or it may import that which is only convenient, useful, appropriate, suitable, proper, or conducive to the end sought.”

Our submission, therefore, is that the word “necessary” is required to be better defined if it is to be used in this legislation.

In the context of subsections 17(1) and 17(2), it is difficult to know which meaning is intended. Giving it the meaning of absolute necessity could bring registered nurses and nurse practitioners to question their right to collect and use personal health information, even in ordinary circumstances.

Our recommendations are summarized in the following two slides, for ease of reference. Since the members of the committee have them in a document, I will not repeat them at this time, so I can proceed to my next point.

The next consideration that I would like to bring to your attention is whether there exists a potential for nurses to be unfairly accused of inappropriate access to information or, as we’ve most commonly used, “snooping.” It is important to consider the reality that nurses face in the management of personal health information.

Let’s use the example of electronic records. In order to access electronic records, nurses must use an authentication mechanism. When they access records without making an entry, there is no clue left as to the reason why they might have accessed the records. The EHR does not typically contain a field to indicate why the record was accessed.

There can be many reasons to access personal health information that are legitimate, other than the direct provision of care. Some are contemplated in section 37 of the Personal Health Information Protection Act.

At some point, there can be an audit. We understand that if a nurse accesses records of patients to whom she did not provide direct care, a determination regarding the appropriateness of access must then be made on the basis of inferences. These inferences are then usually validated through an inquiry with the nurse, who may then have nothing but her memory to rely upon.

1410

There are other questions that can come into play at this point. For instance, did the nurse access the record with the permission of the employer? In that case, are we looking at an implied permission or at an expressed permission? There is also a variable understanding, we have noted, of the concept of a circle of care. In some organizations, it is interpreted as a very narrow concept, whereas it is broader in other interpretations.

Then there’s the question of who bears the burden of proof during the course of that particular inquiry as to whether access was authorized or not. In the absence of conclusive evidence, will there be a conclusion that the access wasn’t authorized and was inappropriate because the nurse cannot herself justify the access? Or will it be concluded that there’s no conclusive evidence that there was inappropriate access, and therefore the conclusion will be that this is not an instance of inappropriate access? How will the balance play out?

Then, if, on the basis of what is sometimes very imperfect information, the custodian concludes that there has been a breach, there is an obligation to notify the individuals who have been determined to have been the victims of unauthorized access. Section 12 can be the subject of interpretation. As you can see, the obligation occurs if the information is stolen, lost or used or disclosed without authority. What does the term “without authority” mean in that specific provision? Does it mean without legal authority, which means contrary to the application of the act, or does it mean that it wasn’t authorized expressly by the employer?

To this, the proposed amendments add two new provisions: a reporting obligation to the regulator and a complete removal of the limitation period—

Le Président (M. Shafiq Qaadri): Merci, madame Léonard, pour vos remarques introductoires. Maintenant, je passe la parole à M^me Scott. Vous avez trois minutes. Three minutes.

Ms. Laurie Scott: Actually, I’m totally fine with allowing you to finish, if you want to, for the next three minutes. Is that okay?

Ms. Chantal Léonard: Thank you very much.

Ms. Laurie Scott: Are you okay with that, Mr. Chair?

The Chair (Mr. Shafiq Qaadri): Sure. Your time is yours here.

Ms. Chantal Léonard: To this, the proposed amendments add two new provisions: a reporting obligation to the regulator, which then will lead to another investigation; and, very importantly, a complete removal of the limitation period. This means that when nurses have to answer questions regarding access further to an audit, if this legislation is adopted, there may not be any limit on how far back this will go, when they will have to rely on their memory.

Furthermore, since 2011, there is a new cause of action. Patients can now commence litigation to obtain financial compensation for inappropriate access. We have seen that this has resulted in class actions. In the context of those class actions, employers often take the position that they’re not responsible when it comes to an employee breach. As a matter of fact, the employees themselves, individually, have to look for representation to defend those class actions.

PHIPA is an important piece of legislation. It must encompass all the necessary principles of fairness to ensure that its application creates a fair result in all circumstances. We believe that some small amendments and clarifications to the proposed legislative amendments that take into account the current reality of nurses and nurse practitioners would avoid that, if the legislation is adopted, it would cast a wider net than intended.

The Chair (Mr. Shafiq Qaadri): Thank you. Any further questions, Ms. Scott? You still have a minute.

Ms. Laurie Scott: I didn’t look at the back of your slide deck here, but is there an actual example—I can think of one that comes to mind. A nurse who was in emerg one day is in ICU the next day. She goes to access the file to see where the patient was because she was in emerg and now she’s working ICU, but the patient is not in ICU. You can use that example or you can give me another example of an incident. I think that will help clarify what you’re saying.

Ms. Chantal Léonard: Nurses who work in the emergency room, for example, may be called upon to make inquiries with respect to patients who are in different areas of the hospital, not only in the emergency room. But the emergency room tends to be a hub, and so sometimes a physician may call and ask a nurse to look at the record of a patient to see if a lab result has come in so that they can prescribe the right medication. That would be an example of a circumstance where a nurse could be called upon.

The Chair (Mr. Shafiq Qaadri): Thank you, Ms. Scott.

Ms. Laurie Scott: Okay. Thank you. That was good.

The Chair (Mr. Shafiq Qaadri): The floor goes to the NDP. Madame Gélinas?

M^me France Gélinas: It was a very good example.

I’m sorry I came in late. I had House duty to comply with.

We are faced with health practitioners, nurses—we’ll take the example; you make up the biggest mass—who want us to get the balance right, as well as a number of families who have had bad outcomes with them—we’ll take our hospital system—and who are trying to gain access to information or who have had their private information breached. From what I’ve tried to scan through your PowerPoint, you feel that we haven’t got the right balance there.

In the suggestions that you are making, it’s really suggestions that would protect nurses more. How do you balance that with families who need closure?

Ms. Chantal Léonard: I’m not sure that I would agree with your characterization that the proposed changes are intended to protect nurses more than they do patients. We understand that there is a need to intervene when there’s inappropriate access. The changes that we’re proposing intend to avoid that nurses who have inappropriately accessed information could be trapped in an investigation and an inappropriate finding of inappropriate access be made as a result.

M^me France Gélinas: So you feel that the way we have it now would open the doors to things like this, where you went into the chart because it was part of your job—because a question was asked and this is where you find the answer—and the bill, the way it is written, would look at this as being inappropriate?

Ms. Chantal Léonard: The bill itself is not necessarily the problem. It’s the ability to implement the bill in the current reality that is the issue. What we’re proposing is that this reality needs to be taken into account in determining how the bill is structured.

M^me France Gélinas: Is this specific to electronic charts, or all charts?

Ms. Chantal Léonard: Certainly more in respect of electronic charts, because this is where audits are conducted and decisions have to be made on the basis of inferences. For instance, if there was the ability when accessing a chart to indicate why it was accessed, then maybe there would be no need for the nurse to rely on their memory to try to explain it later on.

M^me France Gélinas: I see. And none of that exists—

Le Président (M. Shafiq Qaadri): Merci, Madame Gélinas. To the government side: Ms. Naidoo-Harris.

Ms. Indira Naidoo-Harris: I want to thank you for coming in today and speaking to us on behalf of the Canadian Nurses Protective Society.

I appreciate your presentation and the concerns that you’re raising. I realize that you’re here to make sure that you are a voice for nurses when it comes to, perhaps, some situations that could be complicated and could need some legal counsel and advice. I understand that you play a very important role when it comes to our nurses, so I want to thank you for coming in, and of course, drawing our attention to certain things.

I just want to go over the intent of this and make sure that we’re all speaking about the same thing. The intention of Bill 19 is to strengthen the protection of health information privacy and increase transparency and accountability. It’s also about creating a strong foundation, which is what the bill intends to do: a strong foundation for securing—for secure sharing, also, of a patient’s personal health information in the electronic health records system.

What we’re trying to do is create a province-wide system that allows health records to be shared between health care providers and yet still protect the rights of individuals. I’m sure that, in your role, you realize this is complicated and tricky.

1420

I want to talk to you a little bit about QCIPA and the QCIPA legislation. From your experience in supporting investigations and nurses out there and so on, can you tell me how important and critical this legislation will be in preventing critical incidents going forward? Remember, we’re here trying to strengthen things and ensure that the backing is there.

Ms. Chantal Léonard: Nurses, as a group, support the protection of personal health information. We’re approaching this from the same page. The purpose of the submissions is to identify a few areas where some small adjustments may be necessary to reflect the obligations that nurses have—in reference to that information, but also in reference to their patient—to ensure that, as they protect the personal health information, they can continue to provide the best care they can and follow their standards of practice.

With respect to the quality of care: That legislation serves a specific purpose. The purpose of that legislation is to ensure that if there has been an adverse event, there can be, shortly after that event, a safe forum where nurses and other health care providers can discuss the incident—

The Chair (Mr. Shafiq Qaadri): Thank you, Ms. Naidoo-Harris.

Merci beaucoup, madame Léonard, pour votre présence et votre députation.

Registered Nurses’ Association of Ontario

The Chair (Mr. Shafiq Qaadri): It’s my pleasure to ask our next presenters to please come forward: the Registered Nurses’ Association of Ontario—Ms. Baumann and your colleague Mr. Lenartowych. Welcome. You’ve seen the drill. The floor is yours. Please begin.

Mr. Tim Lenartowych: My name is Tim Lenartowych. I’m the director of policy for the Registered Nurses’ Association of Ontario. I’m very pleased to be joined by my colleague Andrea Baumann, who is a nursing policy analyst.

RNAO is the professional association that represents registered nurses, nurse practitioners and nursing students in Ontario. As the largest regulated health workforce, registered nurses and nurse practitioners are deeply affected by Bill 119, which is why we’re here today and welcome the opportunity to provide input.

I’ll refer you to our detailed written submission, and our remarks today will be a highlight of that submission. I’ll begin with some comments on schedule 1 of the bill, and my colleague will take over for schedule 2.

In terms of schedule 1: RNAO is supportive of many of the proposed amendments to the Personal Health Information Protection Act proposed in schedule 1 of the bill. This will move us one step closer to having a provincial electronic health record, as real-time access to key health information at the point of care means health professionals will be able to provide more coordinated, person-centred care with less duplication of service.

Whenever personal health information is collected, stored and accessed, security and confidentiality are of paramount importance. Section 1(2) of the bill amends the definition of “use” of personal health information to include viewing. We’re aware of several cases where health professionals made unauthorized access to view health records. Although these situations have been isolated, Ontarians deserve to have their personal health information protected; thus, we are in favour of proceeding with greater regulation around the viewing of personal health information.

In the event of a privacy breach by means of the electronic health record, the proposed amendments stipulate that the prescribed organization must notify the health information custodian that originally provided the personal health information. RNAO recommends that a requirement be included that the patient whose personal health information was involved must also be notified in a timely manner—and to specify who will be making that notification.

In regard to the provisions around the duty to report to regulatory colleges, RNAO is a strong supporter of Ontario’s current self-regulatory system of health professionals under the Regulated Health Professions Act. The sustainability of this model demands strong public trust and the accountability of regulators. Section 8 of Bill 119 mandates that health information custodians must notify regulatory colleges if an employee is terminated, suspended or subject to disciplinary action related to personal health information, or if the employee resigns and there are grounds to believe that the resignation is in relation to an investigation or other action with respect to personal health information.

While RNAO fully believes that health professionals must be accountable for their use of personal health information, we believe that the current reporting requirements under the Health Professions Procedural Code under the RHPA are sufficient, and we question the necessity of section 8(3) of the bill. We recommend that it be removed at this time to allow for further discussion with stakeholders.

In addition, section 23(8) of the bill would remove a six-month limitation period specified by the Provincial Offences Act on the prosecution of offences related to personal health information. In the interest of procedural fairness, we recommend that the government specify an appropriate limitation period on the prosecution of offences under section 23(8) of no more than five years after which the offence was alleged to have occurred.

In terms of the provisions in the bill that speak to an advisory committee—section 55.11—the minister is to establish an advisory committee for the purpose of making recommendations regarding the practices of the prescribed organization. RNAO supports this recommendation, and we further urge to mandate the advisory committee composition to include at least one registered nurse and one nurse practitioner, in addition to other health professionals and a member of the public. This is given the trust that the public places in nurses as well as our knowledge and experience in health service delivery.

Lastly, the bill creates significant implications for health care professionals in regard to personal health information. We want to ensure that health care professionals are going to be aware of their obligations under this bill should it become law. We want to ensure that there will be follow-up education and outreach, and we encourage the government to engage professional associations like RNAO to ensure that nurses and other health care professionals are fully aware of their obligations and what the law says to minimize the likelihood of incidents where there would be inadvertent breaches.

Andrea?

Ms. Andrea Baumann: Thanks, Tim.

On to schedule 2: RNAO applauds the efforts to update the Quality of Care Information Protection Act and is supportive of processes that give health facilities the opportunity to review critical incidents so that they can improve quality of care. RNAO strongly believes that the need for confidentiality during the review process must be balanced with the need for transparency for patients, their families and staff, all of whom deserve to know about the quality of care that was provided.

Currently, there’s a lack of consistency as to how QCIPA is applied when reviewing critical incidents. The newly added preamble to QCIPA, 2015 does well to clarify the spirit and intent of the legislation. However, further clarity is required, and we would like to see it defined in terms of the parameters that identify the circumstances under which QCIPA may be applied. This will ensure that critical incidents are reviewed in a consistent manner and that information is not unnecessarily withheld from patients, families or the public in the name of quality improvement.

Regarding definitions in section 2: Following a critical incident, it is understandable that patients and families want to know what happened. RNAO is strongly in favour of measures to increase transparency, as was said. That’s why RNAO supports the added definition of “quality of care functions” as well as the revised definition of “quality of care information” to help clarify what information can be withheld under QCIPA.

RNAO applauds new additions to QCIPA, 2015 that facilitate the sharing of quality of care information between health facilities. As the next step, RNAO urges the health ministry to work with stakeholders to put forward policy options to support the sharing of quality-of-care information among health care organizations for maximal benefit. Further, we urge this section of the legislation to be strengthened to facilitate sharing of quality-of-care information, not only with other quality-of-care committees but also with the public by establishing a publicly available database, as recommended by the QCIPA Review Committee.

In addition to the need for transparent processes for reviewing critical incidents, there is also a need to balance this with appropriate protections for health professionals who are involved in critical incidents. In the absence of appropriate confidentiality, health professionals may be hesitant to speak openly about the causes of critical incidents. This would also hinder their ability to learn from them. That’s why RNAO is supportive of sections 10 and 11, which provide assurance of non-retaliation for employees who have disclosed information to a quality-of-care committee.

However, RNAO is concerned that the above protection only exists when QCIPA is applied. It is our view that the same level of protection must be assured when reviewing all critical incidents, both when QCIPA is applied and when it is not, to enable clinicians to discuss critical incidents openly and without fear of repercussions. RNAO believes that this is a necessary step in order to combat a culture of blame and move towards a just culture. This culture shift should exist at all levels as we work together in the provision of safe, quality health care.

1430

In addition, we are in agreement with the QCIPA Review Committee’s recommendation to provide support for staff involved in critical incidents, as this can be a difficult experience.

Again, back to the point of education for health professionals, this time with regard to QCIPA implementation: Because of the broad implications, RNAO would like to see necessary training and guidance for all health professionals, including RNs and NPs, to understand this new legislation and to implement necessary changes to their practice. The government has committed to consulting with stakeholders on this issue. Given the central role that RNs and NPs play in our health system, we urge the government to consult RNAO on the issue of QCIPA implementation.

Thank you for giving us this opportunity to present our perspectives on Bill 119. We believe that the practical and achievable recommendations that we have outlined will strengthen the bill and advance health service delivery to ensure that it is of high quality, transparent and respectful of appropriate privacy and confidentiality. We urge you to implement our recommendations and we look forward to answering your questions.

The Chair (Mr. Shafiq Qaadri): Thank you. Just before I offer the floor to the NDP, I just wanted to say that the protocol here is that cellphones are generally seized and often sold back to either the bidder or to the highest bidder, and it goes into general revenues. I just invite you to please shut down the cellphones.

Madame Gélinas, you have the floor.

M^me France Gélinas: Thank you so much for your presentation. I always appreciate RNAO’s positions on different pieces of legislation.

I want to concentrate on the second part to start, because the time goes by really quickly. I want to make sure that I understand. The protections that you’re seeking are the protections for the workers, so that, if they bring forward something from a critical incident, whether it be within QCIPA or outside of it, they’re not going to lose their jobs about it. But you are not asking that this information be shielded from families who want to gain closure on that same incident.

Ms. Andrea Baumann: That’s right. I think what we’re seeking is a balance between the need for protection for workers, such as nurses and nurse practitioners, who are involved in a critical incident—what we heard from members as we consulted on this issue was just how onerous the process can be. If people are afraid of losing their jobs, they may not speak openly and then we might not learn the most we can from this critical incident. But of course, we want to balance that with the right of patients and their family members to access information and, like you said, to achieve closure.

We spoke out in favour of some of those changes to regulation 965 under the Public Hospitals Act, whereby things like the facts of the incident and the cause would not be withheld.

Mr. Tim Lenartowych: I think that we actually were involved in speaking out. There were a number of high-profile cases within the media where families were left wondering, “What happened? What happened to my family member?” This was very concerning to nurses, because we do believe that we’re very privileged to have a public health system. It’s owned by the people of Ontario, and they deserve to know what happened.

We think that Bill 119, with the revised definitions under the QCIPA component, will provide Ontarians with more answers. For example, it specifies that the cause is not to be shielded. However, Andrea mentioned balancing it with protection for nurses and other health care professionals so that if they speak out truly in terms of what they thought the cause of it was, there won’t be ramifications from an employment or a regulatory perspective.

M^me France Gélinas: Are you able to articulate in black and white where you set the trigger to trigger QCIPA versus not? I was trying to read really quickly. Did you do this? Did I miss it, or is it work to be done?

Mr. Tim Lenartowych: We’ve identified it as a need. In terms of specific language, that’s still work that we would need to do.

M^me France Gélinas: All right. But you’re cognizant that people want closure, that they need to have access. Do you have any proof or evidence that the fact that there is a safe place to talk has led to improvement—

Le Président (M. Shafiq Qaadri): Merci beaucoup, madame Gélinas. Maintenant, je passe la parole à M^me Naidoo-Harris. Trois minutes.

Ms. Indira Naidoo-Harris: Thank you so much for coming in and presenting on behalf of the RNAO. I of course want you to know that we value very much the work that our nurses do in the province, and all of us here understand that our nurses are a lifeline to wellness and good, quality health care. Please take that message back from all of us here in government about how much the work is appreciated.

I was especially interested in some of the things that you were saying involving balance and the importance of balancing transparency with patients’ rights. Certainly, it enlightened us on some of the challenges, perhaps, that nurses may face when they are dealing with some of these situations.

You talked about PHIPA, and I’d like to go into that a little bit. PHIPA, as we all know, is moving us, I think, one step closer to provincial electronic health records. Real-time access to key health information when it comes to health care providers when they’re dealing with crisis situations, I would think, as someone from the outside looking in, has to be imperative and vital to the system.

Can you tell me how this bill improves that and ensures the delivery of better and more quality health care from the perspective of nurses, who are there on the front lines?

Mr. Tim Lenartowych: I think, from our perspective, what you said is exactly right. It’s about that balance. As the health system evolves and we’re looking at greater care coordination and aiming to have a seamless transition of care across sectors, the sharing of information and electronic modes of communication, I think, are going to be an absolutely critical enabler of that.

I think that what you need to have is a statute that can balance the need to share and have ready access to information while, at the same time, ensuring that there are, of course, appropriate protections and appropriate fairness for health care professionals.

Some of the areas where we have a little bit of concern: We believe that the public trust in nurses is very strong, and we want to maintain that. Nurses need to be accountable, 100%. They need to be accountable for all of their actions but, at the same time, I think there needs to be a level of fairness for nurses.

For example, the limitation period: to specify an unlimited limitation period and having a nurse trying to recall from memory a situation that happened 22 years ago I think is going to be difficult. I understand that the current limitation period of six months would be very problematic in terms of trying to actually proceed with a prosecution, but we’re not in support of having an unlimited limitation period.

Ms. Indira Naidoo-Harris: Thank you for your comments on that. I also appreciated the comments you made about education and training being a part of delivering this process accurately.

I don’t know how much time I have, Chair.

The Chair (Mr. Shafiq Qaadri): You have 2.5 seconds.

Ms. Indira Naidoo-Harris: I was going to ask—

The Chair (Mr. Shafiq Qaadri): Thank you, Ms. Naidoo-Harris. To the PC side: Mr. Yurek.

Mr. Jeff Yurek: Thank you, Chair. Thank you very much for coming in today. Just a couple of questions, taking off from the third party: Do you have any proof—she was asking this—that the small, safe discussions that take place actually do improve the health care system?

Mr. Tim Lenartowych: What I can give you are the discussions and the feedback that we received from our members who are involved in these discussions. Yes, what we’ve heard from them is that it does provide an opportunity to look at processes within organizations to understand what went wrong.

But I think that there’s a tremendous opportunity here for organizations to learn from each other. I think that a good analogy is the airline industry. When there’s some sort of a critical incident within the airline industry, all the other airlines are wanting to understand what happened so they can prevent that incident from happening. Currently, you can’t share information between quality-of-care committees among organizations.

With Bill 119, it would enable the opportunity for that sharing of information. But we would want to see it actually taken one step further and following through on the QCIPA advisory committee’s recommendation to have that publicly available database for a few reasons, the first being that we do feel that having a publicly available database that has appropriate confidentialities in place so that we’re not disclosing personal health information would actually improve quality of care within hospitals, and also, it will allow for sharing.

Hospitals and other health care organizations—I’ve largely been saying “hospitals,” but understanding that QCIPA would apply to other health organizations. They’re publicly owned organizations, and the public has a right to know about the quality of care within those organizations. Just like we’re reporting on a number of metrics within our publicly funded health organizations, I think that having this information publicly available would be of great advantage.

Mr. Jeff Yurek: How much time?

The Chair (Mr. Shafiq Qaadri): A minute.

Mr. Jeff Yurek: Oh, lots of time.

1440

My other question is with regard to ensuring there’s non-retaliation from the employers. Where do you feel the college falls into the place about involving the college with incidents—what’s the balance?

Mr. Tim Lenartowych: I think that the appropriate protection would need to extend both for implications for employment and also for the regulatory perspective. We fully want nurses to be accountable. They need to be accountable. Having a self-regulatory system in Ontario is a privilege. We want to maintain that privilege, and in order to do so, we need to have public trust within that system.

That being said, we also know that when you have a blame culture within organizations, nurses can be afraid to speak up and—

The Chair (Mr. Shafiq Qaadri): Thank you, Mr. Lenartowych and Ms. Baumann, for your deputation on behalf of the RNAO.

Ontario Medical Association

The Chair (Mr. Shafiq Qaadri): We now invite our next presenters to please come forward: Dr. Chris and Ms. Laxer of the Ontario Medical Association.

Welcome. Your time begins now.

Dr. Stephen Chris: Mr. Chairman and members of the committee, my name is Stephen Chris. I’ve been a comprehensive care family doctor for most of my working life, though more recently I’m focused on long-term care. I’m also board chair of the Ontario Medical Association. With me today is Dara Laxer, acting director of health policy for the OMA.

On behalf of Ontario’s doctors, I would like to begin by thanking the committee for the opportunity to be here today—and to continue to lend our voice to this important discussion about the development of a functional and safe electronic health records system for the province.

We see the electronic health record, the EHR, as the overarching framework and foundation which captures the patient’s entire health record. This entire record contains relevant information extracted from multiple sites, which includes records from physicians, hospitals, labs and others. The EMR, the electronic medical record, is only one component of the EHR. The EMR, you will remember, is what doctors collect in their offices.

A properly designed e-health system is a fundamental requirement for patient care in the 21st century. We view this system as essential to the delivery of care. Having the most accurate, up-to-date information available at the point of care will improve the care experience and the quality of care tremendously. The OMA believes that a functional and secure e-health system is an important component of health system reform and sustainability.

My comments today will focus on two aspects of Bill 119: the governance structure we need to put in place for a transparent and robust implementation of an HER; and a warning about the government’s interest in gaining access to patients’ full charts, which identifies patients as individuals. We also have several concerns that are technical in nature, and these concerns are explained in detail within our written response.

The legislative framework to enable the creation of an e-health system is important, and we must get it right. In order to get it right, those who develop the framework and oversee its implementation must understand how the health care system functions. No one can do that in isolation. Diverse expertise is required to develop solutions that work for patients. The government cannot and should not go at this alone.

Bill 119 proposes to strike an advisory committee to advise the minister. The government often speaks about the importance of inclusivity and transparency; e-health is an area where these attributes are much needed. Ontario has, quite frankly, not enjoyed a lot of success in its e-health endeavours to date. If we collaborate to understand what the system needs through a shared decision-making process, then we will have greater success. The proposed approach to have a committee that is merely advisory to the minister is inadequate to meet the significant challenges ahead. We need to work together on this.

The government has a tendency to engage physicians and other health care providers only at the implementation stage, when bad decisions have already been taken, millions of dollars have been spent or committed, and political face-saving drives further bad decision-making. The diabetes registry is a good example of this.

The OMA urges the government to take the opportunity to amend Bill 119, to introduce shared governance for the EHR and its management. The experience in Alberta demonstrates that this approach works. It provides a framework for good decision-making and generates much-needed buy-in from the key stakeholders, who create and use the information on behalf of patients.

Good governance calls for a skills-based oversight body that brings together all of the key perspectives. Physicians, hospitals, pharmacists, technology specialists, patients and system planners need to come together to hammer out solutions to the challenging problems that we will inevitably encounter as we move forward with a comprehensive e-strategy. That is very different than bringing a group of people together to give advice that the government is free to accept, reject or ignore.

One of the most successful aspects of our current e-health system sits in physicians’ offices. Some 85% of community-based physicians now use electronic medical records. When physicians are engaged in strategy development and implementation, the results are positive and we get the desired outcomes.

I’ll now turn to my second key area: government access to personal health information.

The OMA is very concerned about the provision within section 55.9 of Bill 119 that will allow the Minister of Health and Long-Term Care to collect all identifiable patient health information, including the most intimate details of each individual’s life, captured in physician notes. Patients share their life stories with physicians, with the understanding that their health information will not be shared beyond the circle of care and that the most personal details will not be shared at all.

At present, the government does not have direct access to patients’ personal health information for system planning. During the three years of consultation on this bill, the OMA has yet to hear an explanation as to why the government wants to change public expectations of privacy. While patients expect health care providers to share information to improve their health care, they most certainly do not expect the government of Ontario to be looking at their most private information.

We urge this committee to recommend amendments to Bill 119 to prevent the government from having access to non-anonymized personal health information for system planning purposes.

Just recently, in 2014, England’s National Health Service sought to develop a central repository of data, much like what is proposed in Bill 119. Due to concerns around patient privacy, and mismanagement, and after many millions of pounds were spent, this initiative failed. We must learn from this significant mistake that was made not even two years ago. We must make sure this does not happen in Ontario.

As I previously said, physicians want a system that is supported by an integrated and well-functioning e-health system, and we support the intent behind Bill 119. I urge you to make the amendments that will give physicians, other health care providers and the public the confidence they need to move forward with government. We continue to be willing to spend whatever time is needed to ensure that these recommendations are understood by you, as lawmakers.

We represent Ontario’s doctors. We understand our patients and their needs, and we use the technology in our offices every day. We want to share this knowledge with you. We continue to offer our support in working together to create an e-health system that works for the people of Ontario. Thank you very much.

The Chair (Mr. Shafiq Qaadri): Thank you, Dr. Chris. I’ll pass to the government side. Ms. Naidoo-Harris, three minutes.

Ms. Indira Naidoo-Harris: Thank you so much for coming in.

Dr. Stephen Chris: Thank you for having us.

Ms. Indira Naidoo-Harris: We very much appreciate the presentation by the Ontario Medical Association. Yes, absolutely, this is about partnerships and working together to improve the health care system that we have in this province, and to make sure that it is leading our province and our country in terms of the delivery of good care. So I want to thank you for coming in.

I also appreciate very much the comments that you were making about the importance of electronic health records. I think it’s important to note that since 2005-06—at that time, there were 770,000 Ontarians benefiting from EMRs. Today, it’s a fantastic story, because we have more than 10 million people who are benefiting from it. I think no one understands the importance of these electronic health care records more than doctors.

1450

I am very interested in the comments you were making about governance and also access to chart info. I’m going to start with the governance piece. Certainly, it seems that you recognize the importance of the role of an advisory committee or something like that, but you feel that there should be a movement toward shared decision-making.

I have to tell you, I’m a bit concerned about this, about the challenges a system like that may propose and may put on the table. Who would be there? Who would be giving access to decision-making when it comes to Ontario’s patients and their health care records? Do you agree that this is something we may have to approach with caution?

Dr. Stephen Chris: Yes. I think the whole core of my presentation was about caution in designing a system that will work, that will provide patients—patients will have their information available when it’s needed, at an appropriate place and time—and to make sure that it’s only at that appropriate place and time.

Building e-health systems seems very complicated in many places, and not just in Ontario. There are considerable problems in building e-health systems. It is only with meaningful input from those of us who use the systems and know what we need—and we know what patients need—that we can get to where we want to go.

I think the element of shared decision-making is crucial.

Ms. Indira Naidoo-Harris: I also understand your comments about access to chart information and how we monitor that and how we regulate that. My concern would also be about regulation, because unless you really know what you’re looking for, we may not actually be able to say, “All of this info, but not this info.” I’m assuming that there is a little bit of balance needed here, and perhaps that is why this legislation is being proposed the way it is.

Dr. Stephen Chris: Without repeating everything—

The Chair (Mr. Shafiq Qaadri): Thank you, Ms. Naidoo-Harris. The floor passes to Mr. Yurek.

Mr. Jeff Yurek: Thank you for coming in today. It’s interesting that it was brought up from the governing party there, about figuring out what needs to be involved in regulation at the beginning. You made the point that you’d like to be part of a partnership at the start of going through and developing this bill into regulations and into law. Unfortunately, it will probably be at the implementation phase, and that’s where you usually run into problems. Probably why eHealth has cost over $2 billion and we’re still not fully functional in this province is mainly that health care professionals haven’t been at the forefront throughout the whole process.

Do you have any hopes at all of actually being part of the shared governance and going from step A to B with this government, or do you figure you’ll be at the bottom of the list again?

Dr. Stephen Chris: Hope springs eternal. I think it would be in all our interests to ensure that all the stakeholders who have experience and should have input are in fact involved as the decisions are made. That’s the way to avoid expensive, time-consuming mistakes, to get where we all want to go.

Mr. Jeff Yurek: So you’re vouching for OMA—that if the government comes around and wants to work with doctors again and the OMA, you’re more than willing to step forward—

Dr. Stephen Chris: We’ve demonstrated that. The most successful part of e-health in Ontario, as has already been said, is the fact that EMRSs, electronic medical records systems, sit on the desks of 85% of doctors in Ontario. That’s because we were involved in that. We operate that program. It’s because of that—our involvement, and positive involvement—that we have made this huge progress over the last five to 10 years.

Mr. Jeff Yurek: So working with doctors is key to ensuring the system—

Dr. Stephen Chris: Absolutely.

Mr. Jeff Yurek: Great. My other point with regard to the government collecting data: Do you think that will inhibit people with certain conditions? I’d bring out mental health; there’s a huge stigma involved. Do you think that might shun away people from actually accessing the help and services they need?

Dr. Stephen Chris: I don’t know about accessing health care services. My concern is that if patients believe—if people believe—that what they tell their doctor ends up on the desk of someone in government, they won’t tell us. Everything about medical care, going back to Hippocrates, is about the trust between patients and physicians. There is a risk that that trust could be seriously damaged, with an effect on patient care in the province.

Mr. Jeff Yurek: Thank you.

The Chair (Mr. Shafiq Qaadri): Thank you, Mr. Yurek. Madame Gélinas?

M^me France Gélinas: My questions are along the same two lines of everybody else. The first one is a shared governance model based on a skills-based oversight body that has decision-making authority. What does the government tell you? Why do they feel that an advisory body is what they want, when we have this model in Alberta that already works? What have they told you?

Dr. Stephen Chris: I’m not sure I know exactly what they have told us. My speculation is that there is always the concern on the part of government that if a mistake is made they bear the blame, and so if you keep control you may be more likely to be successful, but I think that’s not the right answer.

Dara, do you want to add something?

Ms. Dara Laxer: Yes. There is a lack of clarity in the responses provided about why the body needs to be advisory in nature. In conversations we’ve had, it has been indicated that groups like the OMA will likely sit on such an advisory group, which is good to know, but we need these details articulated clearly in the legislation.

In addition, “advisory” is not sufficient. We need collaboration and shared decision-making. If this process that we’ve been through, where we’ve tried to provide our advice, is any indication of what an advisory body might be, we’re a little concerned.

M^me France Gélinas: Yes, you can be ignored, and you were. My second question also has to do with what the government does tell you. Why do they need to have those identifiers? I have no problem with them collecting data to improve patient health and all this, but why the identifier? Did they ever explain to you why?

Dr. Stephen Chris: I’m not aware of the answer to that question.

Ms. Dara Laxer: The answer to that is no, we haven’t received a clear answer in terms of why. It has been indicated that it might make processes simpler because now what happens is that much of this work is done by other prescribed entities such as the Institute for Clinical Evaluative Sciences, so it might be simpler for the government to do that work in-house, but that doesn’t clearly answer the question about why the government needs access to all of Ontarians’ personal health information.

M^me France Gélinas: Do you know of any other jurisdictions that have given themselves the right to gather that information?

Dr. Stephen Chris: I certainly don’t know of any jurisdiction where they do that.

Ms. Dara Laxer: No, and we spoke of England and what did not end up working because of the concerns over patient privacy.

M^me France Gélinas: It has failed royally in England, and we’re following down this path. Am I the only clairvoyant one who sees failure in the future? I hope I’m wrong. Thank you for your presentation. It is much appreciated.

Dr. Stephen Chris: Thank you.

Ms. Dara Laxer: Thank you very much.

The Chair (Mr. Shafiq Qaadri): Thank you, Ms. Gélinas, and thanks to you, colleagues from the Ontario Medical Association.

Office of the Information and Privacy Commissioner of Ontario

The Chair (Mr. Shafiq Qaadri): I will now invite our next presenter to please come forward. Mr. Beamish of the Office of the Information and Privacy Commissioner of Ontario. Mr. Beamish, I think you are well aware of the drill here.

Mr. Brian Beamish: I am. Thank you very much.

The Chair (Mr. Shafiq Qaadri): I’d like you to please begin now.

Mr. Brian Beamish: Good afternoon. Mr. Chair and members of the committee, thank you for the opportunity to speak to you today. I am here primarily to express my support to the amendments in Bill 119 to the Personal Health Information Protection Act, PHIPA, in schedule 1 of the bill. It was developed in close consultation with my office. My staff worked very hard on this and we’re satisfied that it presents the necessary framework to support a shared provincial electronic health record network in the province.

We have three amendments. One is a minor amendment to schedule 1; the other two relate to schedule 2, QCIPA. You have that, along with agreed wording. Rather than use my time to explain why I support the bill, I thought my time might be better spent to address some of the issues that have been brought to your attention today and to give you my comments on them.

The first one relates to our first recommended amendment to QCIPA and involves the role of my office, the Information and Privacy Commission, in the quality-of-care discussion. I should underline that we do not have oversight over QCIPA. If you read QCIPA, you will see no mention of the Information and Privacy Commission. Where we do get involved is in the issue of: Is particular information quality-of-care information?

Let me give you a typical scenario to explain that. An individual dies in hospital. Their family, quite understandably, would like to get information about the death, about the care provided and the circumstances of the death. They have the ability to put in an access-to-information request under FIPPA, the Freedom of Information and Protection of Privacy Act, or under PHIPA. That’s not a request put in under QCIPA; It’s put in under FIPPA or PHIPA.

1500

The hospital has to respond to that and hopefully provide records and information, but they may deny access to some information on the basis that it’s quality-of-care information. There is a prohibition on the hospital disclosing that information.

That family then has a right to come to my office and file an appeal under FIPPA or PHIPA. We have a tribunal process that will determine whether they have received access to the information that they have a right to. That may involve us analyzing whether the records withheld by the hospital really have been properly characterized as quality-of-care information. In order to do that, our experience is that we need to see the records. It’s impossible for us to provide a sound decision on whether particular records have been properly categorized and labelled as quality of care unless we see them.

As the QCIPA is currently worded and as schedule 2 is currently worded, the hospital would be in a position to say to us, “We cannot disclose those records to you.” There is a prohibition on disclosing QCIPA records. There are exceptions to that, but one of those exceptions is not providing that information to the Information and Privacy Commission.

Our main recommendation to you is to clarify in the legislation that hospitals are able to provide quality-of-care information to us so that we can perform our duties and functions under FIPPA and PHIPA.

I know that this morning there was some discussion about this and I think the Ontario Hospital Association indicated that we would be bringing this forward. I don’t want to misspeak or mischaracterize the comments that were made but I thought I heard the suggestion that our processes at the IPC were too informal to be entrusted with decisions around quality of care. I really would like to dispel that notion. We handle over 1,400 freedom-of-information requests in the course of a year. We handle requests of patients for their information under PHIPA. Our process is not informal. All of those requests and appeals to our office would go through mediation. We have trained mediators, professional mediators; they’re guided by the law. They perform their duties professionally.

If something isn’t mediated, it goes to an adjudicator. We have very strict rules on how adjudicators handle information and handle appeals. We have rigour to the process. They provide the parties with an opportunity to present their case and then they follow the law in making a decision. So I would like to dispel the notion that we somehow cannot handle this.

I would also note that this is a much easier process than requiring an individual to go to the courts. The family in the example I gave you does not have to be represented when they come to us. They don’t need a lawyer. We’ll give them a quicker and cheaper answer rather than requiring them to go to the courts.

The other comment on this issue that I thought I heard was that quality-of-care information is of a quality and of a sensitivity that somehow it wouldn’t be proper or safe to entrust it to our tribunal. Again, I’d like to really dispel that notion. Just as the nature of our job, we handle sensitive information. We handle personal health information; we handle sensitive law enforcement information; we handle cabinet records; we handle records related to national security. We’re fully aware of our responsibility to ensure the security and safety of records that are given to us.

Let me move on to another issue that has been raised a couple of times, and that is around breach reporting. You’ll know that currently there is no requirement in FIPPA to report breaches to my office. It does happen; custodians do come to us to self-report, but that’s discretionary. They have no obligation to do that, so we’re fully supportive of a breach notification being built into the law. You will know, though, that breach notification will be subject to parameters that are put in place by regulation. We’re fully supportive of that as well. We understand that there is a spectrum of breaches in terms of seriousness. We don’t want to put a burden on custodians to have to report every breach, nor do we want to handle every trivial breach.

We’ve already worked on what kind of criteria would go into a regulation to set the parameters on when breaches should be reported to us. Those parameters could be put in legislation. I wouldn’t have any objection to that. I think my preference, though, is to leave the bill the way it is and have that description left to regulation. I think that provides more flexibility. If we don’t get it right in terms of what the threshold is for reporting, it strikes me that it’s easier to adjust the threshold if it’s in regulation, rather than having to introduce another bill to change that.

There was also some discussion around reporting to colleges, and the sense that any reporting under PHIPA to regulatory colleges should mirror the reporting that’s currently in place. I guess my view on that is, when I look at the current reporting to colleges that’s required, it looks to me like a pretty high threshold. It does talk about professional misconduct. I think if we were to have PHIPA mirror that, we would be relying on custodians to interpret breaches of PHIPA as professional misconduct.

I can tell you, from our experience, that it’s not uncommon for us to deal with a health care organization, like a hospital, which may have found that a staff member was engaged in unauthorized access or snooping and has terminated the employment of that individual. When we ask, “Have you reported to the regulatory college?”, the answer is, “No.”

The Chair (Mr. Shafiq Qaadri): One minute.

Mr. Brian Beamish: That tells me that there is a disconnect between what their view of professional misconduct is and breaches to the act.

My recommendation would be to leave the legislation as it is and, if an individual is subject to discipline for a breach of the act, that there is a duty to report to the college.

I’ll leave it at that and take your questions.

The Chair (Mr. Shafiq Qaadri): Thank you very much, Mr. Beamish. We pass to the PC side: Mr. Yurek.

Mr. Jeff Yurek: Thank you for coming out, Mr. Beamish. We appreciate your comments and your suggestions, and we’ll take a good, close look at them.

As privacy commissioner, do you have comment on what the OMA brought forward, the fact that personal identifiers will be linked and allow the government to access? What’s your view on that aspect?

Mr. Brian Beamish: Well, I do. I think it’s a mischaracterization to suggest that the result of PHIPA will be a database of identifiable patient information that’s available to bureaucrats. I can tell you that if that was the result of it, my comments here to you today would be entirely different.

The act does allow for the ministry to collect personally identifiable information, but there are some pretty strict safeguards placed on that. It has to be collected by a designated unit; the activities of the ministry in the unit—the policies and procedures of that—have to be approved by my office; and that unit must immediately de-identify the information.

I’m confident that our office has the kinds of oversight we need to ensure that the scenario you heard described by the OMA will not come to fruition.

I think we recognize that the ministry has a legitimate need to get information for planning, for funding and for detecting fraud. We recognize that. But there are safeguards in the bill to ensure that that’s done in a responsible way, that our office has oversight of that process, and that you aren’t creating a massive database of personally identifiable information.

Mr. Jeff Yurek: So you can confidently, 100% guarantee that none of that data would be used—

Mr. Brian Beamish: I guarantee nothing 100%.

Mr. Jeff Yurek: Okay. That’s a concern we raised, that that data will be available and accessible. I totally respect your office and your abilities, but human nature is human nature, at the end of the day. That’s a concern on our part, going forward, that we’ll take a look at.

Again, thank you for your presentation.

Mr. Brian Beamish: Okay. Thank you.

1510

The Chair (Mr. Shafiq Qaadri): Thank you, Mr. Yurek. Ms. Gélinas.

M^me France Gélinas: I know that you’ve spent a lot of time on this, and I appreciate your office’s work to bring us to where we are. Let’s say your recommendations don’t go through, but we vote for the bill. How confident are you that if Mr. Ford were to go into the hospital and 200 people accessed his record, there would be consequences?

Mr. Brian Beamish: I guess what I would say is that I’m pretty confident that if someone like Mr. Ford goes back in the hospital, inevitably, somebody’s going to look. Our experience is that despite all the training, despite all the policies, despite people being disciplined and reported to colleges, inevitably, it happens.

I think this bill, though, gives more tools to send a message that it’s not okay. For example, lifting the limitation period for prosecutions: I was listening to the conversation earlier this afternoon. The likely scenario is not that someone’s going to be found having snooped eight years ago; our experience is that someone is found to have done it now, and when an audit is done of their access to the system, there can be a trail going back years that they have been engaged in this kind of activity. The six-month limitation period means that anything beyond six months cannot be used for prosecution purposes. In my view, that trail of activity should be something that is brought to the attention of a judge to indicate a pattern of behaviour. So I think that’s an important piece of this.

I also think that doubling the fines—it’s unlikely that someone’s going to get a $100,000 fine for this kind of action, but it sends a signal. It says, “This is serious activity. You shouldn’t be engaged in it, and if you are, there will be consequences.”

The important piece of this is that people know that they will be detected, and if they’re detected, there will be serious consequences.

M^me France Gélinas: If we look at the other piece, how confident are you that families who are trying to gain closure will actually have more valid information to gain closure?

Mr. Brian Beamish: I would say that with the amendment we’ve proposed, I’m confident that people will get the information that the law allows them to get.

M^me France Gélinas: That’s if your amendment gets through?

Mr. Brian Beamish: If my amendment is not accepted, I would not be confident of that because, in effect, people would be left in the position of having to take the hospital’s word that it’s quality-of-care information.

The Chair (Mr. Shafiq Qaadri): Thank you, Ms. Gélinas. I’ll pass it now to the government side, to Mr. Anderson. Go ahead.

Mr. Granville Anderson: Thank you, Mr. Beamish, for your presentation here today. I know that the IPC was heavily engaged in this process throughout the development of the legislation. I would like to thank you for the time and commitment that you have taken to do this.

As you know, Bill 119 creates an advisory committee to make recommendations to the minister on privacy matters in the future. What do you think about the establishment of the advisory committee? I know you were here and you heard the OMA’s position on it, so could you elaborate?

Mr. Brian Beamish: I think the creation of an advisory committee is admirable. I guess the question is, then, who populates the advisory committee, and the bill is silent on that. I suppose we’ll have to wait to see who the ministry determines should be part of that committee.

I’m assuming they will have a wide range of stakeholders from the health care community and the community at large. That would make sense to me.

Mr. Granville Anderson: Okay. You alluded to the fact that the six-month limitation has been removed. That does help your office to have stricter controls over privacy matters. Please expand on how that would help.

Mr. Brian Beamish: The law currently allows for prosecution of individuals for wilful violation of the act, but the charges have to be brought within six months of the violation. The typical snooping case: As I mentioned, either there’s a pattern that goes beyond six months and those instances cannot be part of the charges, which may limit the advisability of a charge or the ability to prove wilfulness, or the unauthorized access initially occurs outside of the six-month period.

Our view is that lifting the limitation period will allow greater scope for prosecutions. And I’m not talking about prosecutions in every case; I’m talking about prosecutions where there is true wilfulness—very, very serious cases. I think that that can send a signal to the community that this is serious behaviour to be engaged in.

I do think lifting the limitation period will really assist in that. I’ve heard the suggestion that it should be two years or it should be five years. I suppose at some point, you’re picking a number. My preference would be not to have one and leave it at that.

Mr. Granville Anderson: Do I have more time?

The Chair (Mr. Shafiq Qaadri): Thirteen seconds.

Mr. Granville Anderson: I know earlier, you alluded to the fact that you couldn’t guarantee absolutes, that there couldn’t breaches down the road to—

The Chair (Mr. Shafiq Qaadri): Thank you, Mr. Anderson, and thanks to you, Mr. Beamish, for your deputation.

Just for the information of committee members, the deadline for submissions is 6 p.m. on March 10, Thursday; amendment deadline: 6 p.m. on Monday, March 21. We will be meeting for clause-by-clause on Thursday, March 24, after the break.

If there’s no further business or there any questions? Ms. Scott.

Ms. Laurie Scott: Roughly, what time will Hansard be ready? Will that be next week sometime? Do you think that’s the possibility when Hansard might be happening, or is it two weeks? We just didn’t know with those deadlines, which aren’t bad.

The Chair (Mr. Shafiq Qaadri): Hansard, when are your literary works going to be ready?

The Clerk of the Committee (Mr. Christopher Tyrell): Next week at some point.

The Chair (Mr. Shafiq Qaadri): Next week.

Ms. Laurie Scott: Next week? Okay. I think we’re good with that. Thank you.

The Chair (Mr. Shafiq Qaadri): Any further questions? Yes, Madame Gélinas.

M^me France Gélinas: How many people do we have for deputants next week?

The Chair (Mr. Shafiq Qaadri): We’re done.

M^me France Gélinas: We don’t have any more deputants?

The Chair (Mr. Shafiq Qaadri): We have no deputations.

M^me France Gélinas: Do we still have time, if people want to come?

The Chair (Mr. Shafiq Qaadri): I do not think so. I think the deadline has passed. Of course, we can accept written submissions until 6 p.m. next Thursday.

M^me France Gélinas: I thought we still had another day next Thursday.

The Chair (Mr. Shafiq Qaadri): We did, but there were no deputations to fill it—

M^me France Gélinas: —that came in in time.

The Chair (Mr. Shafiq Qaadri): In any case, the committee is adjourned. Thank you.

The committee adjourned at 1517.

CONTENTS

Thursday 3 March 2016

Health Information Protection Act, 2016, Bill 119, Mr. Hoskins / Loi de 2016 sur la protection des renseignements sur la santé, projet de loi 119, M. Hoskins JP-257

Ontario Nurses’ Association JP-257

Ms. Kate Hughes

Ontario Hospital Association JP-259

Ms. Kristin Taylor

Ms. Rita Reynolds

Mr. Joseph Colangelo; Ms. Maria Katherine Daskalos JP-262

Canadian Nurses Protective Society JP-265

Ms. Chantal Léonard

Registered Nurses’ Association of Ontario JP-268

Mr. Tim Lenartowych

Ms. Andrea Baumann

Ontario Medical Association JP-271

Dr. Stephen Chris

Ms. Dara Laxer

Office of the Information and Privacy Commissioner of Ontario JP-274

Mr. Brian Beamish

STANDING COMMITTEE ON JUSTICE POLICY

Chair / Président

Mr. Shafiq Qaadri (Etobicoke North / Etobicoke-Nord L)

Vice-Chair / Vice-Président

Mr. Lorenzo Berardinetti (Scarborough Southwest / Scarborough-Sud-Ouest L)

Mr. Lorenzo Berardinetti (Scarborough Southwest / Scarborough-Sud-Ouest L)

Mr. Bob Delaney (Mississauga–Streetsville L)

Mr. Randy Hillier (Lanark–Frontenac–Lennox and Addington PC)

Mr. Michael Mantha (Algoma–Manitoulin ND)

Mrs. Cristina Martins (Davenport L)

Ms. Indira Naidoo-Harris (Halton L)

Mr. Arthur Potts (Beaches–East York L)

Mr. Shafiq Qaadri (Etobicoke North / Etobicoke-Nord L)

Ms. Laurie Scott (Haliburton–Kawartha Lakes–Brock PC)

Substitutions / Membres remplaçants

Mr. Granville Anderson (Durham L)

M^me France Gélinas (Nickel Belt ND)

Mrs. Kathryn McGarry (Cambridge L)

Mr. Jeff Yurek (Elgin–Middlesex–London PC)

Also taking part / Autres participants et participantes

Ms. Teresa J. Armstrong (London–Fanshawe ND)

Clerk / Greffier

Mr. Christopher Tyrell

Staff / Personnel

Mr. Andrew McNaught, research officer,
Research Services