Tuesday 14 September 1993

Annual report, Provincial Auditor, 1992: Ministry of Health

Information and Privacy Commissioner

Tom Wright, commissioner

Janet Gore, senior policy and research coordinator

Ontario Medical Association

Dr Tom Dickson, president

Peter Berwick, director of administrative services

College of Physicians and Surgeons of Ontario

Dr John Carlisle, deputy registrar


*Chair / Président: Cordiano, Joseph (Lawrence L)

*Vice-Chair / Vice-Présidente: Poole, Dianne (Eglinton L)

*Callahan, Robert V. (Brampton South/-Sud L)

Duignan, Noel (Halton North/-Nord ND)

Farnan, Mike (Cambridge ND)

*Frankford, Robert (Scarborough East/-Est ND)

Hayes, Pat (Essex-Kent ND)

Marland, Margaret (Mississauga South/-Sud PC)

Murphy, Tim (St George-St David L)

*O'Connor, Larry (Durham-York ND)

Perruzza, Anthony (Downsview ND)

*Tilson, David (Dufferin-Peel PC)

*In attendance / présents

Substitutions present/ Membres remplaçants présents:

Fletcher, Derek (Guelph ND) for Mr Hayes

Martin, Tony (Sault Ste Marie ND) for Mr Duignan

Sullivan, Barbara (Halton Centre L) for Mr Murphy

Sutherland, Kimble (Oxford ND) for Mr Perruzza

White, Drummond (Durham Centre ND) for Mr Farnan

Wilson, Jim (Simcoe West/-Ouest PC) for Mr Marland

Also taking part / Autres participants et participantes:

Peters, Erik, Provincial Auditor

Clerk / Greffier: Decker, Todd

Staff / Personnel: McLellan, Ray, research officer, Legislative Research Service

The committee met at 1008 in room 151.


The Chair (Mr Joseph Cordiano): Members of the committee, I would like to quickly call this meeting to order as we are running a little late.


The Chair: We have this morning Mr Tom Wright, the Information and Privacy Commissioner. Welcome to the committee, Mr Wright. I guess we have two hours with you this morning. If you'd like to make some comments, and then usually members like to ask questions. If you allow for some time, we would certainly like to pose some questions to you.

Mr Tom Wright: That's fine; I will, then. I do have a few opening remarks which are indeed brief.

I'm pleased to have the opportunity to appear before the committee to address an issue which is of concern to the Office of the Information and Privacy Commissioner, obviously members of this committee and many others. But before I begin my remarks on the gathering and management of personal health information, I'd like to take a moment and place them in the context of Ontario's access and privacy legislation and the role of the Information and Privacy Commissioner.

The Freedom of Information and Protection of Privacy Act applies to all Ontario government ministries and most provincial agencies. The Municipal Freedom of Information and Protection of Privacy Act applies to local governments across the province: municipalities, school boards, public utility commissions and other local agencies.

The Information and Privacy Commission is an agency of the Legislative Assembly and the Information and Privacy Commissioner is an officer of the assembly reporting to the House through the Speaker.

The role of the Information and Privacy Commissioner basically involves four elements.

We are an appeal body under both pieces of legislation responsible for reviewing decisions by government organizations regarding access to general records.

Secondly, and most importantly in the context of today's session, we are responsible for ensuring that government bodies comply with the privacy requirements of the acts, the rules that cover the collection, retention, use and disclosure of personal information.

Finally, we are responsible for ensuring that members of the public understand their rights under the acts as well as how to go about exercising those rights. We also comment on proposed government initiatives which have access and/or privacy implications, and in this role we see ourselves as advocates for the concepts of access and privacy.

As I mentioned, the acts create a system that protects the privacy of personal information and set out rules which cover the way government organizations collect, store, use, disclose and dispose of personal information.

Both the provincial and municipal acts base their privacy protection roles on a code of fair information practices. The principles contained in this code were developed by the Organization for Economic Co-operation and Development, otherwise known as the OECD, in Europe and are the basis for privacy legislation in many jurisdictions.

For our purposes today, the principles which I feel are most relevant, as contained in those guidelines, are the following:

Governments collect only the information needed to operate their programs and use this information only for the purpose for which it was collected or for some consistent purpose.

Wherever possible, the information is collected directly from the individual concerned.

The individual must be informed of the purpose for which the information is being collected.

Those who collect the information must take whatever precautions necessary to ensure its accuracy and security.

Finally, such information must be retained long enough to give the individual to whom it relates reasonable time to access it and review it for accuracy.

As I mentioned at the outset, as I understand it, my purpose here today is to address the question of the gathering and management of personal health information and, in the context of my role and responsibilities, share with you some of the issues I feel should be addressed. It is not my intention to make recommendations about card technology or health care in general. What I will be addressing are the access and privacy issues which I feel the Ministry of Health and other government organizations need to consider.

I think it's fair to say that any system that collects the amount and kind of sensitive personal information that currently flows through Ontario's health registration system must have adequate controls in place to protect the privacy of individuals to whom that personal information belongs. I'd like to stop for a moment and emphasize the significance of the word "belongs." I think at times a concept that escapes us is, because the government has personal information about an individual does not mean that that is the government's information. Fundamental to the rules of privacy is the recognition that the personal information belongs to the person to whom it relates.

The government has that information, I would suggest, in a kind of contract with the individual that in fact there are responsibilities on the part of the government when it is given access to this information. The rules that we have in Ontario today, as I've indicated, are captured in the two access and privacy acts that we have. But fundamental to looking at privacy, as we understand it in Ontario, is this concept that personal information belongs to the individual. The fact that they may be required to provide it to government in order to obtain a benefit or in terms of perhaps obtaining a licence or something of that nature does not in fact change the ownership of that information. It doesn't suddenly become the information of the government, and the government is simply not free to do whatever it wishes with that information. It's subject to the controls that the act contains.

I think that the controls that I've mentioned become even more important when considering the expansion of the health registration system to the degree that has been recently reported.

Looking back for a moment to when the current health card and number were being introduced, the then Minister of Health, Evelyn Gigantes, made a commitment to the protection of privacy when she introduced legislation relating to the health card in December 1990:

"The protection of the privacy rights of citizens demands the constant attention and care of government in an age of computers and information systems. This government will maintain vigilance on behalf of all Ontarians."

The current legislation, the Health Cards and Numbers Control Act, clearly prohibits the use of the card or the number for any purposes other than health-related ones. Now, at that time, we were gratified to see that our privacy-related concerns were reflected in that act. In our view, these controls will continue to apply to the health card if the identification card system is changed by the Ministry of Health.

Having said that, however, I think there are a number of questions still to be answered in any change to Ontario's health registration system. I've certainly heard about the issue of a photo identification card. If that in fact is in the works, there are questions around the collection, use and disclosure, as outlined in the Code of Fair Information Practices, which present themselves.

How will the photographs be obtained? If through the Ministry of Transportation's drivers' licence bureaus, will the Ministry of Transportation have consent to disclose photos to the Ministry of Health?

Will the Ministry of Transportation be responsible for retaining the photos, updating the database and forwarding updated photos to the Ministry of Health? What about those people who do not drive; who are not yet 16 years of age?

As well, the Ministry of Transportation's database is semipublic. The Ministry of Health's database is not. What controls will be placed on access to information collected for health-related purposes?

What kind of personal identification card is being contemplated? Different kinds of cards have different levels of security.

The magnetic stripe on the current health card holds four pieces of data: the individual's name, date of birth, gender and preferred language of correspondence. There is no built-in security for the stripe. The card does not restrict access to the information.

If the card's information bank is to be expanded to include more data, or a photo card is contemplated, is a smart card format under consideration? Simply put, a smart card is embedded with a computer chip that stores information. Our commission's smart card paper, copies of which I believe were provided to Mr Decter, describe our privacy concerns related to the use of smart cards in Ontario. On the other hand, smart cards have a built-in level of security, so access to information stored on the card can be controlled.

Whether a new identification card contains a photo or some other unique personal identifier, I want to return to our concerns related to its collection, retention, use or disclosure for anything other than health-related purposes. I think we're all familiar with the experience associated with the use of the social insurance number in this country. I think it is shown that a series of numbers can quickly come to be used as a personal identifier. The SIN was first introduced in 1964, intended only for unemployment and Canada pension plan use. Today it is used and accepted as a standard, universal identifier, and any controls placed on its use at this time are probably too little and a little bit too late.


Having made these comments about the privacy aspect of things, I'd like to make it clear to the committee that our office does understand the need for mechanisms to control inappropriate use of health card numbers, to ensure that tax dollars are being spent to their best advantage in Ontario's health registration system. However, the protection of individual privacy is also the responsibility of the Ministry of Health, and privacy protection must be considered at the earliest possible stage.

The principles set out in the Code of Fair Information Practices place the onus on government to protect the privacy of Ontarians. It is important to stress that this protection is not at odds with the goal of eliminating inappropriate use of the system. Any system that relies on accurate and up-to-date personal information in order to function effectively must take the principles in the code into consideration, again, at the earliest possible stage, at the beginning when the system is being designed.

For some time now our office has been calling for legislation relating to personal information contained in medical records. The Ministry of Health has been working on a law that will address access and privacy issues related to health care information. However, it has done so, to be candid, sporadically, and I understand that further work on the legislation has been postponed. I think the current situation further demonstrates the need for such health care access and privacy legislation.

By way of conclusion, I think the committee is engaged in very important work and I appreciate the opportunity of being able to comment today on the privacy concerns that I think may arise. I hope my comments will be of assistance in your deliberations.

In closing, I would like to leave with you a single request. In your deliberations I ask the members of the committee to support the preservation of privacy rights of individuals. Thank you very much.

The Chair: I would like to thank you very much for your comments. I think they're enlightening. This is certainly an issue, you can see by virtue of the fact that we have you here before us today, that is important to the committee. I think you'll see that members will be very interested. There are a number of members who want to ask questions at this time. We'll move in rotation. Perhaps we can do 15-minute rotations and start with Ms Poole, who's on the list, and then Ms Sullivan for the official opposition.

Ms Dianne Poole (Eglinton): Mr Wright, welcome to the committee and thank you for the presentation. You've certainly given us some food for thought. You made it very clear in your presentation that you believe that because government has collected the information does not mean that personal information belongs to the government. To follow up on that, you've said that personal information belongs to the individual.

One of the concerns I had recently when it was alleged in the newspaper that the current provincial government is planning to sell some of the information on its records, one of the thoughts that crossed my mind was the impact on the health care problems. There is a great deal of information, I believe, that they plan to collect when they bring out their new card, and I can see that this would be very beneficial to certain companies or industries -- pharmaceutical, whatever -- if the government chose to sell that information.

Have you had any meetings with the Ministry of Health or with Management Board concerning this particular aspect, have you expressed your concerns and what has the response been?

Mr Wright: We have indeed met with the Management Board secretariat with respect to the larger issue of what is being described as tradeable data. The notion today of course is that information in the hands of government is a commodity and that in fact more use should be made of that commodity for purposes of generating revenue. The concerns that we have expressed relate exactly to the type of situation you pose, and that's the potential for the sale of personal information.

I think it's important that we make a bit of a distinction in terms of what we mean by personal information. Personal information means that the information in question can be attached, if you will, to an identifiable individual, to a person. The fact that the name is removed may indeed make it more anonymous, in which case that may well change the notion of whether or not a sale should or should not be permitted.

In terms of the response that we've received, Management Board presently has under way something called a tradeable data directive. This directive will apply to all provincial government ministries. It sets out rules around the sale of data. We have had a number of consultations and meetings with Management Board secretariat and its representatives. We feel that they have moved in a positive way in terms of the issues of personal information and controls around its sale, although the concerns do not disappear. The question still arises. Even with the directive in place, it doesn't necessarily prevent an individual ministry from contemplating, or from changes being made down the road in terms of, the sale of personal information.

It's a fundamental concern for us and one that we have explored with Management Board secretariat.

Ms Poole: I personally find it quite reprehensible for the government to consider selling information that was given to it by individuals with the full understanding that it would be confidential and that it was necessary for the operation of government. But to trade that off by saying that we need more revenue -- I really can't use any other word than "reprehensible."

I'm particularly concerned with the health card, because it's obvious that the ministry must collect generic data in order to be able to predict trends and do proper health care planning. I think that's something we all support. But if you have a situation where that information that is given with all hopes and expectations of confidentiality by the individual is made public, then I as an individual would feel betrayed.

When you were meeting with Management Board to discuss, I think you called it tradeable information --

Mr Wright: Tradeable data, yes, information.

Ms Poole: -- did you specifically talk about the health card and what kind of security could be built in and in fact specific legislation that would prevent information from the health card that would specifically identify an individual from being traded? Did you discuss the specifics or did you have more general discussions with them?

Mr Wright: We did not discuss specifics as they relate to health card information. Again, to be fair, I believe the directive recognizes the importance and the distinctions between the sale of personal information and other information that the government may have, that it may collect for, say, mapping or something of that nature. I think there is a recognition in the directive as it presently stands -- it's not yet in force -- that does show an awareness of that distinction.

But we did not address specifically the question of health care information. I think we can't ignore the fact that the existing Freedom of Information and Protection of Privacy Act does contain rules around what can be done by way of disclosure of information. However, in terms of specifics, we have been in touch with the Ministry of Health already. A letter was sent early this month to the minister advising of our concerns around the changes to the registration system, as we have in the past offered to work cooperatively with the ministry in terms of making sure the controls that we feel are necessary from a privacy protection standpoint are put in place before the system is actually fundamentally changed.

That's the kind of direct action we've taken with the ministry itself as opposed to Management Board secretariat.

Ms Poole: Just one final question, because I know our health care critic has a lot of questions for you: The letter you just mentioned that you wrote to the Ministry of Health, would you be able to share that with the committee? Would that be a problem for you?

Mr Wright: I don't see why not. Yes, certainly.

Ms Poole: Because I think it would be very helpful for us to see what kind of concerns you have already targeted and so we know what to look for.

Mr Wright: Absolutely. I'd be happy to do that.


Mrs Barbara Sullivan (Halton Centre): I'd like to say, Mr Wright, that the information you've presented to the committee is very useful, including the document on smart cards, which we'll certainly be looking at as we move ahead on this issue.

I'm interested in what you have to say about the ownership of medical records, because it seems to me that the records are collected for a number of purposes. There is a record of health care services, perhaps a medical record, a record of eligibility, records which are collected for purposes of billing through the OHIP and ODB system, records which may well be kept for epidemiological purposes, to establish trends or utilization reviews and planning reviews and so on.

I understand that there have been some legal interpretations with respect to the ownership of medical records by physicians. I wonder if you could put some information about that on the table. Who in fact does own the medical record which sits in a health provider's office, or perhaps in a facility such as a hospital or a senior citizens' home, and what rights does the government have to access to that data?

Mr Wright: I can offer my best understanding of the question about ownership of medical records. My understanding is that the Supreme Court of Canada, in a decision within the past year -- and I don't have the exact date -- determined that the actual ownership of medical records in the hands of a physician lies in the hands of the patient. It is the patient's information and that person should in fact have access to it, subject to certain exceptions, such as if finding out the information is likely to cause distress or something of this nature. There is room to leave a bit of a door open in terms of exceptions. But that is my understanding as to the issue of ownership. It lies with the patient, which of course is consistent, I think, with what I said around other types of information that come into the hands of the government because someone has come in contact with the health system.

But the fact of ownership residing with the patient I don't think changes what governments are entitled to have by way of access to that information. What the privacy legislation does is set out some controls around what type of information can be collected and the use and disclosure of that information once it's in the hands of government.

I agree with you certainly in terms of planning purposes, which are certainly a focus of the new health registration system and looking down the road in terms of the health care system. I don't see the act as providing anything that will prevent that kind of planning from taking place. The way in which it would be done, to my mind, would be simply by anonymizing the information. If you need to know that x number of operations of a particular kind are done in Ontario each year, that's what you need to know; you don't need to know necessarily that person X is the one who had that operation. That's really what the act focuses on. It focuses on the connection between an individual and, in this case, a particular procedure. I don't see it preventing the legitimate uses to which that information might well be put.

Mrs Sullivan: The Ministry of Health appears to contemplate that the health care provider and/or facility will have an increased responsibility at the point of health care service delivery with respect to updating information which is included on the cards or providing information to the ministry with respect to the individual, perhaps about the record or perhaps simply with respect to an address change. What is your view on the appropriateness of the provider or of the facility being placed in that heavy a position and in that responsible a position with respect to the updating of registers? I have another question to follow on that.

Mr Wright: I think one of the key points, certainly from a privacy protection perspective as well as I think in the interests of the health registration, is the accuracy and up-to-date nature of the information that's in the system. As a matter of reaction, I really haven't, quite honestly, thought about the question that you just posed in terms of the appropriateness, but it strikes me that certainly the individual who has come in contact with a health care provider would certainly be in a position to obtain accurate and up-to-date information at the time.

I think the question that arises -- and I don't want to preempt, perhaps, where you're going next -- is, who should be able to do the updating? Who should be able to have access possibly to the information that's contained in a database at the time a person comes to visit a physician? I think these are questions that would need to be asked. As I say, I really have not given a great deal of thought to the notion of who would best input the information, but there are other issues that unquestionably do arise when you parcel it off.

If I may just sort of complete the thought, that's why, at the end of my comments, I made mention of health care access and privacy legislation. Ontario's access and privacy legislation only applies to government. There is no similar type of rules in place when you move into the private sector. There are no controls -- and I'm talking about legislative controls -- around how physicians, hospitals etc use or disclose that kind of information. Obviously there are rules of practice, ethics etc, but in terms of legislation, there is nothing in place at this time. That's why we feel it would be something that may well address some of the very concerns that you've just identified.

Mrs Sullivan: I think that these are important areas, because the government is clearly going to rely on the provider for information. Certainly with respect to eligibility, my understanding is that the professional codes, certainly for physicians, mean that the physicians are not allowed, under their professional standards and codes of ethics, in fact to provide that information or any information, including address changes.

So we have a problem as we move along the line here. The government wants the information for up-to-date registry purposes. Physicians, under their code of ethics and professional standards, are not allowed at this point to provide that information.

Along the way as well, even with an address change, there doesn't appear to be a provision for the consent of the individual to make those changes. We've heard that there's no strategy or action plan in this area, but clearly steps are being taken. Those steps that are being taken will rely on the point of service for updating, correcting, changing information and for reporting problems such as suspicion of fraud in that system. In terms of the ownership of information, the use of information etc, I think we've got a very large problem here that has to be addressed.

Mr Wright: You make a number of excellent points. Certainly one of them is the whole notion of consent or even awareness of the individual in terms of what is going to happen to the information he provides to an individual.

I'm not aware of the specifics around the code of practice that permits or doesn't permit the providing of information, but I think the question may arise as to the statutory authority of the ministry to obtain certain kinds of information relating to services provided for purposes of billing etc. I suspect that there is the authority for the ministry to obtain this kind of information, but again, I think you raised the very important point about, at the instance of collection, what the individual knows about the information that's being collected and, more importantly, how it's going to be used and where it's going to end up. I think there is an obligation to make people aware of those facts.

Mrs Sullivan: The next question that I have relates to the purpose of the collection of the information. We have heard before this committee that the government is considering the implementation of an across-the-board personal identifier. My personal conclusion is that the personal identifier could not be used and data could not be collected for health care purposes as a total vehicle; that because of the nature of the legislation surrounding health cards and the broader purposes that a province-wide card would mean, there would still have to be a separate database and separate rules with respect to the medical health care records. Do you concur with that?


Mr Wright: You're talking about the idea of a single government services card, that kind of idea?

Mrs Sullivan: Yes.

Mr Wright: We have very, very serious problems with the notion of one government services card. I think you've identified one of the very real issues; that is, it would entail, one would assume, one very large database or connected, linking databases. The potential of that I think is incredibly significant in terms of the privacy of individuals.

We talk at times in the theoretical, but what it would allow you to do, for example, would be to profile individuals. You would be able to tell every interaction that someone had with government, presumably with the push of a button; as you mentioned earlier, notions around the potential for marketing the information that's contained. There are companies out there that like to profile consumers. I'm sure there probably is some use that can be made of the information in that kind of database. The whole notion of tracking individuals, what their behaviour has been, if they've come in contact with the justice system, if we have polls, things of this nature, there's the ability to track.

It's funny when people become aware of these kinds of issues. One of the sources of complaint we have relates to the Ministry of Transportation and the fact that it performs various travel pattern surveys. What happens is that apparently an individual will get a letter saying something like, "You were observed travelling along road X at such and such a time." People are flabbergasted that someone out there, not for any kind of improper purpose, leaving aside the need or whatever to do that kind of survey, someone associated with government has, as they see it, tracked them or has had the ability to track them. I think when you start talking about one database, all you've done is make worse the potential for the use around that kind of information.

There are ways, I'm sure, to control the way in which segments of information are accessed. Indeed, health information could be segregated, other types of information, but once you start on that road, it then becomes a matter of, if you will, to some extent, the good graces of the government of the day to decide what should happen. It's there. I think at times the attractiveness of doing certain things when you have all the information in that place in fact weighs against what are the real privacy interests. I think when you start moving into this area you really are hitting at a question that, for any other jurisdictions that have looked at the idea of one number or one card, has been a fundamental issue as it relates to privacy.

Mr Jim Wilson (Simcoe West): Just along this line of questioning, I too very much appreciate your paper with respect to your comments surrounding the introduction of smart card technology. I was a little surprised to hear your remarks just a minute ago when you sounded very negative about smart cards. Your paper certainly doesn't indicate that. Your paper indicates that, with proper security measures, it is indeed possible to introduce smart card technology. In fact, you point out that in three cases, or certainly in two cases, in the Ajax Ridekey program and of course in the Encounter card pilot projects, smart card technology is already being used and will likely be used. It certainly is my understanding also, with the government's introduction of highway tolls, it is the same technology.

I want to ask you a question about what you just said, because it's also contained on page 1 of your report, where you say, "The same technology that allows the government to facilitate the delivery of programs and services can be used to monitor and control its citizens."

We've heard in these committee hearings from the Liberals that this is one of the reasons they introduced a single number for health care. The idea is to take that information -- in an anonymous way, granted, but that's open to debate -- to profile health care users and to do a back-end analysis and, one would expect, to catch fraud in the system, which is the subject of these hearings.

I guess where I fail to see the consistency is that we're doing that anyway. I don't know what consumers think the government does with this information that it retrieves in the form of using the plastic health card, but that's exactly what the government intends to do. That's what they've been doing in Manitoba. That's what they've been doing in Europe for years. I don't see smart card technology changing things all that much with respect to the use of the information from government, except that government would have more accurate information.

Mr Wright: Just if I may comment on your initial observation about inconsistency, my comments were directed to the notion of having one number assigned to an individual as it relates to all government services, not simply health care services.

I think there's a very clear distinction to be drawn between that. Certainly, as you say, the report does point out some of the very real positives around smart card technology and what can be done with the kinds of controls that are available: encryption; the ability, again, to do segments of information, and access to it. But that is in the context of the notion of possibly multiple smart cards with different types of information on them or the absolute controls around who has access to the type of information that's on a smart card.

If you had one card for all government services, what controls would be in place, for example, if you produced that card at the Ministry of Transportation? Does that mean that whoever is looking at it would have the opportunity to know that at some point you had been receiving some form of social assistance or who knows what else? Would have access to your patient record, using the health example?

It's not that the technology is flawed and it's certainly not that we would be opposed to the notion of a smart card, but I think the challenge would be to ensure that sufficient resources were spent to see that the controls that are available were actually put in place. I understand expensive controls at times would have to be put in place; otherwise the privacy concerns, I think, are far more likely to arise.

Mr Jim Wilson: I think when people look at smart cards, they are talking about what you referred to on page 5 at the bottom as the "segregation of multi-use applications to prevent possible merging or matching of various databases." I'm not sure about the databases, because I agree with your concern about having one large database, which, to me, would be necessary if somebody were to lose their card. The information has to be stored centrally somewhere, which is a problem in keeping them up-to-date.

The type of vendor who comes to see me, for example, has smart cards that can only be accessed in your presence with your fingerprint. The technology allows the chip to actually segregate information so that one database isn't merging with the other. Essentially, your imagination is the only limitation to what you can do with these, as far as I can tell. When I envision an Ontario smart card or a government-wide card, I do envision one card which would have hunting and fishing and driving and medical services, the whole range of plastic cards now, but an absolute separation with respect to who can access what, which I'll want your opinion on, because I know that's possible and there are a lot of problems with it.

But right now, if I hire a private investigator, and the lawyers in the room will know, you can find out just about anything you want on someone. You probably know that. You certainly know that if anyone hires a lawyer and is involved in trying to find out someone's driver's record. I don't know how they do it. I suspect they all have friends in different departments or you go to the local police officer in his own police car. You can call up much of the record, for example, that you would need for those purposes.

I say to the people, "Look, wouldn't you rather have one guard in front of one database, where at least we know what information is being gathered by government and we have the potential to control it?" You do allude to that in the paper. As the current system is, you have, say, 20 databases with 20 guards, and there are a lot of little areas in government where perhaps your office knows but my office doesn't know or have much confidence in the security that's currently being provided and who has access to what. From a consumer point of view, I would think that you could sell a smart card, an Ontario-wide card, by actually enhancing security. Do you have any comments on that?


Mr Wright: I think your observations are to the point. There's no question that the technology is there, as I understand it, in terms of putting in place the kinds of security. I think really the fundamental question is, will sufficient security be put in place? To go back to a point I made earlier, I understand the question of cost does raise its head around the ability to do some of these neat little things that these cards can do and put the proper controls in place.

Mr Jim Wilson: I agree. What I particularly appreciate about your paper is all of the legislative controls that have to be looked at and the protocols drawn before government ventures down the road. I totally agree with that, and I do see this as a very long-term project to government, although I would, Mr Chairman, be interested to hear from the Management Board secretariat with respect to where exactly it is in looking at an Ontario-wide service card.

Mr Wright: If I may make one follow-up comment, the point that Mr Wilson has made about a coordinated strategy is something that we also strongly advocate in our smart card paper. The notion of a piecemeal type of implementation really is not the way to go.

Mr David Tilson (Dufferin-Peel): It's interesting how this topic all got going, at least recently, and that was because of the fraud that's being alleged in this province with respect to health cards. Now, all of a sudden, we're talking about drugs, and I know that's part of it of course, making sure that people aren't getting double usage of drugs so that they can go to one pharmacist and get something and then go to the next pharmacist and get the same drug and then sell it. That's what's being alleged, I suppose.

Now we're talking about making information available. On the one hand, it is kind of scary, whether you're talking about a police camera photographing a car, as you say, or the whole issue of some private company called Teranet owning information on our real estate holdings and what we own and how old we are and whether we're married. On it goes.

Now we're talking about other information that could be made available to the partners, the partners being the drug companies, the partners being the pharmacists, the partners being the hospitals and all the various providers. A whole slew of clerks who work in these various stores will have access to this information. It's rather scary stuff that, all on the dot of some microchip somewhere, someone is going to know all kinds of things about us.

I guess, on the other hand, the other side of the coin is that if we want free service, if we want health service provided by the state, then are some of our rights going to have to be surrendered, without turning into a Big Brother type of society?

I'd like you to tell me -- I'm getting to my question finally -- whether you or your staff have had an opportunity to review the situation in Britain, which I understand is loosening up information or making more information available at the expense of the individual. At least, that's what I understand, that Britain is perhaps going the other way. In other words, there's the interest of society and then there's the interest of the individual and which is more important. There's that happy median that we need to find. Can you tell us anything about the British experience?

Mr Wright: I'm sorry, I can't. I'm not aware; I have no information. Janet Gore from my office is here; she is a senior policy adviser. She can, I understand, just very briefly tell you about the generalities, not specifics, if that would be of any help to the committee.

The Chair: Sure. Why doesn't she come forward and introduce herself, or, Mr Wright, you can introduce her.

Mr Wright: This is Janet Gore. Janet is a senior policy adviser with the information and privacy commission.

Ms Janet Gore: Mr Tilson, in Britain, although it's not an area that I have studied extensively, they do have a data protection law for the private sector, where companies that are collecting and using information have to register with a central registry. But I'm not particularly familiar with what you're talking about. Are you talking about a specific situation relating to health information?

Mr Tilson: My understanding is that -- it's just something that I've read somewhere; I don't even know whether it's accurate and that's why I'm asking you what you know about it -- Britain is favouring the societal interest at the expense of the individual.

Ms Gore: I don't think I can comment. I can do some research for you on the current state of data protection in Britain, if you would like. I'm not aware of --

Mr Tilson: I guess I'm getting to the issue as to the general societal interest. I'm looking at a state that perhaps has looked at the general societal interest as opposed to the individual, because I believe you can go too far either way. I mean, we can have the Big Brother type of state where governments, on a little microchip, know everything about us -- everything as opposed to not being able to find out anything.

Mr Wright: I think of the words you used earlier; that is, the appropriate balance that the public is comfortable with. I can sit here certainly as a privacy commissioner and, as I indicated, as an advocate of privacy. At the same time, I recognize that there are competing interests and I think the challenge for everyone is to find where the balance lies. I hope that we can begin with certain givens, and one of the givens that I feel is important is an acknowledgement of the right of the individual to privacy. There's no question that when you obtain a service there are certain parts of your information that you are required to give up, but there need, I think, to be clear controls in place around the use of that kind of information, how much information is collected, the kinds of things that Ontario's privacy legislation talks of.

I agree with you: It's not a pure one or the other. I do think that trying to find where it should be by way of the needs of government in terms of spending money and the needs of the public in terms of privacy and other larger interests, finding that balance is not easy. There's no question about it.

The Chair: Mr Tilson, we've run out of time.

Mr Larry O'Connor (Durham-York): I want to thank you for coming. We've certainly got some concerns over the fraud elements and any experience you can give us on the privacy elements of any changes we might look for is going to be indeed both important and valuable to the committee.

I note that with my Outdoor Card there's a strip on the back and I just wondered -- it's probably a question you might not be able to answer -- what information is in that strip. I suppose you don't know.

Mr Wright: Sorry, I don't.

Mr O'Connor: So within that strip there is not likely something that could be a problem as far as privacy is concerned?

Mrs Sullivan: Your weight and height are on it.

Mr O'Connor: Maybe some of that information is the same that is on the health card at present that has that magnetic strip.

Mr Wright: My understanding is that for the health card there are only four very sparse elements of information on it, not including, as I understand it, address. I am not familiar with the information that is on the magnetic stripe itself.

The privacy concerns, however, arise certainly in terms of what information is on that card, but they really kick in as well when you look at who has access to the information that's on that stripe. Is it everyone? I'm not sure when you would actually use that stripe, whether it's renewing the card or in what way, but that's where the privacy element kicks in as well.


Mr O'Connor: I know that when I do have an opportunity to go fishing in Algonquin Park early, usually in May, and we're back a couple of lakes in the canoe fishing, quite often a conservation officer will come by and of course ask us for our permit to fish. Obviously, you don't have capabilities in the boat of reading this magnetic strip, so one does question it.

Is it possible that you know of any way of this being tampered with, that magnetic strip, the information on it?

Mr Wright: I'm sorry; along the technical lines, really, I don't have that information.

Mr O'Connor: No, I'm just asking perhaps if somebody had come forward to you with a difficulty in the past of somebody misusing that type of technology. It's not the most modern, it's not as fancy as the smart card, but have you had any problems with anybody tampering with that technology that you know of at this point?

Mr Wright: I could ask Ms Gore, again, to help me out here.

Ms Gore: The thing about a mag stripe versus a smart card is that the information that's contained on it has no security attached to it. It's true that some of it could be maybe encrypted, but generally it's just sort of there, so anyone who has a reader can read it. Not everyone could then fiddle with it. It's in the production of the card, so I don't know if they could be tampered with. But our concern is about who has access to that, and if perchance that was a health card that had more sensitive personal information, just anyone swiping it could find out, through a reader, not only your address but also some other things. That's where our concern comes in.

Mr O'Connor: Through the experiment up in Fort Frances with the use of the smart card, could you see any areas that you would have concern around privacy of the information that was used during that experiment?

Mr Wright: Our office actually worked quite closely with the Ministry of Health throughout that particular project -- I think they called it the Encounter project -- and throughout we brought to the attention of the ministry concerns that we had about how it was progressing, things like the patients being aware that the information was being collected and what was happening with that information. It's a very big question from a privacy perspective. It's very important that individuals have access to their own personal information and that they know what information they are carrying around on the card.

Again, questions of that nature arose, and in fact there was a capability, a little complex, for individuals to get to see what's in fact on the card that they're carrying around in their wallet. That was sort of the extent of how we were involved. We raised issues with the ministry around confidentiality, who had access to the information, the kinds of things that are touched on in our smart card paper.

The Chair: Mr O'Connor, there are two other members on your party side wishing to ask questions.

Mr O'Connor: Okay. One final question, thank you. In making any changes -- and we're looking forward to any sort of recommendations that might come out of this and some valuable back and forth with my colleagues here yet to come -- did you see any need for any legislative changes to protect the freedom of information or elements of privacy for health care cardholders in the province if we moved forward with either a photo ID, a smart card or just further information on the health card?

Mr Wright: As I indicated in my remarks, I think the present legislation is workable as it relates to information that's in the hands of government organizations. Where it does not extend is into the private sector. Those kinds of rules do not extend into the doctor's office, the hospitals, things of this nature. There are no similar rules in place, at least in legislation. I would see that as being a real plus if it were to go along in conjunction with some of the kinds of changes the committee may be considering. I think it depends on the nature of those changes.

Mr Robert Frankford (Scarborough East): For a starter, I'd like to take the opportunity of elaborating for Mr Tilson, and I think other members, the British situation, because I think it can be very useful in our deliberations. The important thing, of course, in Britain, is it's a non-fee-for-service system, so there is no need for reporting of health services centrally and this doesn't happen. We've got a registration system. All the central government knows is the identifier of the registered people and pays for them, the same as, Mr Martin can tell us, happens in Sault Ste Marie very successfully. There are many other benefits to this. So I think we must be looking at the possibility of structural change and possibly even a cardless system, because I think even in the privacy concerns but more in the system management, the benefits of a cardless system will become more and more apparent.

In Britain there is reporting of aggregate data from health care providers which goes to district health councils, but it is aggregate data and it is used for planning in an constructive way. I was speaking with Dr John Forster of the University of Ottawa last night, who was one of the coauthors of the article mentioned in the Ontario Medicine publication that was circulated. I think the committee might well ask him to come here, because I think there are many aspects of the British approach that would be very useful.

Just to use a bit of my time to ask you a question: Have you looked at the proposed drug linkage system and have you any thoughts about privacy concerns when the patient is going to get informed by a pharmacy of mixtures of drugs that they shouldn't be taking? Do you think this is something which raises issues that you should be involved with?

Mr Wright: Our office has been involved since, in fact, well before any announcements were made around this kind of potential and we are in regular contact and consultation with, I believe it's the drug programs reform secretariat at the assistant deputy minister level. There's an assistant commissioner, Ann Cavoukian, with my office who is leading the role of the office in that and we are involved in terms of the privacy concerns. I don't have the exact details of that involvement, but I can assure the committee that we are involved. There are concerns that we have around several aspects of that. Again, part of it relates to the information that's in the hands of the private sector and the kinds of controls that are in place in that way around that kind of information, so we are involved in terms of what that secretariat will be doing.

Mr Frankford: I guess the ones dealing with commercial pharmacies which could be using that information.

Mr Wright: I think the concern is just what happens in terms of that information, and someone has mentioned the issue of drug manufacturers and this whole notion of what I think is a very sensitive type of information, which is our medical information and just who has access to it.

Mr Frankford: So if it's maintained under professional control, it's okay.

Mr Wright: It's hard to argue against the notion that people should have the benefit of a professional's advice that perhaps mixing two kinds of medication is simply a health risk. I would be hard pressed to sit before you this morning and suggest that that is something that, from reasons of privacy only, should not be done. The question once again I think does come down to balance.

Mr Drummond White (Durham Centre): Thank you, Mr Wright and Ms Gore. I found many parts of what you had to say very, very interesting, the issues around who owns the information and who has control of the information. We had a discussion and a lot of very scary talk, but I wanted to clarify a couple of things in your role. We had an opposition member suggesting that the government was selling off data like membership lists for magazines or something, that personal data was being planned to be sent off. If any confidential or personal information was to be sold off, you would of course be consulted, and have been.


Mr Wright: I'm sorry, sir, we would not have necessarily been consulted in terms of specific instances of proposed sale. That simply has not been the practice. We are not consulted.

Mr White: However, you should be.

Mr Wright: I agree.

Mr White: I quite agree as well.

The Chair: Mr White, you have one minute left.

Mr White: The issue with the smart cards, I think, is very interesting, the issue of who owns the information. Many people of course get scared when they hear about smart cards with all this data about them being accessible. But it is quite possible, with the technology we have, to have prescribed usages of those cards, such as has been described where if you have a fishing licence, that wouldn't be accessible to the Ministry of Health, or that particular part of the database on the card wouldn't be necessarily accessible. Conversely, even within the Ministry of Health, personal information might not be accessible above a certain level or where it was not necessary for the use. That's true, right?

Mr Wright: That's certainly my understanding, leaving aside cost considerations of what it would take to actually do that. Certainly in the work of our commission we're very often exposed to new technologies, and it's hard to ignore the attractiveness and the appeal of all these wonderful little toys that you can have and what they can do. But I think you can't forget the fact that for every toy that supposedly can have a security built in, there's someone else out there who's going to find a way to get around that security. It seems to be a constant issue about building the security in and then someone else discovering a way to do it.

The latest protection now, we're being told, is encryption. The United States has a big project under way dealing with encryption. There are issues around the keys that relate to encryption, so it just seems that technology just doesn't stop, and it will be a constant battle, if you will, to make sure that the security is maintained. Once you start on that path where with a card you could indeed, if you wanted to, have a single profile of an individual, I think that is a very, very big step.

The Chair: Thank you, Mr Wright. I'm going to turn to Mr Callahan, and we're going to have an additional 15-minute round for each party.

Mr Robert V. Callahan (Brampton South): I'll be very brief. I hope I'm not maligning them, but you watch the Shoppers Drug Mart commercials and they're already doing this. They've already got everybody listed on there. Part of their selling feature is that, "Hey, I've got a record, honey," and she says, "I knew they'd catch up with you eventually." You've seen that one, obviously.

Mr Wright: I have, yes.

Mr Callahan: So they're already plugging this stuff in. They're obviously plugging the same thing in to connect it with government. They're plugging in the Ontario drug benefit program. What's being done about that? It's already there. They've got these people's records already.

The freedom of information and all that stuff, I think that's all well and good, but I find it difficult to understand why that becomes more important than perhaps coming up with a system that will prevent massive, millions, billions of dollars being lost in the health care system, Americans being able to come up here for cross-border operations, people being able to come from beyond America to have that done. I think that's the most critical issue here, not the question of whether or not somebody knows that I used penicillin last week or my age or my marital status or where I live.

We don't worry about that in the private sector. We've got collection agencies that can dun you. If you don't pay your bills within 30 days they can dun you, send it to a credit bureau and they make money on the basis of selling all this information and cutting off your credit for anything else. I think if the government thinks this is so important it should be looking at the private sector as well, but why is this so important? Can you tell me something that could cause me prejudice in terms of it being out there in the public domain?

Mr Wright: Well, I think -- I have to go back to --


Mr Callahan: So what?

Mr Wright: Well, I guess that's a fair way of describing it, "So what," and it comes down to the matter of who controls that information and the question of whether or not I, as the individual to whom the information relates, should not have the ability to, within reason -- and it's a question of balance, I fully agree with you -- decide whether or not the public at large will know something about me.

In terms of the kinds of information that are available, we're now into an era where with genetic testing there are ways in which you can find out whether someone shouldn't be working in a particular environment. They may have a tendency to have a certain disease based on genetic makeup. There are very large questions around discrimination related to genetics and this kind of issue.

So we're talking about a specific example in the case of the health card and that kind of information, but it really is part of, I think, a much larger issue around information and the fact that it relates to you and where do the interests of the payor and the person who's receiving the service meet. I think there has to be an acceptance that privacy has a place in the equation, and that certainly for me is a significant part of it. I don't see it as being pure on one side or the other.

Mr Callahan: I guess I've gotten a bit of a jaundiced view of it, because when I see members of the opposition trying to perform their function as opposition people, trying to get information that is pertinent to their role, having to go through this very lengthy procedure of freedom of information to turn it up -- I don't know; maybe I'm wrong, maybe I believe in a society where everything shouldn't be hidden, and if you are hiding it really are you not -- I'm sorry, I think the important issue is to get this health expenditure under control, and if it's going to be delayed by the concern about the freedom of information, I think then surely there must be some way of blocking sensitive information, the technology must be there that they can keep somebody's total medical data from being shot up on the computer of whomever wants to find it out.

Maybe you can comment on that. Is there something that's being done between you and the government in terms of trying to do that, to put a block on it so that you achieve both your ends and the proper expenditure of money in the health care system?

Mr Wright: I don't see the privacy legislation as an impediment to the goal of addressing the concerns relating to the misuse of the health card system. What I see is a matter of taking into consideration some of the controls that the act contains when developing the system that is intended to be put in place.

So I guess to the extent that the act will work -- and I think it will. Our office has had a lot of dealings with the Ministry of Health because it contains within its databases and other files huge amounts of sensitive personal information, and our relationship with the ministry to this point has been excellent. The role we play is a role of trying to ensure that as a factor, as a consideration, privacy does have a role to play. It is not necessarily, by any means, the only thing that's considered, and it shouldn't be, and I think our experience to date in very many examples has been that we can achieve an end result that does meet everyone's interests. Certainly for me, in my role as commissioner, I see that as a fundamental responsibility: to acknowledge that privacy has a role but it has a role to play within a larger context, and that's certainly the focus we take.


Mr Callahan: I want to let our Health critic have an opportunity, but I just wanted to ask one further question. In the registration analysis project that was leaked, I guess, at page 23, the government, I guess the ministry that put this together, seems to think, and they say,

"The requirements of the Freedom of Information and Protection of Privacy Act represent a major obstacle to data sharing with third parties and will also impede verification of client information."

Now, I read that to say that they're saying, "We can't do anything until we can get around the freedom of information legislation," either by new legislation or amendments to the legislation, and that seems to be contrary to what you just told me.

Mr Wright: I may be one of the only people in Ontario, but I haven't seen that report. But in terms of the comment itself, I think it depends on how carefully one looks at what the act requires. In fairness, I think it's a reaction that one could have if you looked at the strict requirements of the act.

It may be that the act is working, and certainly I don't have any idea what the ministry would be contemplating, but it may be that some of the things that it's contemplating shouldn't take place. I don't know.

I can say that in terms of the area of data matching or data sharing, things of that nature, I understand that the government is looking at some kinds of very broad guidelines around the use of data matching, not as a means of preventing it from occurring as a matter of, "It shall never happen," but having a very careful look at the benefits, the values etc of doing this kind of project and balancing that against lots of considerations -- financial, privacy and other -- in order to arrive at a solution.

I guess, as a concluding comment, I don't think the act should be an impediment to something that is within what the scheme presently permits. As I say, I don't know the details.

The Vice-Chair (Ms Dianne Poole): There are four minutes left in the Liberal caucus time for Mrs Sullivan.

Mrs Sullivan: I wanted to move to the questions, again, related to the integrity of the register itself. In the last round of questions I asked you about the authority of the providers and professionals and facilities to update, change, data that are in the register, and I want to hear some comments from you with respect to cross-ministry or cross-jurisdictional information exchanges.

Certainly the government has indicated to us that it is looking at two areas for ensuring that the register is up to date. One of them is the point of service, where the health professionals are involved. The second is from other internal government sources, either within the province of Ontario or that may be from another jurisdiction, such as the federal Department of Employment and Immigration and so on.

The data in the provincial ministry records, such as Ministry of Transportation, Ministry of Revenue, registrar general and so on, have been collected for other purposes. What I think would be useful for us to know is if there are legal impediments to the cross-transfer of those data now and what kinds of changes would have to be made, whether legislative or regulatory, to ensure that certain aspects, such as addresses or other information that could be associated with determining eligibility for health services, could be integrated into the MOH system in a way that still protects the privacy of the individual involved.

Mr Wright: Again, in terms of the matter of exchanging information, there are several sections of the legislation now which contain a series of exceptions or reasons or occasions on which information can be, if you will, shared between ministries.

Mrs Sullivan: Of the FOI legislation, yes.

Mr Wright: Sorry. Yes, the FOI legislation contains that now. There is also of course the ability of an individual to be asked for his or her consent to provide the information in some other fashion. So there is that as well in the legislation.

I understand this type of thing goes on. Whether it goes on specifically with the kind of information you've just suggested or not I am not certain, but certainly there has been information sharing that has gone on between ministries. I think the question, once again, also involves the kind of information that's being shared, identifiable or not identifiable. These kinds of issues I think have to be considered.

Ultimately, the answer, if there was something that as a matter of public policy we wanted to be done, the way to do it, if the act didn't provide it, would be by way of some form of statutory amendment. To this point, the legislation in Ontario has been in effect since January 1988. I think it's fair to say that government has continued to do business since that time and has done it within the context of what the act permits and doesn't permit. I think that speaks well for the legislation and its workability, but if for some reason there was something specific that the act just contained an absolute prohibition -- and quite honestly I have trouble imagining that, but if that were the case -- the vehicle would be by way of amendment.

Mrs Sullivan: I have a question──I don't know if it's for you──but who owns the health card itself?

Mr Wright: I don't know. I haven't looked at my card. I don't know if it has any of the kinds of things on it that, for example, a credit card would have, which clearly says the credit card company is the owner of the card. I don't know what the health card has on the back.

Mr Jim Wilson: Nothing.

Mr Wright: I don't know.

The Vice-Chair: We'll go to the Conservative caucus, Mr Wilson.

Mr Jim Wilson: I just have a brief question, and perhaps, Mr Wright, you can't answer it, but Mr Decter was here last week suggesting that the government over a long period of time is going to be introducing photo ID on the health cards. Have you looked at that at all with respect to fraud? I know fraud is not really your mandate, but I know Mrs Sullivan and I are meeting with Quebec officials on Friday, because they've moved in that area. The preliminary discussions I've had are that in fact it does not solve to any significant degree the fraud problem, particularly in Quebec, because they've given so many exceptions. Some seniors, I understand, aren't required to get cards, disabled people aren't required to have photos on their cards and children under a certain age aren't required to have photos on their cards, so there are large segments of the population completely left out of the new system.

Have you had any discussions or any thoughts on the photo ID system? Because from a taxpayer point of view, I think we're going to spend a lot of money and a few years from now we'll probably be having similar hearings with respect to the new photo health cards.

Mr Wright: Within our office we've had discussions around the views that each of us holds around the photo health card, and I think, once again, you've pointed out one of the real considerations, and that is, will the fact that a photo appears on the card achieve the purpose for which it was intended? In this case, obviously it's the notion of fraud, and we have not put our minds to that particular question.

Once again, I think, as a privacy commission, the notion of photo identification, even though we've all walked around for a number of years with a photo card with our driver's licence, is something that sets off an initial reaction of opposition. However, I think my answer might be a little different in terms of our view of the use of a photo card if in fact the controls weren't in place around the use of the card, the number and, I believe, the photo. In other words, it's restricted to health-related purposes. I think that's a very important element to factor in, from our perspective at least, in terms of the merits or lack of same, if you will, of a photo health card.

Mr Tilson: Dr Frankford has referred several times to the Sault Ste Marie project, and he's now told us a little bit about what goes on in England. I think it would be useful, Madam Chair, if research did tell us a little bit -- not taking away from Dr Frankford's comments, and I accept what he's saying, but I would like to know a little bit more about another jurisdiction that has gone through this process. It might help us --


The Vice-Chair: Certainly we could ask our researcher if he would get that information for us.

Mr Frankford: The UK has 90 years of experience in registration.

Mr Jim Wilson: If I may add, Madam Chair, particularly re the eligibility question, when you have a cardless system -- I think I understand what Dr Frankford's been telling us to a certain degree. I don't understand, for instance, how it would prevent American patients if we had a cardless system in Ontario, or ineligible people, from accessing our health care system. They must do something in Britain in terms of listing the population so they know who's eligible for health care.

Mrs Sullivan: They're on a roster.

Mr Jim Wilson: They're on a roster system clinic by clinic, as I understand it. The burning question in my mind is, okay, I'm ineligible, but I try and go to the clinic anyway. Does that mean they turn me away? I assume it does. So how is a cardless system any more humane than what Dr Frankford alleges our system is?

Mr Tilson: I don't want to get into a debate with Dr Frankford, I just want to find out about it. So it would be helpful if in due course research could provide us with that information.

Sir, in reading the paper of April 1993 that you prepared, you talk about a coordinated strategy, as you have this morning, or the recommendation of a coordinated strategy; you talk about developing a technology to protect privacy; and then you start talking about a number of other things, such as, "Data subjects should have the right to participate in the determination of what personal information the card contains and who has access to it," and you list off a number of other things. I almost get the impression that it is impossible to have a card that's going to completely detect fraud. In other words, you either tell all or you don't tell all. I mean, how can you have it both ways?

Mr Wright: Again, in the context of fraud, I have not, obviously, and neither has our commission, looked at the issue of what will prevent fraud. We've not looked at it from that perspective. We've looked at it from what we feel are the issues that should be addressed in the development of such a card, if that's in fact the decision that was reached. But in terms of the merits of a card vis-à-vis fraud, we have simply not put our minds to that.

Mr Tilson: As someone has said, there are toys for everything. There are toys to get around satellite dishes. Somebody even told me that this new phone system where you can determine whether someone's phoned you or not, there's another gadget that will block all that out. It's like Star Wars.

Mr Wright: The caller ID example is a good one. There's call identification. If you block it, there is now block the blocker so you don't take the call. I think that's again the same.

Mr Tilson: It's a game of chess, which gets back to the question that -- there are two issues: There's the issue of fraud, which means do we really have to go through all this, do we have to have all these fancy cards; or there is the providing of information to assist the providers in, I guess, assisting people. Also, if the state is going to be paying for the service, maybe they should be entitled to that. It gets back to my initial question. If the public is going to require complete state-run service, then they may have to surrender some of their rights, because, if I read your paper, it's almost impossible for an individual to say, "Well, you're entitled to this information but you're not entitled to this information." How in the world is a state going to provide a service?

Mr Wright: I think, Mr Tilson, the question is one around absolutes. I suspect that there's probably no absolute answer to the question of fraud, no matter how much information you would gather about a citizen. I think, for us, that's why we raised the privacy issues. Just because I may have every last ounce of information about you doesn't necessarily mean that you are entitled to use the card in the first place, and I think that is a fundamental question. I would agree with you to that extent.

Mr Tilson: It leads to all kinds of things. There's a current debate that's going on now about a patient being entitled to his or her files, the doctor's notes where they say certain things, the handwritten notes, are they entitled to those things? Perhaps Dr Frankford can add to that debate. Some say yes and some say no. Are we getting paranoid about our privacy?

Mr Wright: I think what we are perhaps doing, and I think one of the roles of commissions like ours is to raise the awareness so that when the public debate is held, such as through members of this committee, the committee is exposed to all elements of the equation, you hear the privacy side, you hear the side of the technicians etc, and in making a decision, you make a decision which reflects the public mood, if you will, as far as this kind of information is concerned.

Mr Jim Wilson: Mr Wright, I was just wondering, given that we're told that the Management Board secretariat is pursuing, to some degree anyway, one card for the citizens of Ontario, as a matter of practice, are you regularly having discussions with them or are you absolutely in the loop with respect to privacy considerations, sir?

Mr Wright: I guess what I could say is that we put ourselves in the loop and we've had the cooperation. I think there has been a history of working together once again. I don't think, in terms of the ministries themselves, that they ignore the privacy considerations. I think there's respect for those considerations. I think the challenge, as I think I've said repeatedly now, is to find sort of the workable solution to some of these issues, so I'm satisfied that we work with it.

I think there's an understanding in the relationship we have that at some point our independence would require that we take a public position on something which may not be along the lines of what's been discussed. I think there's been respect for that as well, and to me it's worked well.

Mr Jim Wilson: Thank you. I think that concludes our questions.

The Vice-Chair: Just before we go to the government caucus, the auditor has a question for Mr Wright.

Mr Erik Peters: Just a very quick one. You indicated that excellent working relationship exists between your office and the Ministry of Health. In the document we have, a joint working group has been created to deal with the agreement between the Ministry of Health and the OMA. In this, they have the following sentence. I just wondered if you are involved in this.

It says: "In exchange for a one-time payment of claims under the J8 policy," whatever that is, "physicians will be required to provide to the Ministry of Health the number and other corroborating information about the cardholder. This mechanism for providing this information will be developed by the MOH-OMA joint working group."

My question's just a very quick one. Are you involved with this working group? It sounds like a rather complicated situation. If I take what you have just told us, the information about the cardholders owned by the patient, and we are now having the physicians paying the ministry for the right to provide this information, it sounds like a rather complicated setup. I was wondering if you were involved in any way in this particular arrangement.

Mr Wright: Not to my knowledge, no.

The Vice-Chair: We'll go to the government caucus. We have Dr Frankford, Mr O'Connor and Mr White. Would you like the time divided evenly or --

Mr O'Connor: No.

Mr Frankford: If I could just briefly respond on Sault Ste Marie. If you have a capitator system, then your downside risk is the capitation amount. Sault Ste Marie is an HSO right now but it could become a CHO, which just means that it adds in the hospital care which is lacking. So, in that situation, the most that we could lose would be, say, $1,600 per individual. I can elaborate but I don't want to tie up on that.

I think the potential for a cardless system is there. The interesting thing about Sault Ste Marie, of course, is that it's on the border, and as I understand, a fair number of Americans are using it right now and it can be a very interesting survey to see to what extent they are acting in good faith and not defrauding. Mr Martin perhaps can elaborate at some future occasion.

Just one question, going off this: I think you may know that the suggestion has been made that patients should get a statement of the services generated on their behalf. There's a lot to be said in accountability, but I think one can think of all sorts of situations where they might not like it. As the father of teenage daughters, I can think of some possibilities there. Do you have any thoughts on the privacy concerns around that suggestion?


Mr Wright: Thinking back to when the new health card was introduced, my recollection is that one of the features was the fact that each individual would have his or her own number as opposed to, I believe, the earlier situation, which was that it was issued to a family. Therefore there would be enhanced privacy in the sense that communication etc would take place with that individual.

I would assume that an account being sent to an individual who's had some form of health service would be addressed perhaps even to the same family address, but at least to the individual. It's hard to think how much more you could do around the fact that someone else might open that mail or something of that nature. I guess that would be my reaction to that. At least there's the advantage that it's addressed to the person who received the service, which to that extent is I think a positive.

Mr O'Connor: I guess I'd like to look back a little bit. I think we need to learn from the past. If we look back, we see that the system we had in the past wasn't the best. There are 26 million active numbers out there. That wasn't acceptable, obviously, and the previous government moved to correct that, you know. Of course, that wasn't without any mistakes. There still is the potential for fraud to happen. I guess part of the difficulty that has been pointed out to us is that there's been a lack of verification in the processing of the registration cards.

Of course, then it brings us into some privacy questions as well. If I can, what I'd like to ask you is, are there any improvements you can think of that we as a committee should be recommending to the ministry? Should they move forward with a reregistration? What can we do to improve that? It could perhaps be in the verification process, which isn't of course going to complicate things by problems of privacy and interfering with people's rights that way.

Mr Wright: I really have not considered the question of how initial eligibility is determined. I don't feel equipped to really comment on the what the ministry might do. I think you've made a suggestion that questions of verification and the way in which it's done would obviously be something the Ministry of Health would wish to look at. Once again, the concern at that point I suppose would be what the privacy legislation does by way of that particular activity. But as far as the merits and what to do, I really don't have a comment.

Mr O'Connor: In the verification process, in moving to the next card that we do proceed with, if that's the end solution to this, is there anything that sends up a flag saying that you think the government should watch because we may be stepping on people's privacy rights in going through this? Is there anything that comes -- again, there's probably nothing at the moment but maybe --

Mr Wright: I think one question that does arise, and it flows from the code of fair information practices, is the degree of verification that actually is undertaken. How much information has to be collected in order to verify? That's something that I suppose jumps to mind immediately, a decision being made as to the kind of information that's actually needed to achieve the purpose. I think that's a very important part of privacy protection.

Over the years, we have worked with ministries around the information that they ask for on forms, and it's surprising to see, when our office gets involved in that kind of exercise, when asked, "Well, why do you get this kind of information?" "Gosh, we don't know and we don't think we need it." I guess what we hope will happen is that if a verification system is in place, there will be conscious thought given to how much is necessary to achieve the purpose of verification. It doesn't necessarily mean emptying out your wallet, for example, in front of someone and them picking through and taking whatever they want. Once again I think the issue is, what will achieve the legitimate ends of the exercise?

Mr O'Connor: Do you see any problem with the present system having that unique identifier being used as a tool for planning for health care into the future? That's an element that we as a committee and the Ministry of Health, I'm sure, need to use as some sort of a planning tool. Do you see there being a problem in using that unique identifier through the data collection process?

Mr Wright: I guess I would question why the unique identifier would be a consideration at all. I think, as I believe I mentioned earlier, for planning purposes etc you may wish to know how many operations of a particular type are done in a particular area. You can do that without knowing name, number etc; you will have an aggregate figure. It takes away the personal information issues.

Mr O'Connor: I guess there have been problems in verification that will allow, then, a substantiated study to take place epidemiologically. That's what we've heard, and I guess that's why the Manitoba system that has had a unique identifier has given them some advantages as well.

Mr Wright: I believe that the Ontario legislation permits studies etc to be done with personal information involved. There's a specific exception contained in the legislation which permits agreements etc to be entered into, which permits this kind of activity.

Mr White: I'd like to get back to some of the concerns I was talking about with you earlier, and frankly they were raised again. My understanding is very simply that the protection of privacy and the prevention of fraud are not antagonistic to each other, that people's private information can remain confidential and that the state, unlike the suggestions from the opposition, does not have to intrude upon people's confidential information to get the information it needs to prevent fraud. Frankly, I think your rule should, if anything, be enhanced.

The issue that my friend brings up, that fraud is being prevented and there's much less than there was in the past, but no matter how much fraud there is it still needs to be prevented, that health cards have to be monitored and that there has to be some system to prevent abuse of that system, I think is very real. But I think your point is also real, and it doesn't seem to have sunk in that the protection of privacy does not mean somehow that there's a condoning of abuses.

You've talked a bit about the smart cards and the difficulties with that. I was certainly very interested in that. I wasn't distracted by the suggestions opposite that somehow your role should be annihilated, that people's protection should be eliminated and that information should be sold holus-bolus in the private market, but rather I think that your role should be enhanced. I'm wondering how you would see that, what kinds of suggestions you would make in terms of making the protection of privacy something which everyone feels they have a right to, particularly in these technological days when, with smart cards etc, people really need to have an understanding of how these technologies impact upon them.

Mr Wright: As Ms Gore has very helpfully pointed out to me, one of the things we mentioned in that smart card paper is the idea of a privacy impact statement at the time any of these new technologies is being contemplated. I think the reason we said this is that it's very difficult for public policy or laws to keep up with technology. Literally by the day, by the hour probably, there's something new in place that has some privacy element to it. Coming at it from a privacy perspective, once millions of dollars have been invested in the development of a technology is probably not the best way to approach it.

So what is happening, certainly in the telecommunications area -- it's happened already -- is this notion of a privacy impact statement which will in fact assess, among other considerations, clearly what the technology may mean for the privacy of individuals. This will be something that's there, it's done as a matter of routine, it doesn't require legislation and it creates the awareness that you want of the privacy implications.

I think Bell Canada, in the caller-ID example, which became a major privacy issue, was totally caught by surprise with the reaction of consumers from a privacy perspective. They have recently made application -- I find it very interesting -- for an enhanced form of service, and a very important part of that application is now the privacy element: how they thought about it, what they've done to address it. I think this tells us that creating an awareness will work. I don't think any private companies are interested in investing millions and millions of dollars in something and then finding, when it gets out into the public, that there's a cry from the public against it and they end up being faced with an investment that's simply been wasted. It's in everyone's interests, I think, to have that kind of a statement, and that's certainly one way we have seen that could be achieved.

Mr White: These days, when we have so much technology changing so rapidly and many people have difficulty keeping up with it and understanding what the impact is, your role becomes much more crucial, because not only do you have to have an understanding of the technology but you also have to be able to help people understand how it impacts them and do that in language they can understand and help people understand that sometimes this technology is okay, providing these safeguards are in place, and that you have frankly checked that this is the case. But I think that makes your role much more crucial than it would have been, say, a scant decade ago.

Mr Wright: I think it's an excellent comment in that the developments are taking place at such a quick pace that you need, if you will -- I'll use it in all senses of the word -- a dedicated commission, part of whose role is to look at these kinds of issues because members of the public simply can't keep up on a regular basis with what's happening until possibly it's too late.

Mrs Sullivan: I have a point of clarification that I'd like to put on the record before we go into sessions this afternoon. This follows from the auditor's question to Mr Wright with respect to the OMA agreement. If I can just describe what that section 11 means, it means that if, say, on January 1 a person receives medical services from a doctor and on January 15 the eligibility is denied to that person -- after investigation that person is found in fact not to be eligible for health services -- the doctor would still be paid for the services that were provided before the person was declared ineligible, even though he was in fact ineligible before, but the doctor had no way of knowing that. That's really what that means.

We have other questions that we want to put to the OMA this afternoon with respect to that section, not the least of which is whether in fact it has the right and the authority, under its own professional standards, to provide the data that have been included in the agreement. I think that's another area to pursue, but I just think there was a misreading of that section and, before we go down a big track on that, what I think the auditor implied wasn't part of the agreement.

The Chair: Would you like to comment on that?

Mr Peters: I just read the section and I wanted to find out if this joint working group, if the privacy commissioner was part of that, and he's not.

The Chair: Any further comments in the few minutes that we have remaining? If not, we are adjourned until 2 this afternoon.

I would like to take this opportunity to thank the privacy commissioner and his staff, who are appearing before us today. You've provided some very interesting food for thought. Thank you very much, once again.

We're adjourned until 2 pm. I ask members to please be prompt as we have a very lengthy schedule this afternoon.

The committee recessed from 1155 to 1407.


The Vice-Chair: Good afternoon. I'd like to convene this session of the standing committee on public accounts and I'd like to welcome to our committee this afternoon Dr Tom Dickson, president of the Ontario Medical Association, and Mr Peter Berwick, director of administrative services. Have I got that right, or have there been any last-minute changes?

Dr Tom Dickson: No, that's correct.

The Vice-Chair: If you would like to just identify yourself for the purposes of Hansard and then begin your presentation, and we are hoping that you will allow sufficient time for members of the committee to ask questions at the end of your presentation.

Dr Dickson: Absolutely. I'm Tom Dickson. I'm the current president of the Ontario Medical Association. What I'd like to do is basically go through in a relatively informal fashion. I don't want to read something at you. I think it doesn't foster discussion. We are pleased to be here. We will offer some suggestions and there will be lots of time for questions. I'd like to give you a provider perspective, because we deal with the health card on a day-to-day basis.

What I'll go through is an oral presentation describing the attitude and concern of my member physicians, the impact of the version code enforcement, some general principles and then some absolute specifics on long-term solutions to the fraudulent use of the health card. I'll then make some comments about counterfeiting of cards and some methods that might be used to counteract that, and finally some suggestions on some short-term measures that you might put in place pending a more permanent solution.

As I'm sure you're all aware, at the recent negotiations between the OMA and government under the context of the social contract, the OMA raised the issue of health card fraud and posed some various solutions to it. We have a very specific motivation for that, number one being that we are now responsible entirely for increases in utilization as a profession, and anything that might be able to drive down that utilization is obviously in the profession's interest. In addition, we were looking for a fix, if you will, for the version code payment problem. I'll get into that in some more detail later.

Most physicians do see some degree of health card fraud directly, and I'll give you a few anecdotes in a moment. Physicians are somewhat frustrated. We understand that the dollar numbers are indeterminate but they're significant, while at the same time with these significant dollar amounts out there, we as a profession are being asked under the terms of the social contract to reduce the amount of expenditure in the system by about 5% for eligible cardholders. So it places us in an awkward position fundamentally when we're restricting care to people who in fact are entitled to it when there are people who presumably are not entitled and we can't identify them.

We are not in a position -- and I'll repeat that: we are not in a position -- to estimate the total amount of dollar fraud. We have no idea. There is plenty of anecdotal evidence that I hear from my colleagues on the front lines of health care delivery; for example, non-residents to Ontario borrowing a valid card, and currently we have no way of detecting that. We refer to this often as the so-called medical holiday, with individuals coming from overseas, visiting someone here, borrowing their card because they didn't carry any out-of-country health insurance from their home country, obtaining rather expensive health care and then returning to their home country. We only have anecdotal evidence of that, and unfortunately everything we have in place doesn't track people unless they're picked up accidentally right now.

We also have the problem of non-residents using a fraudulent address in their application and getting a card to which they're not entitled. This may be more appropriate to border areas or cottage users.

The final one is the area of forged cards. I don't think any of us really have a good idea on what the numbers might be.

In February of this year, the government made a decision to enforce the version code. There was always an understanding that at some point in time it might be enforced. In February, the version code was enforced. Essentially, the concept of the version code is simply a method used to make any replacement card different from the original. It simply identifies the replacement as a different card while still maintaining the original 10-digit number. I think we all understand the reasons for the personal identifier, the 10-digit number: so that you can do tracking, you can do some decent health research and monitor trends, which we have not been able to do with the old OHIP database.

There was an assumption made at the time that old cards, ones that were not taken out of circulation, that were not being rendered inoperative through the enforcement of the version code, were being used fraudulently. I think that was a mistaken assumption. We do not believe those cards were being used fraudulently, by and large, and I think the ministry's own data will support that. I'll go into that in a bit more detail.

As a consequence, what was happening beginning in February is that patients were presenting with a card in a physician's office or a hospital or at other providers, anyplace where they use the card for services. They believed the card to be valid. Six weeks later, once the payment cycle went through, the claim went unpaid. It was coded as an EH2, which is the code that's used to indicate that there's a version code problem. That left each provider and each hospital struggling to backtrack and try to find these individuals and let them know that the card they presented in fact had a version code and that the card was not valid.

We understand, talking with my colleagues anecdotally and also from ministry data, that ultimately about 90% of those codes that are rejected are eventually paid. So at least 90% of those people were obviously eligible; they eventually proved their eligibility.

Of the remaining 10%, I think conservatively we could probably estimate at least half of those people simply couldn't be tracked down. The major problem in tracking down occurs not in a fairly stable practice like a family physician might have or even a consultant like myself who sees people only on referral, but in emergency departments in hospitals, in walk-in clinics, after-hours clinics, that kind of situation, where it's a one-time-care event and very difficult to track people who might be from out of town or from quite a distance away. Our emergency physicians and anaesthetists in particular notice this quite dramatically and find a very significant percentage. For some people, as many 20% of their claims in a given month were being rejected because of an invalid version code, because they were seeing a self-selected group of individuals.

So from personal experience in my own office and asking my own secretary this morning how she had done in tracking down version codes, almost all turned out to be simple communication errors. The patients simply didn't know they had a card that had a version code on it. That might seem pretty obvious to most of us that you'd look at the card and there would be a code down on the bottom, but, first of all, patients didn't differentiate between their original card and the replacement card because it wasn't brought to their attention that the version code was important.

The second thing is that a lot of people do not carry their cards. A mother with six children visiting the doctor doesn't go around with a stack of cards with a rubber band around them. She usually writes down the numbers in sequence, and the husband usually has the numbers written down; so does the grandmother and possibly the babysitter. So they all have the numbers written down so that they can be used. Nobody walks around with a stack of cards.

As we all know, people who present to hospitals now don't present with the health card because they've been given a hospital card which they think entitles them to care and is sufficient proof. That's leading to problems as well.

All in all, we believe the fraudulent use of health cards that's being eliminated by version code enforcement is very low. In fact, I don't think it has served the purpose which we thought. Version code enforcement is cleaning out duplicate cards; there's not much doubt about that. But it's having very little effect on fraud.

What enforcement of the version code has done is placed a very large administrative burden on physicians and other providers. Hospital radiology departments are another group that has really had great difficulties.

It generates complaints of harassment from our patients when we go after them afterwards and try to track them down and find out what the true card number is and what the version code is. Frequently, we get complaints from the patients that they feel they're being harassed unfairly, that they're entitled to care and the health card they presented should do that. So it isn't solving the problem and it is creating some anxiety among some of our patients.

It's frustrating for us to deal with version code rejects while on a daily basis we experience or at least suspect strongly that there is card fraud that we are helpless in dealing with.

Some suggestions now. We don't have all the answers, and I don't think it's that easy a problem. If it were, somebody would have solved it already. It's not our system, it is the government's system, but we are committed as an association to helping, if we can and if you'll let us help, to solve some of your problems.

Over the longer term, some general principles for solving this would be to control fraud at the point of issue of the card. I think that's key, to zero in on the issuing of the card in the first place and not at the point of service. It's difficult to ask physicians or other providers to police the system. We're not trained to do that. We find it uncomfortable.

How we might do this, in general terms: redesigning of the card itself enabling some validation of the card by the provider, a more rigorous control of distribution, and a more rigorous validation of eligibility.

I believe David Cooke a few weeks ago in a press scrum referred to the granting of a health card as the passport to the health care system. Possibly we should look at the controls and the significance of those controls and proof of who you are in granting a health card, as we do currently for the granting of a passport.

Specifically, we would recommend:

(1) A photo ID card. I have a sample I'll pass around. It has Peter Berwick's photo on it. It's just an example of what a photo ID card might look like. What a photo ID card would do would be to eliminate the loaned card, the medical holiday provision where someone lends his or her card to someone else inappropriately. It is the only credit card we carry where someone else pays the bills. So there is no downside risk to lending your card at this point; at least the public have that perception.

It contains a digitized image which is directly imprinted into the card. It's not something glued on to the surface but imprinted right into the card. That image could be stored. If it's a digitized image, it could be stored, and when a new card is issued, the replacement card could be compared to the original photo and could be verified. This would again stop one of the ways in which people might try and get a card they weren't entitled to.

(2) Thorough registration checking. This is basically to reduce the granting of cards to non-residents of the province who are fraudulently applying for a card. We're suggesting that people should apply in person to designated sites around the province where there would be a video camera that could record this digitized image. This could be done in hospitals, in clinics, in post offices. You could make up a list as long as your arm about where it might be done. There would have to be proof of residency. We have some examples of what Quebec goes through. They do go through a very similar process, with very tight constraints on whom they grant a card to and proof of identity. I don't know if you've seen these documents, but we can pass them around.


What we're suggesting is very similar to what they have in Quebec right now: not only providing proof of residency, but they have to provide other pieces of evidence to prove they are who they say they are, generally something that has a photo ID on it, such as a driver's licence or some other notarized piece of identification. It's not dissimilar from how we grant passports right now.

Thirdly, electronic cross-referencing: There are databases around this province. We all understand that the database is somewhat corrupted right now, with 26% of addresses being incorrect. We do have databases that might be able to help confirm residency, cross-referencing to people who have died, even the telephone directory, telephone listings, postal codes, electoral rolls. There are many other databases that are available to government. I think there's been some reference to those in the past that you might look to for confirmation.

The fourth area, and probably very important, is public education, because right now the public doesn't understand the consequences of misuse of the card. They have to be told that the card is important. When we started with the version code in my office, probably half of individuals showed up without the card. It's much higher now, but it really should approach 100%. I think government will have to deal with the whole concept of presenting the card for care. Should or must that card be presented? That's a political decision. I think government will have to struggle with that.

I think we have to emphasize to the public the accountability of the card. In other words, they are accountable for how that card is used and the consequences of misuse, such as lending the card to someone else, the change of address requirements and trying to clear up that 26% of the database which is incorrect on address. The Ministry of Transportation does the same thing on a regular basis. They simply do it through penalty if you don't, within a fixed period of time, change your address for your driver's license. We need to prosecute offenders in a vigorous and public way. Again, that's part of public education.

If all of the foregoing were carried out, it's likely we're left with only counterfeit cards. In our view, and I think most would agree, it's extremely difficult to stop the true criminal intent. Gun controls and handgun controls haven't stopped the proliferation of handguns in this country. I think it's very difficult to design any system that might stamp out entirely the criminal element, but you can make it more difficult.

To deal with counterfeiting, the digitized photo goes some direction towards that, although the technology is not that sophisticated. There is a hologram on the image such as all of us have -- I think if you have a Visa card it usually has a holographic image on it which makes it a little more difficult -- and an engraved signature on the card so that you could ask for validation. My Jumbo Video card has a signature right on it and there's a warning on the back about misuse of the card. Something as simple as that has some tighter constraints and controls on it than the current health card. We should continue the mag stripe on the back and it should have encoded all the information that currently appears and might appear on the front of the card in the future.

Now something about smart cards, and I understand others have presented some information on smart cards: Our view is that smart card technology does hold great promise but in the real world has demonstrated some difficulties and limitations. It would require the placement of hardware in every single provider office -- every hospital, every pharmacy, every clinic around the province -- and would likely be very expensive. It would require real-time entry of information so that there could be validation of whether the card was being held properly. That means an on-line access to the ministry database. Again, that may be rather difficult.

Data entry is important. Unfortunately, when you think about how we enter data on a smart card, if the goal is to in fact have valid, up-to-date health information encoded in a chip on a card, every time the patient leaves the office that information must be on the card before they leave. Trying to track them down and encode it afterwards would probably prove impossible. We know patients have difficulty bringing their card in all circumstances, particularly in emergency care. That's the last time people think of trying to drag up their card and find it.

If patients are uncomfortable about waiting to see their physician in the office, they'll be more uncomfortable waiting after the visit to have their card encoded with the data from the visit. That will take time. I can't tell you how long it might take. Some visits could be very brief, but a psychiatric consultation could take a long time to encode in a meaningful way on a card.

Our concern would be that over time the data on the card would become corrupted. It would either be out of date or it would be missing essential data, which would be just as bad, because then you'd rely on that data and some fundamental mistakes could be made. It holds promise, but it has significant problems.

On the version code, since the version code has been designed as the only way to really differentiate a replacement card from a card that's been lost or stolen or destroyed in some fashion, it could be done in other ways, either with an issue date which is going to be unique to that card or with an expiry date which, again, is unique to that card.

There will be problems that arise if in fact the version code, or whatever its successor is, is used to deny payment for physicians. I think I already made the point, and I hope well, that enforcement of the version code does not really eliminate card fraud. It simply helps cull out the duplicate cards in the system. But these are from people who legitimately are eligible, as at least 90%, if not 95%, are entitled to care. Denying payment really is denying payment for services to people who are eligible for care.

What we would suggest is, why not simply notify the cardholder if a card is used that is invalid because of an expiry date problem? Notify the cardholder that their card is invalid, what mechanism you might use, whether it's the mail, whether it's the provider route. Ask for the return of the card and warn them of the consequences of continuing to use a card which is invalid.

Unfortunately, all the previous measures cannot be in place overnight. There will be some period of time to put some of these into effect. We appreciate the problem. The ministry staff have worked very hard to try and solve many of these difficulties. Peter and other staff have worked down at Kingston and tried to help as much as we can. We appreciate what the ministry is trying to do, but it's not an easy problem.

As a start, we would push very hard and would suggest that the implementation date of August of next year for the photo ID card be maintained, if not moved up. We've heard rumours that it's very difficult to meet that August date and that it might slide further back in time. We would hope that won't be the case, because if we're trying to keep utilization of the system down, every month we lose just costs us all more money.

We hope that the government will stick to the three-year time frame as promised and not slide up to four or five years. Again, it has been rumoured that it might take longer. We would suggest that in handing out the photo ID cards we target people who currently are without some sort of photo identification such as a driver's licence and those currently holding cards with version codes on them, because these are people who clearly have demonstrated some instability, at least in their card validation in the past.

As in our agreement with government, we would like to have the regulations in place that will allow providers to ask for a second piece of identification with a photo, if in doubt as to the validity of the card or the cardholder. If unable to confirm, it would allow payment directly, a deposit, if you will, from the patient seeking care. There are problems with this. It will be difficult to work in the real world.

But the physicians do need -- and not only just physicians but the other providers and the hospitals -- regulatory protection, as agreed to in our current agreement with government, before we can suggest to our members that they actively challenge suspicious cardholders. It's an awkward proposition in the first place, and unless we have some backup and some regulatory protection, it's difficult to ask anybody to do that.

On card verification, the ministry has signalled its intent to cancel coverage or eligibility for a significant number of people, upwards of 140,000 people, some time this fall: refugees and visa students and other individuals who are felt not to be rightful holders of a card. Some of these will be cancelled for other reasons, such as cross-referencing the database, and we would hope that people who aren't entitled will have their coverage cancelled. But there must be a means to check the eligibility at the time of service, not 6, 8 or 10 weeks later.


The interactive voice response system -- and I understand you saw a demonstration of that -- is a solution but, quite frankly, we don't believe it is a particularly useful real-world solution, because I understood it took some time for that demonstration to work here. We believe that in a busy office, if you're trying to validate every card, it will take an interminable length of time and simply slow down the entire process. We don't think that it, in the long term, offers the best solution.

We think the preferable route would be to use a swipe card reader with an on-line linkage which would confirm eligibility and, if it's an ineligible card, get a response message back from the ministry giving permission for the provider to confiscate the card. We need to have some direction. I don't want my members out there making ad hoc decisions on a gut feeling as to whether someone is holding a valid card or not. It's just an untenable position. We can't leave it up to the providers to make a judgement call.

That's the end of my formal comments. Peter and I and some other staff who are along with us would be glad to take questions.

The Vice-Chair: Thank you, Dr Dickson. We've got just under an hour for questions, so I thank you for leaving that time. We'll have 15-minute rotations to begin with and we'll start with the official opposition, Mrs Sullivan and then Mr Callahan.

Mrs Sullivan: I guess I'm going to start with your preamble, because I think that the committee was somewhat shocked to hear from the mouth of the deputy minister the other day that indeed there was no long-term strategic action plan in place with respect to either one of the two sectors of health card detail that we've been looking at, the first with the verification of eligibility through the registration system and, as the second, the ultimate place of the database for use in health research and health care planning.

Given that circumstance, also I think that the committee felt that in fact we did not have and there is not a picture of how much health fraud exists in the system. There has been no measure of that. The internal ministry study was an extrapolation of a worst-case scenario, using all areas of exposure that the Ministry of Health may be subject to with respect to the cards, and probably the least work had been done in the area of health care fraud. As you say, anecdotal information is available, but very little actual data is available indeed for an action plan to be based on.

As a consequence, we were also then taken aback to see that it's a major part of the OMA agreement process to deal frankly with the fraud issue. The photo card was on the table. The ministry itself estimates that introduction of that card would probably be a $50-million project for the card alone without any question of the cost of implementation, whether it's by regional centres or a central place for the processing of registration etc, and that it would be a timely one. There has been no cost-benefit analysis done and indeed there is no indication of whether a photo identification card would solve what is perceived to be a problem and if the problem is as extensive as it would cost to perhaps solve it.

It's there in your agreement. The OMA, as part of the agreement, has identified -- I understand it was the OMA that identified the photo card, but you may want to correct that -- one technology as the preferential technology to deal with what is a very nebulously understood and certainly not measured problem.

How would you comment on what our observations have been so far?

Dr Dickson: To start off, it's sort of the direction in which I might handle it. First of all, the concept of a cost-benefit analysis: I wouldn't even venture into those waters and won't, only to suggest that we all understand that the numbers are fairly large; they're significant numbers. We've seen estimates across the map, and anything that reduces that, of course, we're going to save money.

More importantly -- and I think this is for the longer term and we may get into some of this discussion later -- if we're going to do any reasonable kind of health care planning in this province and look at outcomes analysis and whether we're getting the bang for our buck on what my members provide, if we have a corrupted database that doesn't let us track people properly, then we are really whistling in the wind. We just don't know what's working and what isn't working. So to have a good database to work from is probably a more important reason for getting in a good card system that we can maintain.

I don't think the health card is a solution all by itself. I think registration at the point of initially granting the card is probably where it really has to be tightened up. As we all know, when we replaced the original health card with the new red-and-white one, there was a bit of a rush and people were getting new cards by mail by providing the old OHIP number. We all know that there was something like 26 million or 28 million OHIP numbers extant at that time. It was a process that was rather loose at the time, so we have a legacy that needs to be cleaned up, and unfortunately, it's a legacy I don't think we can tolerate.

Mrs Sullivan: I concur with you that the database is the purpose of the system and that is why government action has been taken in the past and why it's a positive thing to continue getting it right so that the entire system can be used appropriately in planning and outcomes analysis and so on. But I suppose the question is, as the database is being introduced, there has to be an enormous equipment upgrade in terms of electronic equipment and computer links and so on, and that's costly. Why wouldn't you put the $50 million for a photo card into technological update rather than into a photo card?

Dr Dickson: Peter, do you want to take a run at that?

Mr Peter Berwick: Part of the problem related to the technology upgrade is that every physician would have to be trained in how to use it, their staff would have to be trained in how to use it and at the moment, while there's a majority of claims submitted electronically, it's not always convenient to use that technology at the time of providing the service.

The health card with the photo ID was thought useful, and I notice a number of you were looking at me and holding up the card at the time, and this is precisely what physicians do in the office when they want to prove a card is in fact valid.

Mr Callahan: We weren't sure it was you.

Mrs Sullivan: We thought it was your younger brother.

Mr Berwick: Thank you. I had more hair when the photograph was taken.

So you're right, there's a tremendous capital cost involved, a tremendous training cost involved and there have to be standards that can accepted and used throughout the health care system by pharmacists, by physicians, by the ministry itself, and those standards put into place before a universally accepted technology can be embraced, and we're a long way away from that.

The problem is that we have to address the problem that faces us today and a photo ID is seen to be the most immediate solution, given that the information on the mag stripe can be used by those who have card swipe readers, and the photo ID can be used not only by them but also by all of the others. So technology has a place to play, but we're far enough away from it that we have to put something else in place in the meantime that has a long-term benefit, and a photo ID will have that in addition to having a more immediate benefit.

Mrs Sullivan: But you're seeing the problem as one of fraud when in fact there's been no measure of the amount of fraud.

Mr Berwick: That's correct, and I have no idea as to what amount of fraud there is. However, it is my view that by being able to compare either an image on a screen or an image on a photo ID card against the individual presenting the card, there will be a significant reduction in the opportunity for fraud, and we will all benefit as a result of that.

Dr Dickson: Just an add-on to that: If we look at another jurisdiction in Canada with a similar system -- Quebec, when they brought in their health card system and brought in a very tough registration system, a lot of people who were sent mailings to come and get their replacement card didn't show up, and they reduced significantly the number of cards that were out in circulation. Now, you can't draw hard-and-fast conclusions from that, but there's an assumption that a lot of people out there had cards who were not entitled to them, and I don't think Ontario would be any different.


Mr Berwick: May I make one more comment? One of the examples in developing the health card in the swipe card technology is already proved in the tests at the Toronto Hospital, that use of the card swipe readers at the admission desk -- and there's a Ministry of Health office located very close to that admissions desk -- when people had their cards swiped, the system revealed within six seconds, as you saw, that the card was invalid for some reason. The individuals who presented the card were then asked to go to the Ministry of Health office because there was something amiss with that particular card. Seventy people who presented the card failed to turn up at the ministry's office, and those cards were retrieved out of the system.

Mrs Sullivan: But you don't need a photo for that.

Mr Berwick: You don't need a photo for that and didn't need one then, but however, there was no mechanism to say what was wrong with the card. There may have been an opportunity to collect information at that point. One person, upon seeing the card swipe used, actually ran out of the building. So there is a deterrent effect in being able to give providers the ability to use card swipe readers to access whether the card presented is in fact valid or not.

Mr Callahan: How many providers have swipe machinery?

Mr Berwick: We don't know.

Mr Callahan: We had a couple of them that were brought in here the other day. Interestingly, the only place they're made is in the United States, which is a side issue, I guess, but I think they were thousands of dollars, as I recall. That's my recollection.

I think you're quite right, Dr Dickson, and welcome to the committee. Dr Dickson is from the beautiful area of Brampton. It's probably the first time I've ever been on a legislative committee where we've been able to get something done.

The original application allowed you eight ways to list yourself for a card. I could be B. Callahan, R. Callahan, V. Callahan, and fortunately, in bringing that to the attention of the deputy minister that that was just an invitation for fraud, they decided to change it. I think you're quite right that if you can't identify the person in a specific way right at the time of application for the card, you have in fact given them eight ways to fleece the government.

My major concern is between now and the time this all takes place, and I said this the other day to the deputy, because there are a whole host of problems here. We had the Freedom of Information Commissioner this morning who was telling us that there might be problems in terms of how you go about doing this and perhaps they should be ironed out before we enter into this and spend megabucks to do it, so that's a problem.

The other thing is the August 1994 date. That's the first we've heard of that. You have information which we, as members, don't even have, and then I understand it will even be beyond that when we will finally get into the completion of all this.

I had suggested something as simple -- after hearing it, you may think it's simple. In fact, you may think I am simple for suggesting it. But I go into my local trust company and I have a passbook that has my name signed on it. You can't see it unless you hold it under something as cheap and simple as an ultraviolet light.

I have suggested -- and this may be just a temporary arrangement until we get this process in place, something more definitive in order to avoid the fraudulent aspect and perhaps even to avoid the necessity of a slash card reader for those doctors or providers who don't have them yet -- to simply have the person coming for -- first of all, you'd have the signature on the magnetic strip. You couldn't see it unless it was held under an ultraviolet light. You would have the person coming seeking the service signing his or her name. It would be as simple as that. That's all a nurse or whatever would have to have them do and then compare it with the signature on the stripe, and if they matched, even if it was a fraudulent arrangement, the doctor gets paid. He or she has done everything possible to ensure the integrity of the system.

I ask you to comment on that, recognizing that that's a very minuscule way of dealing with the particular problem we've got and recognizing, I think as Dr Dickson said and I think as we all recognize, that this card is better than American Express; don't leave home without it. In fact, it's turning into American Express.

I'd like you to comment on that as a temporary measure to allow us to cut this out now, to stop it now, and to give us the opportunity to find a system that's going to be the best system and not rush into something. I think you're probably quite right, Dr Dickson, that this was a rush to get it done and it was not done with total forethought. As a result of it, we have the problems we have. What would be your comments on that?


Mr Callahan: Look, this is public accounts. We're prepared to be honest and straightforward. I would imagine the government would be too.

The Vice-Chair: Dr Dickson, would you like to respond?

Dr Dickson: Peter would like to respond.

Mr Berwick: I think it is one technology. It's one that would have to be introduced across the province to every provider's office and also facility and it would need, again, a measure of training. I think our preference would be to place whatever the available dollars were into something which has a little longer-term opportunity, and placing the dollars against a card swipe reader would provide access to a much greater range of information, to the point where it may be possible for the ministry to comment on the validity of a variety of pieces of information rather than simply validating a signature on its own.

Through card swipe technology, with access on a real-time basis to the ministry's database, the physician, the provider, could query the database and get a yes/no response as to which field was invalid. By doing that, without revealing the information directly, at least they're able to zero in on what the particular message might be and also be able to have the ministry give a message to the physician to say, "This card is invalid; please withdraw it from service," or, "Please have the patient contact the ministry office because" -- for whatever reasons the ministry might have. In fact, I think it might be better to have physicians trained to use that kind of technology rather than something which would have a relatively short lifespan, in my estimation.

Mr Callahan: I can't go again because the time's up for me, but I'll try to get to that again in another round.

Mr Berwick: Okay.

The Vice-Chair: We'll go on to the Conservative caucus and begin the questioning with Mr Wilson.

Mr Jim Wilson: Welcome, Dr Dickson and Mr Berwick. We certainly appreciate your taking the time to bring some of your expertise to the committee.

I have a number of questions, the first of which is that I too am worried that perhaps with the government's intention to introduce a photo on the health card, it really is a stopgap measure. Mr Decter, when he was here before the committee last week, indicated, I think very honestly, that he's really stuck between the pressure that the public and politicians are putting on him to do something immediately to try and get the fraud as close to zero as possible and the fact that he probably, if he had his druthers, would like to look at all the available technology and take a long-term decision on this.

We'll be meeting on Friday with Quebec officials. I've had preliminary discussions with them. There are a lot of problems with respect to the photo ID, and they are, to a great extent, now downplaying their selling job with respect to how far it will go to eliminating fraud because, as you know, they have some exemptions. For example, disabled people are exempted from getting their photo taken, children are exempted from getting their photo taken, and some other groups in society are exempted. I don't know whether they'll admit to us on Friday whether they feel it's a stopgap measure, but certainly, with the discussions we've been having to date, it seems to be.

Do you have any comments on that? You've obviously said you're supportive of it, but my worry is we're going to spend 50 million more dollars and five years from now we'll be all back at this committee, God willing, and discussing the same issue all over again.


Dr Dickson: I think, to be fair, we're not suggesting that the photo ID card is the solution. There is not one single solution. As I mentioned earlier, we believe that is part of a strategy that basically has four legs. Probably the other major part is the registration process: give the card to the right people in the first place.

There's no reason why you can't incorporate some electronic confirmation process into a photo ID card, but we don't see another method of preventing people from lending their cards unless there's some way of ascertaining whether in fact the person standing in front of you is the one who legitimately holds the proper card. You can validate a card and prove that the card is valid, but if there's no way of proving that the card holder is the valid card holder, that's what happens now. People present with a card, the card is perfectly valid, I get paid for providing the service, but the person may be from overseas, and I have no way of determining that. Unless you combine the photo ID card or some kind of proof of identity with it and some electronic verification, I don't think you're going to capture everybody.

Mr Jim Wilson: Along that line, you talk about the four legs. I'm wondering if you're also considering having patients sign for their bills, or sign the bills they receive that are submitted. That has been very much part of our thrust. When we initially thought maybe photo IDs weren't such a bad idea, we had a number of things. One is for patients to sign the bills the physicians submit to OHIP.

Dr Dickson: I think we'd all like to think that would have an influence on everybody in the system, both provider and consumer. Having worked in a system many years ago that was not dissimilar to that when patients really did know what the value of the services was when they went out of the office, it does have an effect on everybody.

The difficulty is that to have the patient sign the bill requires that the physician in fact is going to have to create that bill before they walk out of the office, and the way offices are currently constructed, that's not necessarily easy to do. After surgery, for instance, that would be very difficult to do. You're hardly going to present the bill in the post-op recovery room. It would not be appropriate.

The other thing is that my understanding is that in Alberta they have tried a pilot study of people signing the bills or sending annual statements. My belief is, and Peter might want to correct me, that it did not have that substantive an influence on anybody in the system, either the provider or the consumer.

Mr Jim Wilson: With respect to the photo ID, it is news to me today that the government has indicated to the OMA the speed with which it plans on bringing in the new system. I think you've been misled. Mr Decter was here last week saying that the likelihood is 5 to 10 years, more than 10 years. One of his best-case scenarios was that he can't replace cards out there much better than the rate of about a million a year. You've got 10.2 million citizens. That's at least 10 years. He still didn't answer the question, for example, if I never access the health care system in the next 10 years, how in the world --

Mr O'Connor: He said going through the present system.

Mr Jim Wilson: No, the decision that cabinet will take is on what speed.

How in the world will they ever renew my health card to get a photo on it unless they do a recall? Have you asked the government to do a recall of the health cards that are out there now?

Dr Dickson: I think there's always been an understanding that there has to be a cycle time on even the cards that are out there now. The current red-and-white cards seem to have a pretty short lifespan. They're very brittle and they're being replaced significantly. I think any card, no matter what you put out there, probably has to have a three- to five-year cycle time on it and have it replaced. I'd be very disappointed if in fact there weren't some kind of faster --

Mr Jim Wilson: A major push put on.

Dr Dickson: Waiting 10 years, I think we'd be very disappointed. Three years is what we've been promised, and we hear rumours of five.

Mr Jim Wilson: I just wonder, because in repeated questioning, Mr Decter last week would not give us a three-year time frame. In fact he said he didn't want to pre-empt what cabinet might decide. It's interesting to know that you guys know what cabinet has decided. I guess he won't tell a legislative committee.

He's also indicated one thing he's not made very public, but Quebec of course charges $10 for the new photo card. To me, that's a user fee directly on access to our health care system. Mr Decter has said that yes, in all likelihood there will be a fee attached to the new card. Given that there's a lot of mythology about user fees -- I contend, and I believe I'm correct in saying there are hundreds of millions of dollars in user fees currently in our health care system; we just can't get politicians to admit it -- this would be another user fee. Does that bother the OMA? Would it not be a direct impediment to access to the health care system, given that you will need your photo ID card more than ever to access the system?

Dr Dickson: We don't really have a view on whether the card should generate a charge for replacement or original granting of it. That's a government decision. It's a policy decision they'll have to struggle with. I don't know that I personally would equate it with a user fee. A user fee I think is a fee that's charged directly in conjunction with the delivery of an individual service. I think it raises some concerns, but I think that's the concern of politicians. I'll leave that one to you. I'll duck.

Mr Jim Wilson: I appreciate it. Thank you.

The Chair: Mr Tilson?

Mr Tilson: How much time do we have?

The Vice-Chair: You have about six minutes.

Mr Tilson: Thank you. Mr Decter did explain to us, as I'm sure you are aware, that the process to reach the photo card, although he was very vague on specifics as to what the photo card was going to look like -- presumably they're still working on it or need cabinet approval or whatever his rationale is. But there's no question that there's going to be some period of time. We know there's going to be an interim card. He indicated that there would be an interim card. He showed a sketch of what that would look like. You have indicated that, notwithstanding an interim card or the preparation of a photo card, there are replacement cards going on.

All the public knows and all we know is there is fraud going on. It's debatable whether it's $20 million or $1 billion. There's figures all over the map as to what they are, and I don't want to debate that.

My question to you is as to what your thoughts are, from your association's thoughts or in your discussions with the ministry. The public realizes that its health system is really going down the tubes because of the unbelievable cost. Fraud is only one element of that, but they simply will not stand for the continuation of fraud. There doesn't seem to me to be an immediate plan to stop the fraud, even an answer to a simple question which you have raised yourself, a second piece of identification. I'm talking about the red-and-white card, which is going to continue for some period of time, at least the next few weeks and presumably a period of time. But there doesn't to be an immediate plan to stop fraud. Have you any thoughts on that?

Dr Dickson: The agreement with the government does contemplate some measures being brought into place where physicians, if they doubted the validity of the card or the identification of the cardholder, could in fact ask for another piece of identification, but that has not proceeded as yet. We do contemplate some verification process at the point of delivery.

Mr Tilson: Do I sense some resistance from your association to getting involved in the policing of this?

Dr Dickson: I don't think there's much doubt that most physicians will find anything that generates a confrontation, or at least a potential confrontation, with a patient very uncomfortable. That's not what we're trained to do.

Mr Tilson: The difficulty is that we're part of a system, a state-run system, whether we like it or not. However, it's a state-run system. It's a system that's paid for by the state and the medical profession is part of that. Isn't there an onus on them, notwithstanding what their training is, to assist in dealing with that? I would hope that the association would be very active in assisting the government, and hence the public and hence their patients, in doing whatever they can do to reduce fraud.

Dr Dickson: Absolutely. But what we need is some help. We don't want to try and do it on our own or to be left out in a situation where we don't have the information needed to make the decisions. We need government's help.

Mr Tilson: Mr Cooke, in his press conferences as the interim Health minister, made a suggestion that the providers of health services could be prosecuted as well for their involvement. That's what he said at the press conference, that we're dealing with fraud.

Dr Dickson: Okay.

Mr Tilson: I raised my eyebrows too. I don't know what that meant. In fact, I asked Mr Decter for specifics and I really didn't get any specifics. In your discussions with the minister or the ministry officials, was that topic raised or dealt with?

Dr Dickson: That's not a new topic. In fact, I think we all understand that in a system as large as 120 million services provided per year by physicians, at some point in time someone is going to bill inappropriately. There always has been a process in place where OHIP will examine billing patterns and records. They do verification and mailouts for services and whether they've been provided and physicians do in fact find their billing patterns being checked up on by the medical review committee under the College of Physicians and Surgeons. That's not our mandate, that's the college's mandate. And in fact some physicians are found guilty of inappropriate billing and funds are recovered. That's not a new thing; that's always --


Mr Tilson: I'm aware of that, and of course the public has questioned that, quite frankly: whether the process is strict enough to detect that and whether the process is strict enough in dealing with doctors who have overbilled. In your discussions with the minister or any of the Health officials, did you pursue that?

Dr Dickson: Only to the extent that it's my understanding that they are going to be devoting more funding to the services that support the medical review committee so they can investigate more cases, because there is somewhat of a backlog.

Mr Tilson: We spent a lot of time this morning with the privacy commissioner and the subject of confidentiality. You haven't spent much time on that. Have you got any thoughts that might assist us?

Dr Dickson: I think we all understand, and you probably better than I, having heard him speak, but we're all aware of the fact that physicians at this point in time cannot divulge information on patient contacts to a third party without the patient's agreement. Clearly, any system that requires physicians to report must have some kind of statutory change that in fact protects physicians from liability. Otherwise, you can't expect them to be involved in any kind of enthusiastic fashion.

Mr Tilson: So physicians --

The Vice-Chair: Sorry, Mr Tilson. The Conservative time has expired. We go to the government caucus. You have five members who have indicated they'd like to ask a question: Dr Frankford, Mr O'Connor, Mr White, Mr Sutherland and Mr Martin. You have 15 minutes. Go.

Mr Frankford: Can I ask for some thoughts and experience around something that has not been mentioned, which is the question of unregistered legitimate people? This would include, as big groups, street people and natives. It seems to me there are real ethical clinical dilemmas and questions about remuneration when people in those groups turn up, possibly quite sick. Should there be some way of instant good-faith billing? Would that undermine the whole system? But is there perhaps some ethical obligation to have something like that?

Dr Dickson: I think all of us understand clearly there are groups who, no matter what system you put in place, aren't going to register and be participants in the system, for lots of reasons we all understand. A good-faith policy for emergency care in hospitals would be a good start, and I think the government had indicated some thoughts towards that. I think that's currently the situation in Quebec. That would be a good start.

Clearly, it would be against the ethics of the Canadian Medical Association to deny emergency care to any individual because of some proof of payment or anything like that. That just simply is not proper conduct, and I think my colleagues would agree with that.

But I think maybe we have to look at a better way of targeting the people who are disadvantaged and community clinics in downtown areas and that kind of thing where in fact some sort of identification isn't necessarily required. I think it's probably the only way you're going to really target those people. You may need a special strategy to target those people.

Mr O'Connor: I guess to start off with, to give you some comfort, I know you've gone through a process this summer of negotiations and have identified your preference for a photo ID. My colleague across the committee room has suggested that's going to take 10 years. In fact what Mr Decter said to the committee earlier on in this hearing process was the fact that in the present system, in going through changes, like through the version codes and people aging and births coming in, it would take approximately 10 years to go through a revision process just the way it is now. There was no suggestion that we're going to wait for 10 years before we do anything or that the process itself could last 10 years. The cabinet of course will have to decide on how this will be paid for, and of course that's cabinet's job to do. The government itself will not support user fees and look at this, I'm sure, as a user fee if there's a cost established to that.

You've raised a number of issues. Your request for regulatory protection in going through trying to help involve the doctors in this challenge is a very reasonable one, and I'm sure you'll work with us in trying to make sure that is possible.

One thing that hasn't been decided upon, though, is the renewal, the length of time, the expiry dates. I note by looking at information that was provided to us that Quebec, for example, which does have photo ID, has a four-year renewal process. Alberta is two years, Saskatchewan is two years and New Brunswick is three years. The other provinces don't have a renewal cycle.

I guess maybe I could ask you for some help on what you think might be a good use. I think likely in the Quebec model they looked at the four years because of the cost. It would allow the costs of renewal -- it will be expensive, so to take a period over a longer period of time.

How would the photo ID -- digitized, whatever that element be -- improve the unique identifier element, which of course is what we want to look at? It's where we as health care providers can look towards long-term planning in health. How does the photo ID then improve that unique identifier, or is it just an element that's going to help us with the fraud part? And your thoughts on long-term care facilities and the seniors in there: What do we do in those places? How do we identify them? Should there be exceptions or whatever? If there are exceptions, then of course that sends flags up that we have exceptions that we're going to hear about. Perhaps you can address that in the period of time that we do have.

Mrs Sullivan: In 30 seconds.

Mr O'Connor: Thank you for your patience. I'm trying to kind of spread it out in what limited time we do have.

Mr Berwick: The renewal cycle that we requested during our discussions with government centred on, first of all, a cabinet submission being made, which is under way. I don't have any further details about the cabinet submission than any of the rest of you do; neither do I have any understanding of what the details might be. However, it is our understanding through our discussions that there could be introduction of a photo ID by August or September of next year, and that within 36 months following that there could be a photo ID rolled out to everybody in the province.

The renewal cycle that Michael Decter talked about last week was a million cards renewed on an annual basis, with registration for between two and three million depending on whether you talked about a three-year or a five-year cycle. I think our preference is for a shorter term because it does certainly help physicians who are not automated in identifying individuals as they present at the office. So by producing the card, you can see whether the person is in fact the right person. That is something that can be done and start to take effect as of the introduction of the first card.

Mr O'Connor: Renewal cycle: Any suggestions on length of time in long-term care facilities, as an example of -- that's a problem.

Dr Dickson: I think 36 months, you were suggesting.

Mr Berwick: Yes, 36 months was something that we came to an informal agreement on within the contract, as I recall, but that was the target that we agreed to.

Mr O'Connor: I appreciate that.

Dr Dickson: Just a comment on the photo: Is there any other use to it other than fraud? I think I alluded originally to the database. I think you were talking about planning and health care planning. I guess the comment I would make is that when we're looking at health care planning and trying to do some data -- and David Naylor at ICES is going to produce a document later this year. When we're looking at who uses the system, how, and what the differences are around the province, we have to look at geographical data by county and possibly by municipality.

If the person using the card is not the legitimate cardholder and in fact is someone else and is receiving care, and if in fact 26% of the addresses are out of whack, as I understand they are right now, then clearly the database is corrupted, and with any kind of comparative data you'll be working on very shaky assumptions in making health care planning decisions. So it has to be cleaned up now, because the longer it goes, it just gets worse and worse.


Mr O'Connor: But photo ID, then -- I used the example of long-term care facilities. These people aren't moving about too much and we're not going to see them having a lot of wrong addresses.

Dr Dickson: What you could do in a long-term care facility is that you could grant an exemption by notarized letter from the physician or somebody, whoever is in charge of the facility, and they would be exempted from the use of a card, because that's where their care is going to be delivered anyway. They're not exactly going to be out around the community that much.

Mr White: I was very impressed with your presentation, Dr Dickson and Mr Berwick. You went through and we heard testimony this morning in regard to smart cards and photo ID and other tools.

There was an analogy you brought up earlier on, and that was the issue about gun control. I think it's not an entirely inappropriate analogy. In terms of gun control, certainly gun control reduces the incidence of murder and violent crime. It doesn't eliminate it but it certainly reduces it, and this, I think, is the intent here. You're always going to have someone who somehow is going to obtain a card fraudulently or obtain access to the health system fraudulently, but what you want to do is to reduce that very, very significantly.

We don't know what the actual costs are at the moment, but we want to determine a technology which will hopefully reduce that to an absolutely minimum. I'm very impressed with the number of physicians whom I've spoken to who have the same concerns that you have and have expressed them very eloquently to me, and with the good research you've done. All those points that you brought up and that are very, very well researched obviously show a commitment on the part of your profession to the use of the card, to a clearing up of eligibility.

I want also, though, to ask about a very simple thing. As I was thinking about health care fraud or card fraud -- I'm thinking as a health care professional myself, as my colleague here is as well -- they are personal services. Most physicians know who their clients, their patients, are. As the gatekeepers, most often those physicians know where their patients live, and there will be some exceptions and some emergency situations or whatever, but this emphasis on eligibility does put physicians in a very different position than they've been used to.

Many of the physicians whom I've spoken to spoke about all of these anecdotes about fraudulent use, but they were situations that they were aware of. They knew that this patient of theirs was not a resident of Ontario. So I guess what I'm saying is, this is a tremendous change and, as the gatekeepers, it puts your profession under a real onus and a real difficulty in ensuring that those cards are valid, and essentially in acting like an enforcer. I'm wondering if you could comment on that.

Dr Dickson: Just a comment that you're right, that most primary care physicians do have a pretty stable population and do know their patients. As a consultant, I only see people on referral, so probably half to two thirds of the people I see on a daily basis, I'll see once and never again, so it's a one-time encounter. So there are people like myself, and probably a third of the profession at least is in that situation.

You're right, and I can't agree with you more that the idea of getting involved in policing, no matter how gently you describe it and what words you use around it, is awkward. It makes physicians feel very awkward because it does introduce a certain kind of element of confrontation into the patient-physician relationship which none of us feel really very good about. None the less, we're prepared to do our bit, but I just appeal to all of you that we need government's help in giving us the information to make our decision easier and that we need some backing.

It's a societal agreement, and you're the representatives of society. As long as we all agree this is how it's going to be, then fine, we can live with that. But don't ask us to make ad hoc decisions based on poor information and then accept the consequences. I think that would be unfair, and I don't think physicians will do it.

Mr White: Even though in your situation, Doctor, you were saying that as a consultant you only see people on referral, those people would be on referral from a general practitioner, who again would be working on their stable client base, so there would be still a gatekeeper physician.

Dr Dickson: Yes, that's a good way of getting information when I run into problems, but a lot of referrals come from walk-in clinics or from emergencies. I'm on call one night in four, so a lot of my patients are seen in an emergency department, and that's where the big problems arise.

The Vice-Chair: There are only about two minutes left and we have Mr Sutherland and Mr Martin. I was going to go to about a four-minute rotation afterwards to take us to the end of the witnesses' time. If you like, I can add that on so you can both ask your questions now.

Mr Kimble Sutherland (Oxford): Sure, we can do that now.

The Vice-Chair: Okay, Mr Sutherland.

Mr Sutherland: I want to come back to Mr Wilson's question about having the patients sign for the services they receive. You mentioned in your presentation about accountability for use of the cards. In response to Mr Wilson, you talked about -- well, obviously in a surgery-type situation, you wouldn't want to have them sign right there, but if we're talking in a general family practice at the office, why would that be such a difficulty? If I go to the dentist, the dentist is able to produce a bill right then and there. Don't you think it would create a greater degree of accountability in terms of the patient understanding what services you provide?

For example, I get many people calling me regarding pharmacists' dispensing fees. They want to know what the fee is for. I've had pharmacists explain to me what the fee is, and I encourage constituents who call me to ask their pharmacists in terms of what types of services they're being provided for the fee that they are charging.

You talked earlier about education about the system. You were specifically referring to health cards and the use of them. We've heard the term "passport." We've heard references to credit cards, and with normal credit cards you have to sign and you see exactly what the services are and how much those services cost. Wouldn't it seem to make sense as a good initiative for educating the public about the costs of the services they receive, making them aware as a very good public education process?

Dr Dickson: Not to be facetious, but we have tried. The ministry in fact has mandated that it wants to move towards electronic input for billing. In fact, they mandated the electronic submission of billings a few years ago. We were submitting about 60% of claims electronically; we're now up to 95%, so in fact we're into a situation where it's a paperless transaction. There is no bill created in most physicians' offices. So to go to that kind of format would in fact create a duplicate paper system, and I thought we were all trying to get away from that.

I understand what you're after and I think maybe public education can be approached before they even get to the physician's office. Government has indicated its willingness to go into a public education campaign that health care is not free, that it's very expensive and we should use it wisely. Patients are the ones who initiate the process, and I think government should really let the public be aware that this is not a free service, that it is a very expensive service.

Mr Sutherland: Just one quick question. Would having the fee schedule posted in doctors' offices help?

Dr Dickson: I keep one, actually, in my office and patients frequently like to look at it. It's often not that instructive because it's a huge document and very complicated.

The Vice-Chair: Thank you, Dr Dickson. Mr Martin has asked that we just revert to normal rotation, so we'll go to the Liberal caucus with four minutes.

Mrs Sullivan: I wanted to clarify what the position of the OMA is now with respect to the contract which was signed in August. As I hear your testimony today, while the schedule 2 to the agreement indicates that interactive voice response technology should be made available to all physicians, and that was part of the agreement, part of the contract, in fact what you're saying is that you don't want it, it doesn't work, it's complicated and slow, as was demonstrated before the committee the other day, and in fact your preference is for swipe technology that would be introduced into physicians' offices, which your agreement calls for in 50 hospitals at the beginning, but the introduction of that technology would be at the hospital level.


That brings me again to the photo card. If between now and the time the deputy goes to cabinet, or when cabinet decides to make a decision with respect to a technology to assist with the identification, a different and perhaps superior technology was recommended to assist with the identification and tracking of eligibility, how married are you to the contract which you signed?

Dr Dickson: I guess the first simple answer is that we didn't get everything we wanted.

Mrs Sullivan: Come on; we know that.

Dr Dickson: To go on from that, we're looking for solutions. If in fact somebody comes up with a better mousetrap, some other way of detecting fraud that will identify patients who really should hold a card and is easier to work than a photo ID card, we're quite willing to look at it. There have to be people out there with lots of good solutions. We're not wedded to one absolute, final answer. This is what we came up with in August under some unusual circumstances. If somebody can come up with a better idea, then that's fine. For now, until we see the better idea, we'll stick with this.

Mrs Sullivan: But am I correct that Dr Berwick has indicated to us that the paragraph on the IVR is not now the OMA's preference for physician office use?

Mr Berwick: By the way, I'm not a physician or a doctor.

Mrs Sullivan: Sorry.

Mr Berwick: That's all right. The IVR system is a solution for physicians who are not automated and, in the absence of an installation of a point-of-service card swipe reader, the IVR serves a purpose. We would hope that the IVR system could be expanded to yield more information, but in the absence of that, it still does serve a purpose for physicians who remain unautomated.

Mrs Sullivan: So the 5%.

The Vice-Chair: You've got about 30 seconds, Mrs Sullivan.

Mrs Sullivan: Okay. We don't have much time, but my understanding is that now physicians are being advised not to report suspected fraud or fraud which they have detected. You have indicated that you are looking forward to legislative or regulatory change. Where do you see that coming, in RHPA or in special legislation?

Dr Dickson: In the Health Insurance Act.

Mrs Sullivan: Okay, as a regulation. Thank you.

Mr Jim Wilson: In the interest of not repeating mistakes of the past, I'm quite curious -- and it's something we haven't really examined in depth in this committee -- how we got into this mess in the first place.

Mr Callahan: You had 25 million names in here.

Mrs Sullivan: I tell you I wouldn't push this button if I were you.

Mr Callahan: You provided us with --

Mr Jim Wilson: No, I have no problem pursuing this. I want to know, while I have the opportunity and the OMA is before the committee, what flags the OMA was raising back in 1989-90, when the government decided to push through this rather hurried and ill-thought-out health card scheme. Surely you were raising these flags at that time.

Dr Dickson: Yes, we were. There was a lot of debate at that time about how easy it was to get the health card. In fact, the transition period had to be extended because the cards couldn't be rolled out quickly enough, and I think there was a tremendous push. Because of deadlines, they were rolled out very quickly, because we didn't want people dropping out of the system. In the transition period between the OHIP number and the health number, there were some real problems with payments for physicians. We had a terrible time with delay in payment to some of our doctors. It was a real problem. We've overcome it, but yes, we raised the same concerns at that time.

Mr Berwick: If I can comment on that, the OMA did participate on a regular basis with the ministry at several levels, as the information technology strategic plan as it existed under Dr David McNaughton's tenure was something that we followed. We participated in the steering committee and the working committees of both the smart card pilot project and of the data standards project, and we continue to work with the ministry using some of the guidelines that still devolve out of that IT plan.

Mr Jim Wilson: Then why is it apparently quite a shock to some of your members, physicians in the province, that they're now being asked to police the system? Again, you must have seen back in 1989-90 that this was exactly where the government was heading. If there's no upfront verification on behalf of the system that's been put in place -- the government had no intention, I guess, of doing it at the time -- that eventually if there was fraud in the system, physicians would be asked to police the system.

I want to say for the record that I have tremendous sympathy for physicians now who have to police the system when they didn't ask for such a fouled-up system to be introduced in the first place. I want your comments on that.

Dr Dickson: We did have a similar situation prior to the introduction of the health number, when there were all the OHIP numbers extant. What we in fact did at that point was that there was a policy that the government adhered to called the J8 policy. The J8 is simply a good-faith policy so that when a claim was submitted for an individual encounter with a patient and the number was invalid, the government paid the first claim on good faith.

Mr Jim Wilson: What do they do now?

Dr Dickson: Well, just a moment, they paid the claim in good faith and then sent a notice to the physician with a J8 code, which means that the next time that patient comes and sees you, you will not be paid. The routine practice was that the physician would then track down the patients -- or this is what my secretary did -- and let them know, "You've got a problem with your card and you better fix it because the next time you're going to run into some problems."

What happened was that the government dropped the J8 when they enforced the version code back in February, so even though you saw the patient in good faith who you thought had a valid card, the government in fact withdrew payment and left the policing to occur after the fact. It just created problems; there's not much doubt about that.

Mr Tony Martin (Sault Ste Marie): Yes. I find all this very intriguing and interesting. This is my first day on the committee, but I've certainly been aware of the issue out there in my constituency. It was suggested a while back that perhaps the government isn't doing anything in front of the question, the issue or the reality that there is fraud in the system.

I sat last week with a couple of constituents who are in fact in the process of having to provide further documentation to the ministry because the ministry is out there trying to verify the legitimacy of various cards etc. The ministry is working very hard to try and make sure in the interim, until we change the system, that we are catching as many as we can who might be defrauding the system.

I find it somewhat unfortunate that at a time when we're changing the system and trying to make it better, moving the emphasis around long-term care, health promotion and prevention and those kinds of things, we would be putting so much emphasis on this question of fraud, and perhaps because of that, in my mind, being pushed into doing some things that maybe aren't in the long-term interests of the health care system.

My colleague Dr Frankford has been raising the idea, I believe, of maybe another system of making sure that the health care system in Canada, in Ontario, is in fact universally accessible that doesn't have anything to do with cards but has a lot to do with the way we bring those who deliver the system into another way of perhaps remuneration.

In Sault Ste Marie, and he's referenced it often, we have the Group Health Centre where it's not a fee-for-service but another arrangement that is made with the academy. I had an occasion to speak with a doctor there recently when I brought my son in. The comment he made to me which really felt good was that as a member of the Group Health Centre, he doesn't have to worry about all the administration and billing and those kinds of things. He comes in in the morning and he's thinking about his patients; when he leaves at night he's thinking about his patients. When he goes away on vacation, somebody else picks up the load and he comes back, he's refreshed and gets back into the business again.

Was there at any time in this whole process, and perhaps before or at other moments around other tables, any thought given to other systems that might work better than now setting up another bureaucracy to police a system that's already costing so much to deliver?

Dr Dickson: The OMA has a long-standing policy that we support the development of alternative payment systems other than fee-for-service as long as they're scientifically evaluated and there's a freedom of movement of both patient and provider from one to the other.


I think to assume that an alternative payment system such as the Sault clinic solves its problems of potential fraud, because of the payment method, I think is an oversimplification. I believe that they don't have a problem or should not have a problem with fraud because of identification. They've got everybody in their database. The same applies, no matter what your method of payment, to a large family practice with a roster of patients in any case. The same problems occur with identification when those people go elsewhere, to another county, to another city or to another country. So the same problems occur. I don't think the payment mode is the solution; it's the identification system. You could have a good identification system under fee-for-service or under an alternative payment system.

We currently have, I understand, about 150 alternative payment situations around the province. In fact we set up, with our agreement, a task group that's to look at exactly that very thing, different ways of delivering care, because quite frankly in a lot of situations fee-for-services doesn't make sense; in a lot of other situations it's by far the best method of payment. We shouldn't be wedded one way or another to either system as long as there's a free and open exchange and we don't have an ideologic basis for determining one way or the other, to look at it and examine the data scientifically and go in the direction the data indicates.

The Vice-Chair: Dr Dickson and Mr Berwick, I'd like to thank you very much for appearing before our committee today. We found your testimony to be very valuable, and quite frankly, if time had permitted, I think we could have used another hour or two with you. So thank you very much.

Dr Dickson: Thank you very much. I enjoyed this.


The Vice-Chair: Our next witness will be from the College of Physicians and Surgeons, Dr John Carlisle, the deputy registrar.

There is a written presentation that has been submitted by Dr Carlisle that the clerk is distributing right now, as Dr Carlisle gets seated. We'd like to welcome you to the committee. If you would first of all like to go through your presentation. Of course, we would welcome time for questions and hopefully answers at the end of your presentation.

Dr John Carlisle: On behalf of the College of Physicians and Surgeons of Ontario, I want to thank you for the invitation to discuss with you questions surrounding the suppression of fraudulent use of the Ontario health system, and in particular fraudulent use of health cards.

There can't be any doubt that all the citizens of the province support the Ontario health insurance plan and the government in its efforts to reduce the depletion of our scarce health care resources, which occurs when these resources are fraudulently obtained by persons who are not entitled to them. The college is ready to do anything it reasonably can to assist you in your efforts to reduce the losses incurred by our system due to such dishonest activity.

My purpose here today is to discuss a couple of issues relevant to health care fraud and the reporting of that fraud by physicians which, in the view of the college, should be carefully considered before any regulatory or statutory measures are undertaken in this area. They are matters which arise directly from the college's concern with its primary mandate, which is to protect the public interest in relation to the rendering of medical services. The Ontario Medical Association very ably represents the interests of physicians in this and all other matters, and it's not our intention to intrude upon this role of the association. Our duty is to the public interest, and it's in that context that I want to raise these issues.

The confidential nature of the relationship between the doctor and his or her patient is and always has been one of the central core values of medicine. The College of Physicians and Surgeons feels very strongly that the relationship of trust and confidence that doctors enjoy with their patients is central to the benefit that medicine is able to provide to those patients. If the patients do not go to the doctor when they feel the need of medical care or do not feel free to tell the doctor with the utmost candidness everything about the problem, even though it may be very private or embarrassing, the effectiveness of the treatment is limited and the effectiveness overall of the health care system will be limited.

Having regard to that fact, it is therefore very important that while we pursue highly legitimate goals in the administration of the health care system, we do so with some sensitivity to the importance of confidentiality and the utmost trust in the relationship between the doctor and patient.

The college is concerned that any program which puts the primary responsibility for policing the OHIP system in the hands of the physician, which incorporates or is perceived to incorporate significant breaches of physician/patient confidentiality may, unless carefully planned, have a very damaging effect on the health care system and in particular on the delivery of health care to those vulnerable individuals that most need protection.

I'll give you an example of what I mean. Many patients come from groups which may have been unfairly marginalized in society, either ours or another. Some may have only recently become Canadians, having come from countries where totalitarian regimes rely on reporting of citizens by professionals and others to secret police organizations. Even a very well-thought-out and socially appropriate scheme to control abuse of the health care system may be misperceived by some of these individuals, and fear and misunderstanding may lead those persons to avoid seeking health care to which they are clearly entitled and which they may badly need.

There is a further possible complication in developing a system to stem abuses of the health care system: Both patients and physicians do not understand the specific legal meaning of words like "fraud" or "abuse." These words are used and misused in everyday speech, and in law they can have very specific meanings. Without a very careful publicity and educational campaign about the program to be introduced, patients may misunderstand and may fear to seek care.

Our experience with other mandatory reporting schemes in medicine, such as those required by the Child and Family Services Act in relation to child abuse and by the Highway Traffic Act in respect of persons unfit to drive, is that physicians will be very fearful of failing to report in the required manner and will be very compulsive about reporting. Unless very clear language is used and very clear circumstances are described in which the report must be submitted, physicians will also be fearful of the system, unclear as to when to report and likely to overreport in circumstances where it is not reasonable or appropriate to do so.

Very few non-lawyers, including physicians, understand the technical meaning of the word "fraud." We regularly receive telephone calls from physicians who believe that fraud has been committed because the patient has visited more often than the physician thinks is necessary, even though the visits may have been entirely appropriate from the patient's perspective. We receive telephone calls from physicians who believe that patients who came to the emergency department when their family physician was unavailable had committed fraud. It is evident to us from our experience that words like "abuse" and "fraud" have to be very carefully defined in the mind of both the physician and the patient if a mandatory reporting system is not to produce more harm than it does good.

An emergency physician, one who's had considerable involvement with government over the years, called me just last week to tell me that several elderly patients had been very reluctant to see their family doctors in follow-up after his treatment in emergency, despite his emphasis on the importance of the visit medically, because they didn't want the government to think that they were abusing the system.

Naturally, any patient who is reported by a physician as having been guilty of some wrongdoing and who is subsequently exonerated will be very angry and will want to file complaints about the physician or even launch civil lawsuits alleging defamation of character and breach of confidence. We can foresee circumstances, in the absence of a very careful drafting of whatever provision you decide upon, wherein the system of reporting by physicians will produce a large number of complaints and even a certain number of civil lawsuits such that physicians may be significantly deterred from reporting.

If a report is required and a physician fails to report, then there will also arise the difficult question of whether the physician, in those circumstances, is liable to professional or other charges.

In order to deal with the foregoing concerns, the college proposes that if there is to be physician reporting the system providing for it should have certain features.

First, we would suggest that the requirement to report should be triggered by a very specific, easily identifiable circumstance which is not defined by loaded legal words which may not be understood by the parties to process. For example, we would not recommend that the requirement be for physicians to report patients they suspect have committed fraud. The words "suspect" and "fraud" will, in our experience, cause significant difficulties.

We would suggest, in the alternative, that something like a requirement that the physician report when "he or she has reasonable and probable grounds to believe that the patient has submitted an OHIP card not issued for the patient." This is an understandable principle which, with enhanced ID cards, will be something easy to identify and can be easily understood by patients. If you present somebody else's card to the doctor or hospital, you will be reported.

In addition, a requirement could be to report where the physician has reasonable grounds to believe that the patient is not eligible for coverage. This is a little less definite, and if one looks at the printed version of what the eligibility rules for coverage, it might be awfully difficult for some people to understand, but it's at least adequately understandable, probably, by most parties. Both examples would avoid the use of loaded legal words.


Because of our concern, previously stated, that confidentiality is so central to the nature of the doctor-patient relationship, we are concerned that the obligation to report not be placed as an exception to the core value of the profession which will be set out in the regulations under RHPA.

You may observe that in all other mandatory reporting schemes currently in force the provision is contained in the statute governing the subject matter to which the mandatory report is related. Thus the requirement to report unfit drivers is found in the Highway Traffic Act, the requirement to report child abuse is found in the Child and Family Services Act, the requirement to report unfit pilots is found in the federal Aeronautics Act.

For this reason, it seems both logical and desirable to us that the requirement to report, if there is to be one, be contained in the Health Insurance Act. Since there are proposals to amend the Health Insurance Act currently before the Legislature in Bill 50, this should present no procedural difficulties.

We would ask you most earnestly not to incorporate this requirement as a general exception to the confidentiality provisions in RHPA, because of the deleterious effect this will have on the statement of core values so important to our profession and so central to the appropriate relationship between the doctor and the patient.

In a similar vein, we point out that the regulations under the current Health Disciplines Act and the proposed regulations under the Regulated Health Professions Act follow directly from the words of the Canadian Medical Association Code of Ethics. These regulations make it clear that the physician shall give no information concerning the condition of a patient or any services rendered for the patient to any person other than the patient without the consent of the patient unless the physician is required to do so by law.

Accordingly, to be consonant with that regulation, the requirement to report whatever indicia of health card fraud may be decided upon must be a requirement of law. The passage of a regulation or section of the Health Insurance Act giving merely the option to report will have the legal effect of making the report illegal.

In short, because of the provisions of the Health Disciplines Act and RHPA, in order to be allowed reporting must be required and not merely permitted.

In summary, the college supports you wholeheartedly in your efforts to suppress the fraudulent diversion of health care resources by fraud on the system. We ask you, if you decide to create a requirement for physicians to report fraudulent activities on the part of patients, to make that requirement in the Health Insurance Act, to make it as specific and clear as possible, so that both doctors and patients may understand it, and to very carefully consider the words used so as to promote that objective.

As much as we support you in your desire to suppress health care fraud, we ask you to carefully consider the effect your proposals may have on the relationship between doctor and patient and to consider the possible deleterious effect that the fears engendered by the proposed system in persons who are not sophisticated in legal terminology may have on the health care system.

To the extent that the college can helpfully participate in creating or reviewing those words, we'd be very happy to do so. To the extent that we can use our publications or our contact with our membership to spread the word and make the system you decide upon more effective within the profession, we'd be very happy to do that too, both on our own and in cooperation with the OMA.

I'd like to thank you for your attention to these couple of points.

The Vice-Chair: Thank you for your presentation, Dr Carlisle. We'll now go to questions by members and we'll start a rotation with the official opposition. I think we'll have 15-minute rotations and we'll start with Mrs Sullivan.

Mrs Sullivan: As you can see, we were proceeding immediately from the OMA right into these very questions that you've put on the table. I think they are important ones, and it was a nice way to move from one section to the other.

Your paper I think explains the rationale for using the Health Insurance Act better than any argument that we have seen in the past, and I think this will be useful. I hope that you will also impress upon the Ministry of Health people your request with respect to not only the simplicity but the specificity of the wording that would be useful for the profession.

Would you advise the committee what obligations your college members are now required to honour with respect to the divulging of information, or exchange of information, with the Ministry of Health or other health care providers, and what protocols or guidelines are in place to assist with that exchange of information?

I think that as we're looking at a database that is effective from the point of view of the money that's spent to introduce it, we have to be certain that the database is usable by the points along the system where it's supposed to be used. I think that information would be helpful.

Dr Carlisle: First, thank you very much for your comments on our presentation. I'm glad that it has in some respect been helpful. In answer to your question about the current obligation of doctors in terms of the disclosure of information, it's contained in the regulations to the Health Disciplines Act. It's section 29(23) of the regulations. It tracks, almost word for word, the provisions of the CMA code of ethics, and I expect that way back in 1975 that's probably where it came from. It defines as "professional misconduct," and I'll read the words, "giving information concerning a patient's condition or any professional services performed for a patient to any person other than the patient without the consent of the patient unless required to do so by law."

That, as you think about it for a moment, contains a number of uncertainties. For example, what's the meaning of the words, "required by law"? You might think instantaneously that it means required by statute, and obviously there are some statutes that require the giving of that information. The Health Insurance Act requires that information required to process the claim for payment for the services be given, and the patient's consent is neither required nor routinely obtained. On the other hand, it is quite possible that it means required by law in a broader sense. For those who have had some thought about mental health law, you'll know that this is currently a very hot topic in mental health law as to whether it also means, as required by common law, that there may be a duty to warn.

In any event, in relation to this issue, what it means I think pretty clearly is that the member is not to give information, for example, about the services rendered to the patient or the condition of the patient without the patient's consent. If it were necessary to report that patient Mr Jones came to the emergency department and complained of thus and such condition and received thus and so a treatment and I suspect that was all fraudulent, that he wasn't Mr Jones and that's not what was wrong with him, you would very quickly become enmeshed in a problem of information being transmitted to the authorities which is not authorized or allowed to be revealed.

If we were to get into criminal prosecutions, we all know that the rules in criminal court are much nastier than they are in administrative tribunals, in terms of the requirement to prove. The police would have to have access to the diagnostic information and to the information about what services had been rendered. All of that would get, I think, very sticky.

The clear solution to the problem, as I said in the presentation, is that whatever information is deemed, as representatives of the OMA said, to be socially appropriate to be revealed for the purpose of suppressing fraudulent claims on the insurance plan, whatever that information is, I would urge you in considering that question to consider the issues that I raised in my presentation, but whatever you decide about that, there must be a requirement of law that this information be disclosed. There are several reasons why physicians, even if they looked at it from only their own very selfish perspective, would want that to be so.

I think if you introduced any element of discretion into that, you'd have a lot of concerns about the exercise of that discretion. We're going to report people we like and not people we don't like, people whose politics we agree with and not people whose politics we disagree with, and so forth and so on. At the end of the day, our experience with other reporting statutes, such as that relating to child abuse, that relating to driving, indicates that they work best when they're applied evenhandedly across the board to everybody with a requirement that this be done. Doctors feel a lot more comfortable generally with that approach so long as the requirement is clear and easily understandable.

Mrs Sullivan: Could I move to the health cards and numbers control legislation? As I read this legislation, a doctor may well be allowed under this law to report administrative issues, if they're defined that way -- it depends on how they're defined, I suppose -- such as changes of address on behalf of a patient, and other health professionals could provide such notification to the Ministry of Health. Is there any professional limitation on the provision of that kind of information, depending on how you interpret the word "administrative"?

Dr Carlisle: Depending on the interpretation, I should think not. It's still a requirement of the law.

Mrs Sullivan: So this provision would in fact now enable a physician to participate in the verification of eligibility or the upgrade of information on the register with respect to an individual?


Dr Carlisle: I think so. It's so new that we haven't actually had an instance arise, so, as with everything legal, where it's not arisen before, one can't say with any certainty, but I should have thought so. Common sense would so dictate, I think, too.

Mrs Sullivan: What would the college's view be of a physician having direct input into the system, ie, being able to, on a two-way mechanism, say electronic mail or something, change an address?

Dr Carlisle: In terms of updating the ministry's database? I guess it's largely an administrative matter. I don't think we'd have any view of it from a professional perspective. If it were a sensible thing to do and if it were generally understood by patients who went to doctors that that would be done, there's no professional reason that I can think of why anyone would take any objection to it.

Mrs Sullivan: I guess the question arises because the commissioner on information and privacy is naturally concerned about what will be included in the documentation etc and indicates that those records in fact belong to the patient or person about whom they've been collected.

Dr Carlisle: We'd agree.

Mrs Sullivan: There have been questions raised earlier with respect to the involvement of the practitioner or facility at the point of service in either being able to update their own material or to provide information so that Ministry of Health officials can update. I'm just wondering if the college has any reservations about physicians actually changing records when they in fact maintain records in other ways.

Dr Carlisle: I don't suppose we've thought about it very directly. I would certainly agree with the position if that's the position that was taken by the privacy commissioner. I think it's rapidly becoming the accepted proposition. Certainly, I think our council would probably accept the proposition that for almost all operating purposes, records of that kind -- medical records of the patient -- are, at least for a certain possessory interest, clearly the property of the person about whom they're made. So I think that that would be the sort of approach to it that would probably condition our view of that situation.

Mrs Sullivan: The last question is with respect to changes to ensure that the physician would not have liability and your suggestion that it be included under the Health Insurance Act. The OMA suggested that it should be done by regulation. Am I reading it correctly when I hear you speaking about legislative change and that you foresee Bill 50 as an appropriate place to include that kind of a change?

Dr Carlisle: Perhaps, though I wasn't referring to Bill 50 specifically with the idea that this is the proper subject of Bill 50. I haven't analysed that, and one would have to look in the Health Insurance Act to see whether there's an authorization to make such a regulation. If there is, you can do it by regulation; if there's not, clearly you can't. My only purpose was to indicate that we believe that the provision, if there is to be one, should be somewhere in the health insurance legislation as opposed to being in the statement of the core values of the profession.

The Vice-Chair: Mr Callahan. There are about five minutes left.

Mr Callahan: How much?

The Vice-Chair: Actually four.

Mr Callahan: I might have to babble, which is not unusual. Just something related to that. You talk about the confidentiality between patient and doctor. When a doctor refers a matter out to a lab that's not his lab and it does an analysis of certain types of bodily fluids, is that done on the implied consent of the patient?

Dr Carlisle: Yes.

Mr Callahan: So there's no breach of confidentiality there?

Dr Carlisle: We have always taken the position that persons directly involved in the health care of the patient which would reasonably be contemplated by a reasonable patient are within the implied consent of the patient for the release of information. So the patient goes to the doctor's office, is aware that the doctor has a nurse and that the nurse will possibly come into the room or will certainly have the opportunity to look at the file as she files it or as she makes out the referral slip to the physician or lab that the patient is being sent to. It's always been our view that it was reasonable to accept the proposition that patients knew that and understood that.

If you look in the templates that have been produced by the ministry for the regulations under the RHPA, you will see a specific suggestion that there be a regulatory regularization of that proposition, that there actually be a regulation that says it's okay for that disclosure to take place. I'm not sure we think that that's really necessary, but I've noticed that they have put that into the proposed regulation.

Mr Callahan: These are aside from what you've come here for, but I'm just curious: If your records are subpoenaed to court, I guess you presume that that's being done by law.

Dr Carlisle: Yes. That does produce some interesting situations for the physician in the sense that the law requires that information to be given only when you sit down in the witness box and are asked the question. So the legal requirement begins at that point.

Mr Callahan: A very risky business, I would think.

Dr Carlisle: Now, as your experience will show, when you go to court you generally want to look at the records before you get into the witness box, and the proper doctor who understands the regulation -- and I get this request for information several times a week -- you've really got to go there and you can't let just any policeman or crown attorney or anybody who wants to riffle through them just riffle through them. They're protected, and you can reveal what you're asked in the witness box but you can't allow people to riffle through and look. Often doctors aren't aware of this.

Mr Callahan: Just finally --

The Vice-Chair: One quick question, Mr Callahan.

Mr Callahan: Yes. I think your comment about placing the physician in a position where they don't become a detective but if something is so obvious it's jumping out at them, that that should be their only responsibility. That's all that lawyers are required when they're acting under a legal aid certificate: to report anything that's obvious or tell the client, if something comes to their attention, to go and have a new assessment or whatever. I agree with that.

The Vice-Chair: Mr Wilson.

Mr Jim Wilson: Chair, I'm deferring to Mr Tilson.

Mr Tilson: We've heard comments from the privacy commissioner this morning, and my listening to the public on this topic, they're concerned with the fraud issue but they're also concerned about the potential accessibility of everything about us, from hospital records to medical records to what drugs we took last week to what operations we had, and the potential easiness to get to this stuff. There are stories every day seem to come out about how easy it is to get into systems. This entire building seems to be on computer systems, and hospitals are on systems and how easy it is to get to that, and the fear that the whole Big Brother is watching.

The commissioner this morning gave the example of how the government is now going to have a law that's going to take a photograph of cars driving along the roads for purposes of whether they're speeding or not, and we can't even drive down a road without people knowing where we're going.

I guess that's the question, how much of this needs to be put on a little microchip. I personally find it very scary that a government, whatever political stripe it's going to be, along with all the agencies, the hospitals and the drug companies and the pharmacists and all of these people, and whomever they give the information to -- the potential is quite alarming. Have you any fears of this society that we're moving towards with this age of the computer?

Dr Carlisle: Mr Tilson, I think your comments are well taken. I would agree with your perception of the public attitude towards that and I think it's a balancing act. You've heard a little bit, and I expect you may hear more before you're through with this consideration, of the immense potential for benefit of collecting all this information, at least in the medical context, for patients. There's an immense potential for good, and like everything that has an immense potential for good, it also has a fairly substantial potential for harm. So, obviously, there need to be careful systems in place to try to maximize the amount of good one can get out of it and minimize the amount of harm.

I expect that in medicine the potential for good is very incompletely utilized at this point in time and there's much to be said particularly for some of the more vulnerable patients in our patient mix who really need some help and aren't getting it. I think particularly of the elderly, where the sort of information that can be obtained about drug prescribing is just immensely beneficial, and we are not taking advantage of that to the extent that we should be. We'd welcome some of the efforts that have been announced recently to try to do better with that.

But I think your point is well taken, and it's for that reason that we're just a little -- our purpose for being here today is not to suggest that you put the brakes on considering the sort of systems you're thinking about. It's just to express a gentle caution that there is another side to it, that there is a downside to it. You've mentioned some of them and I mentioned a couple in the presentation. We feel pretty strongly about that and would like you to think carefully about those issues.

Mr Tilson: Your paper's quite clear, particularly the paragraph dealing with the summary. You want some sort of protection. I guess there's the general fear of the Brown-shirts watching other members of society. What's going on is the fear of liability, of libel and slander, of saying things that may not be so, and here are the physicians trying to deal with medical problems and now they're being asked to do something that perhaps they've never been asked to do before and at the same time, the potential of breaching confidentiality. I gather that's what you're saying and I understand that. You're asking what regulatory or statutory protection is going to be given to the physician. Is that what you're saying?


Dr Carlisle: I think that's part of it. We're first saying that if you're going to ask somebody to report something and you're going to hold them accountable for being reasonable in doing so, you ought to describe with some particularity that he or she is likely to be able to understand what it is you want him to do. I think I've made one suggestion. It's just a generic suggestion. There are no doubt a number of others we could come up with which would describe something that people could understand when they're expected to do something and, more to the point, the people they're expected to report about could understand when they're going to report.

One of the problems we've got with some of the arrangements that we now have for reporting is that the circumstances described are not very clear and thus the reporting raises a lot of hackles, a lot of bad feeling by people who feel that there really was no report required about them and that the doctor was quite unreasonable in making that report and the doctor's saying: "Look, I'm required to report. I'm going to be held accountable. I feel I have to report."

So our point is, make it clear, make it understandable both to the patients and to the doctor how it's going to be, and make it something that is likely to be a concept that they will be able to get their head around. Don't say, "Report if you think somebody may have committed fraud," because that's going to produce the sort of problem that recent judgements under the Highway Traffic Act have produced, where physicians decide, "To be on the safe side, I'm going to report all 1,231 patients in my practice to the Ministry of Transportation and Communications."

Mr Tilson: Has the government indicated that it's prepared to consult with you before it implements a plan?

Dr Carlisle: We haven't had any discussions about that.

Mr Tilson: I knew that answer before you gave it, of course, which is a genuine fear. What you're asking is reasonable: "Let's hear what you're going to be implementing before you implement it so that we can provide our comment, since you're asking us to" --

Dr Carlisle: I think it's fair to say, as I said in the presentation, that we support the objective. We'd like to participate in trying to make something that's going to work, as opposed to something that will appeal to the immediacy of the situation but may not actually have any value.

The Vice-Chair: We have Mr O'Connor, Mr White and Dr Frankford on the government caucus side.

Mr O'Connor: I noted with interest your distinction, for our viewers who are watching, of the role of the OMA and the college. I don't think people always recognize that the role of the college is to have a body that patients can go to and ask questions of from time to time if they've got a problem. So I appreciate your explanation and I think it might make it a little bit easier for people.

I noted with some interest some of what you've said. I guess two questions. One, we had the privacy commissioner before us this morning and we talked about health care planning and the data that could be assimilated and some real changes to health care planning in the future and wondered whether or not you might have a problem with that. We had talked about Manitoba, where they do have a database like that, and of course they don't have the freedom of information and privacy act that we do have here, so I guess I would ask you to comment on that.

I guess the other question might be: Does it happen on occasion now that patients might come to the college and suggest that, "I think that my physician may have been abusing the OHIP system that we have, the billing system that we have," and how would you react to that if someone came forward with that?

Dr Carlisle: On the first question, I didn't hear what the privacy commissioner had to say to you, so it's a little difficult to comment in detail.

Mr O'Connor: I appreciate that.

Dr Carlisle: But certainly we've always been aware that there would be the necessity to collect some information about the general health of a population and about other such matters in order to make reasonable plans for health care resources. I think everybody understands that.

I guess I'd probably echo what I rather expect, having talked to the privacy commissioner from time to time about it, the privacy commissioner may have thought, which is that there is probably not a lot of objection to be taken to information being used for those purposes, provided that everybody understands that information they're giving about themselves is being used for a particular purpose.

To answer your question generally, and without having heard what the privacy commissioner had to say, it would be that we as an organization subscribe to the views that have been now made the very clear law of the land by our Supreme Court of Canada but which have, I think, been generally accepted for some time, which is that information of this kind belongs to the person it refers to and that accordingly people ought to decide what their information is to be used for. They ought to decide on a programs basis through their representatives. You clearly represent the citizens and you're designing programs and you should have good opportunity for the public to be aware of what you're doing with information and how you're going to get that information. Then I think that if there's a general consensus that this is as it should be and that the appropriate legislative action is taken, that's appropriate and that's as it should be.

The concern is that it's so easy -- and one needs only to go back to the report of Mr Justice Krever some years ago about confidentiality of health records to recognize how easy -- to resolve some of these problems just by linking a few existing databases and moving data around. I rather expect that the commissioner would say, and certainly I think we would be inclined to say: "Just wait a second. The people who gave the information to be put into those databases for a particular purpose realize that you are subsequently going to decide to shift it around and use it for some other purpose? I'm not so sure about that. I think we might have some reservations."

I think explicitness and the knowledge on the part of everybody participating of what this data is going to be used for -- and of course most of the government application forms now have a pretty clear statement of what the data that's being collected here is going to be used for -- that is approaching the sort of situation that we probably think is appropriate.

In terms of your question, do people come to us and say, "I think that the doctor may be abusing and I'd like something," yes, we quite regularly get that kind of a letter. Sometimes there's an explanation for it which can be fairly easily figured out, there's a misperception on somebody's part. But what we do is what we do with all matters that patients and others bring to us: investigate to find out if there's any cogency to this, is there some explanation that can be fairly easily produced that satisfies everybody that there's no impropriety. If so -- and that's usually the case, thank goodness -- then we're able to resolve that and we're able to reassure the person that their concerns have been heard, an appropriate inquiry has taken place and it's been resolved. If they're satisfied, then that's fine.

If their complaint is of the nature that falls into the definition of professional misconduct as it's set out in the act, then we would take the necessary action to bring that on before the complaints committee and ultimately the discipline committee. If there's evidence of a criminal offence potentially having taken place, and thankfully it's been a long time since that occurred, our inclination would be to do the same as we would if we came in any context to the knowledge that somebody had committed an offence: We would notify the appropriate officials and ask them to take the matter over.

In the matter of health insurance, we've generally contacted the general manager of the health insurance plan whose responsibility it is to deal with abuses. As you know, OHIP has a system whereby it investigates the potential for fraudulent or wrong claims, mistaken claims, claims which make an error about how to use the fee schedule. All those things are dealt with through the medical review committee which is established under the Health Disciplines Act and Health Insurance Act. There is a process whereby the general manager would gather further information, send out verification letters to other patients, try to see if there's any substance to the thing. He's also of course authorized to turn the matter over to the police if he thinks that's the appropriate thing to do, and he has in fact done that on a number of occasions. The long and the short of it is that we would pass it on to the appropriate people for the appropriate action.

Mr White: Thank you, Dr Carlisle. I was very impressed with your presentation. In fact, I just read your media guide, which was sent around to my office recently. There were a number of things in it that I found to be very informative.

One thing I found rather interesting was the increase in the number of complaints last year over the previous decade or so. It seemed like an incredible increase, something which I'm sure we'd like to explore at some other time.


Your articulation I think is very important. The distinction between the obligations that physicians have under the Health Disciplines Act, members of the College of Physicians and Surgeons, their obligation as professionals and the obligations they have under law, and what you're making a suggestion about is making those obligations under law very explicit and for them to come under the health insurance. I think that's got a great deal of merit.

I want to explore a little bit about the issue of fraud, though, because I would think that in terms of people using the system illegitimately, most often when that happens it's people who are attempting to gain access to the system more often than people who have used it, who have had hundreds of thousands of dollars in services offered to them, but rather someone who approaches a physician, comes to his office, requests a diagnosis or assessment for some ailment or whatever and at that point their health card number is determined to be invalid.

I realize that, as you point out, that nurse or medical secretary who sees them initially would be seen by the college as being an extension of the physician. But when that person, when that secretary swipes their number or determines that their card is not legitimate, they have not as yet established a relationship with the physician, not a substantive relationship, and they would be denied service on the basis of the fact that their card is not legitimate.

Would there not be a lessened liability in terms of the college in regard to denying that person service? They, after all, have not seen the physician, have not really entered into a confidential relationship with him in a real, effective sense.

Dr Carlisle: I see your point. I don't think it happens that way very often. There is at present no way to know whether the card is valid before you see the patient, as you've no doubt been told. One can foresee future technology where that might occur, and we'd have to consider that when we get there. Right at the present time there isn't any way of knowing, so that almost always the care will have been rendered before one discovers that the claim is not going to be paid on the basis of not being eligible. In fact, as the representatives of the OMA were pointing out to you, this is the biggest problem with version codes. There are people walking around with three or four cards, each of which has a version code. They don't know which is the correct one, the physician certainly doesn't know and there's no way of finding out in most areas of the province other than to put a claim through on one and try it out.

At the present time, I think your scenario is perhaps, unfortunately, too hypothetical to question, but I can certainly see that in the future we're going to have to cope with that question.

Mr White: But further than that, the kind of card we were looking at, that we were having described to us both by the OMA and by the Information and Privacy Commissioner, both of those cards or card systems were ones that would allow for initial screening, and those are the kind of things we're looking at having in place. Would those cards not allow for a lessened liability?

Dr Carlisle: This is what I've suggested in the paper I've submitted to you. If you had a system which could be clear, either by looking at the picture or by some kind of other technology, to indicate that this was not the person's card or that they were not eligible, that's the kind of requirement you could easily make which people could easily understand and which would be acceptable. I don't think there are many people out there, patients or doctors, who would object to the idea that if you go and it is discovered, either by looking at the picture or by some other technology, that this isn't you or that you're not eligible, that ought to be reported. I don't think we'd have any problem with that.

The concern that I wanted to bring to you today, not to belabour it, is that if you have rather vaguer concepts, particularly in the face of a lack of understanding of the meaning of those words by the people who are involved, you will probably cause a lot of antagonism and damage to the relationship and create a lot of reports, a lot of complaints and perhaps even some litigation which are not gaining anything in terms of deterring misuse of the system in any significant way.

We're just trying to urge you that in the interim, until this technology's available, if it ultimately becomes available -- and I guess that's a function of whether you think, making the best estimate you can of the amount you might be losing and making the best estimate you can of the amount that we might be costing to put this system in place, you'll have to decide whether you think it's a good idea to have it. But in any event, if we do decide to have it, then clearly it will offer some solution.

I think there are a number of issues. I didn't come here to talk about them, so I won't belabour them, but there are a number of other issues as to whether there is any practical way, in terms of screening people who are going to get these cards and have them indicating valid, to exclude people who are not eligible. That is a whole other question which is, I think, a much more problematic issue.

Mr Frankford: Somewhat following on that, the question has arisen often around the addresses on cards. Perhaps you could clarify for me and the committee. I think I know the situation, but the physician is actually required to have the address on the patient records?

Dr Carlisle: Yes, sir.

Mr Frankford: Then the potential of a cross-checking is there. Even if the patient is not taking the trouble of changing their address, the health system or the physician at least has it and should really be updating it, according to college regulations.

Dr Carlisle: Yes, that's right. The regulations require that patient's names and addresses are to be contained in the record. I expect that what we know about the keeping of the records of the addresses of patients by the health insurance system would lead us to suspect that those records are probably so substantially incorrect that today it's probably become the practice not to pay much attention to a discordance between the recorded addresses because they are so often discordant in perfectly innocent circumstances that there's not much point in doing so, although obviously from the doctor's point of view, he or she would prefer to have their correct address in the record. Obviously, both the doctors and their office staff try to keep that up to date, but I expect that it's not likely that it's acting as a very effective detection mechanism today because the records are so inaccurate.

One of the big problems, as you probably know -- and maybe the health insurance people have told you -- is that when you go to do audits the biggest problem is that such a high percentage of the addresses that you have for subscribers are inaccurate that the data goes, through nobody's bad intents, spraying all over the place.

Mr Frankford: It seems to me that there must be times when the physician would find out that the person is living in another jurisdiction and could legitimately say to that person, "I'm going to bill you directly because in my judgement you're not eligible."

Dr Carlisle: I think that's quite a problem, Dr Frankford, because of course there are all kinds of people who live in other jurisdictions who are eligible for coverage. Conversely, there are all kinds of people who live in our jurisdictions who aren't. So how you would determine from the patient's address, in terms of the jurisdiction in which they lived, whether they were or were not eligible is somewhat problematic. There are all kinds of people who live a substantial portion of the time in Florida who are Ontario residents and are entitled to coverage.

There are all kinds of people, for example, who have said to me, "If somebody had an address in Buffalo, you could clearly say they were probably taking advantage of the system improperly." On the other hand, there are probably students at the University of Buffalo who are resident in Ontario and who are quite eligible for coverage, and if you took simply the fact that they lived in Buffalo as an index that they were committing fraud, you'd be quite wrong. In fact, I expect in law you'd be behaving unreasonably and you'd lose the protection of the statute.

I've only thought about this personally; we as an organization haven't thought about it. But the more I thought about it, the more difficult it was for me to determine what kind of test you would use at the point of issuing the card, given that you have to issue millions of them and given that the likelihood is that you're going to take a long time doing it if you're going to want to confront each recipient of the card personally.

If you confront them personally, you've got a well-intentioned, skilful clerical person but who has to apply a test that can applied within a few minutes -- you can't take a half an hour with each one -- and I don't quite exactly know what you would ask them to present to demonstrate that they are entitled to a card or to detect that they aren't, because address won't do it, birth certificate won't do it. There are all kinds of people born in Ontario who aren't entitled and vice versa. I think this would have to be looked at very carefully and I'm not at all sure that it would turn out to be as simple as it appears on the surface.


We all know the last time around we did this that it turned out that the best record, admitting that it was probably a very imperfect record, that existed was the record of people who already had cards. So we basically sent a card to everybody who already had one.

As I said in answer to Mr White's question before, it seems to me that this is an interesting theoretical discussion, but until we get down to brass tacks as to exactly how we're going to do it, I'm not sure we'll see how practical it is.

Mr Frankford: Just as an observation, it seemed to me that when the new registration system was set up it was never really made clear who was eligible or not. One thing I found most surprising was that the registration form gave the option of putting in country, and I would have thought that leads to all sorts of interesting possibilities of questionable registration.

Dr Carlisle: If I may, it's because the technical definition of "residency" is not dependent upon where you live. It's a legal concept and it falls into the same problem that I mentioned earlier about using concepts which are imperfectly understood by the people who are involved in administering them. So if you say to the doctor, "We want you to report where you have reasonable grounds to believe that the person is not eligible," then we will have to have some pretty heavy-duty instruction as to what the requirements for eligibility are, because they're very complicated and it may be hard for people to understand them.

I would hazard a guess. You've practised for some time, as have I. I'm not sure that I could describe to you here in a very clear and concise manner all of the variations of the eligibility rules, and I dare say you might have some difficulty in reciting that as well. If we extrapolate that to thousands of doctors and other health care professionals who are able to bill a plan across the province, we might recognize that kind of a criterion may not actually be all that workable.

Mr Frankford: A very different area, but it was discussed in this committee, around the prescription computer system: Do you see any problems in the physician-patient relationship in the fact that the reporting, I understand, is going to go to pharmacists?

Dr Carlisle: Yes, I think there are some concerns about that. As I said in speaking to Mr Tilson before, I think there's a great potential for some benefit out of that. But it's I think evident, if you've thought about the way medicine is practised, that this could pose some significant problems in terms of the pharmacist now knowing something or thinking he knows something which may be correct or may be in error, and now has to tell the physician, who had no access to that at the time that he or she made a judgement about what treatment ought to be prescribed and now is presented with a putative fact which may or may not be right. I think that could pose some rather serious problems, so I applaud the initiative of the medical association to try to have some better cross-professional input and the response of the government to that initiative.

The Vice-Chair: Thank you, Dr Frankford. Just before you go, Dr Carlisle, the auditor has some questions for you.

Mr Peters: Just a quick one, really, in a way. I take it, in response to Mr Tilson's questions, that you feel you have not been adequately involved in the process of developing a plan and strategy in this area.

Dr Carlisle: I guess I'd have to answer that I'm not sure what the process has been. As far as I understand, some agreement about this was entered into between the OMA and the ministry as part of the negotiating that took place between them. We aren't party to that negotiation and don't have anything to do with it. We're very grateful to be invited to come here and talk to you about it and obviously would like to have as much knowledge of what is being planned as we can, simply to be able to help if we can.

Mr Peters: That leads me really to the nub of the question I wanted to ask you. In your paper you have covered very well the areas of fraud, abuse and misuse. There was a second objective in the introduction of the health card, and I was wondering if you might be willing to comment on that. I want to just refer to my predecessor's report to the Legislature.

In it we said that, as read; reads well/lb"Registration information is the key to the ministry's plan to reshape Ontario's universal health care system. Relevant, accurate and timely information is essential to successfully manage the ministry's annual $5.6 billion of health benefits program. Planners and program managers require reliable information to monitor demographic and geographic trends, forecast health care needs, assess outcomes of care and plan and monitor programs."

Of course, in the area of forecasting health care needs and assessing outcomes of care, I'm sure your college must have some significant interest. I was wondering to what extent you wished you were involved or you are involved or can be involved in dealing with complementing or supplementing or dealing with these requirements. In other words, would a database that could be developed by the use of the health card be of use to the college of physicians, and to what extent would you like to be involved?

Dr Carlisle: We have been involved quite extensively, through our work with the independent health facilities program, in probably the only actual working model which deals with the specification of objectives and the measurement of outcomes in health care that currently exist in the province. We've been an integral part of that. As you know, it is our function, under that act, to deal with outcome measurement and the quality management techniques which are part of it. So yes, we are very interested in that approach.

The similar approaches which are part of the arrangements that are being made to improve the prescription databases and the electronic transfer of data that are related to that have also been mentioned by Dr Frankford. We have been involved in that discussion as well. We were invited to be involved in it late on in the process. We were not included initially in the discussions, but we managed to get added to the list toward the end of that process.

In short, I think your observation in your report is undoubtedly correct, that ultimately, if there is to be an overall better health care system than there is now in terms of the sort of quality management techniques that we as an organization feel are appropriate, it will be necessary to base that on some fundamental database. I expect that the Ministry of Health database relating to health insurance is probably as good as any to select for that purpose.

We have been involved in providing data from our systems to the prescription database system, and it will be our membership identifier that is used as the physician identifier in that system. So the long and the short is that we agree essentially with what you've said and we would like to be part of the planning of that process. We've already, to some extent, been so. We seem to find ourselves often as the sort of forgotten other side of organized medicine.

Obviously, the OMA is the main bargainer with government and we don't propose to interfere with that in any way. But we do have a perspective to offer, bearing in mind our mission statement and what we're supposed to be concerned with. We have been very active in quality management issues and we'd like to be part of these discussions at a stage where it makes some difference.

The Vice-Chair: I believe Mr Tilson has a supplementary.

Mr Tilson: I had one question that's arisen from some of the questions that have been asked as to your thoughts on the whole issue of cost: cost of investigations to physicians, or investigation, both the cost to the ministry, the cost of -- some issue has been developed between these blue hospital cards that are relied on instead of health cards, and doctors in turn relying on those, and the different computer systems that hospitals have versus the allegedly -- I don't know whether there's truth in it or not -- archaic computer systems that the Ministry of Health has.

All of this change for investigation, for health cards is going to cost an enormous amount of money. Whether we're going in the right direction is one issue, but the whole issue of cost is another. Has your group put your mind not only around the cost from the public's point of view but the cost to the physician?

Dr Carlisle: I think that your question ties in very nicely with the auditor's question. I think it's important that we do upgrade these systems. I expect you're probably right that any computer system and related software that you buy is by definition out of date two years after you put it into service. But I think we can see, as I've said before, the tremendous benefits that could be achieved by having good use of data to assist in the rendering of health care overall, just across a lot of health care professions.


There are data largely in the United States, though we're beginning to develop them in Canada, that begin to quantify what some of those benefits are. I think we can begin to see the overall savings that could be part of health care over a long period of years if we utilize some of the systems that could be available to assist us in seeing that proper preventive measures are taken, that they're not overlooked or forgotten, that inappropriate medication isn't permitted to take place over a long period of time just through inadvertence or through the fact that nobody gets the whole picture. So I think that's all there.

Can you yet put a cost-benefit analysis on it where you consider the cost not only to the government, but to the providers and so forth? I think we're at a stage where we are in the perhaps temporary but nevertheless uncomfortable dilemma of not really being sure exactly what the potential benefit is but knowing that there's a good deal of it there; not being sure exactly what the overall cost might be but recognizing that it will be substantial; and not being really in all that good a position to make other than an educated guess, judgement call, about what to do.

I guess that sort of parallels the position that you may find yourself in as a committee in relation to the whole health fraud thing. You're not exactly sure what the losses are, though they may be substantial; you're not exactly sure what it'll cost to correct them, though it's bound to be a fair amount; and you're not able to make more than kind of an educated guess about whether the one is reasonable in respect to the other and how far you ought to go in applying a system to try to deal with the problem.

So, I guess that's just the dilemma that health care faces today. Fortunately in Ontario, and Dr Dickson from the OMA referred to it, we have one of the better groups of folks around looking at these kinds of issues and making reports to the various joint bodies of the profession and government and giving us some indication of what the benefits might be and a little better example or idea of what the costs might be. So I guess that we're probably in as good a position as anybody.

The one thing we do know and I think this, just to bring it back and tie it to what your auditor said, is that we do have a system that, if there is any system of health care in North America that lends itself to getting the maximum benefit with the minimum inputs, it's ours because we do have a central, single payer where we can get the data and use them to assist in quality management. That doesn't exist anywhere else in the North American health care context.

In looking at some of the things we did for IHF, we regularly had people from Rand Corp and so forth coming to see what we were doing because of the attractiveness of our system. With all the other warts it may have, it does probably lend itself, with a single payer, to utilizing that data effectively for the benefit of the patient. We ought, I think, to maximize that advantage if we can.

Mr Tilson: I guess what my concern is that if the government is going to get into a new health card system, which it appears it's going to with respect to computers etc, that is going to have an effect on all of the providers, whether it be doctors or hospitals. It would seem to me that, to get back to my question, because of that there's going to be substantial cost to the hospitals, the providers etc. That's one more reason why perhaps there should be some substantial consultations, if anything, just to make the thing work economically.

Dr Carlisle: Yes, and let's not lose sight of the one thing that Dr Dickson from the OMA did point out to you, which is that there continue to be, notwithstanding the pervasiveness of electronic data claims submissions, there continue to be a number of practitioners often providing services in situations where we desperately need those services, in the far north and so forth, who are not into this electronic data stuff. I'd urge you to consider that the systems need to provide for that because those approaching the age of retirement are not likely to want to make those investments. It's going to be tough.

The Vice-Chair: Dr Carlisle, on behalf of the members of the committee, I'd like to sincerely thank you and the College of Physicians and Surgeons for your contribution to our deliberations today.

Dr Carlisle: Thank you for the opportunity.

Mrs Sullivan: I wonder if legislative research could get two pieces of documentation for us. One was mentioned by the OMA in its presentation. It was with respect to a pilot that was done at the Toronto Hospital on registration of patients as they came in, and referral to the Ministry of Health. I think it would be useful to actually see that report.

The second piece of documentation that I feel might be useful is with respect to other technologies that the Ontario Hospital Association, I believe, has reviewed that link up blue cards within a hospital or link up blue cards from place to place. I believe that study exists and they may well make it available to us. I'm not convinced, as Mr Wilson is, that the blue cards are a matter of terrible fraud, that they're being sold on the street and so on, but I think that the way they are actually being used and how they link a facility with another facility and provide access would be useful.

The Vice-Chair: We've relayed those requests to research. I assume, Ray, if you have any further questions you can ask Mrs Sullivan at a later date.

We are about to adjourn. Just before we do, I would ask members if you would stay after we have formal adjournment since we do have some matters to discuss relating to the schedule later this week.

The standing committee on public accounts stands adjourned until Wednesday morning at 10 o'clock.

The committee adjourned at 1636.