Health and Information Protection Act, 2016 (HIPA) passed third reading

On May 5, 2016, the Health Information Protection Act, 2016 (HIPA) passed third reading in the Ontario legislature. The Act will make a number of amendments to the Personal Health Information Protection Act, 2004 (PHIPA) and the Regulated Health Professions Act, 1991, amongst others. The Act has not yet been proclaimed.

The following changes contained in the HIPA will be of significance for those who handle personal health information:

  • Mandatory privacy breach reporting to the Information and Privacy Commissioner and, in certain circumstances, to relevant regulatory colleges;
  • Removing the requirement under PHIPA that prosecutions must be commenced within six months of when the alleged offence occurred, which allows for a broader range of liability;
  • Doubling the maximum fines for privacy offences from $50,000 to $100,000 for individuals and from $250,000 to $500,000 for organizations.

Details about the HIPA and the Ontario government’s efforts to improve privacy protections with respect to personal health information is available at

For further information please contact Porter Heffernan at 613-940-2764, Carolyn Dunlop at 613-940-2760, or Adam Gamwell at 613-940-2736.

Related Articles

Comment Period Open on Proposed Regulations Regarding Incoming Paid Medical Leave Under the Canada Labour Code

On December 17, 2021, Bill C-3, An Act to amend the Criminal Code and the Canada Labour Code, received Royal Assent. …

Arbitrator Dismisses Union Grievance Regarding Decision Not to Fill Position After Employee’s Retirement

On May 17, 2022, Emond Harnden’s very own Sébastien Huard and Marianne Abou-Hamad successfully represented their client in a grievance…

Arbitrator Upholds University’s Decision to Terminate Financial Officer with Lengthy History of Performance Issues and Workplace Conflict

On May 17, 2022, Arbitrator Kathleen O’Neil released her decision in The Ontario Secondary Schools Teachers’ Federation, Local 35 and…