- What is the Personal Health Information Act (PHIA)?
The Personal Health Information Act (PHIA) provides access to information and protection of privacy rights concerning personal health information. PHIA allows individuals to examine and receive a copy of their own personal health information from a trustee holding this information. PHIA imposes obligations on trustees for the protection of personal health information, specifically its collection, use, disclosure and security. It was proclaimed as law in Manitoba on December 11, 1997.
- Who falls under PHIA?
PHIA applies to trustees who maintain (have custody or control of) personal health information. Trustees are:
- all public bodies that fall under FIPPA
- health professionals licensed or registered to provide health care or health professionals (such as doctors, nurses, physiotherapists, psychologists, etc.);
- health care facilities (such as hospitals, personal care homes, psychiatric facilities, medical clinics, laboratories, the Manitoba Cancer Treatment and Research Foundation, and community health centres or other health care facilities designated in the regulations)
- health services agencies providing health care under an agreement with another trustee (such as the Victorian Order of Nurses and We Care).
- What is a "record"?
PHIA defines a "record" as "a record of information in any form, and includes information that is written, photographed, recorded or stored in any manner, on any storage medium or by any means, including by graphic, electronic or mechanical means, but does not include electronic software or any mechanism that produces records".
- What is "personal health information"?
Personal health information is information about an identifiable individual that relates to an individual's health and health care history including genetic information, the provision of health care to the individual, or payment for health care provided to the individual. This includes such things as your Personal Health Information Number (PHIN) assigned by Manitoba Health, as well as any identifying information collected in the course of providing health care services.
- Who can see my personal health information?
PHIA provides you with a right of access to your own personal health information. An employee of the trustee who needs to know your personal health information to provide you with health care services may see your information. PHIA also allows for the sharing of your personal health information in specific limited circumstances. Division 3 of PHIA sets out the requirements for the protection of the privacy of your personal health information.
- How do I request access to records containing my personal health information?
Requests for access to your personal health information must be made to the trustee whom you believe maintains the personal health information. The trustee may require your request to be in writing; there is no prescribed form for these situations.
- Will I receive access to all of my personal health information?
There are certain specific and limited situations where a trustee is not required to permit you to examine your personal health information. These exceptions are listed in section 11(1) of PHIA. If one or more of these exceptions apply, the trustee is required to sever the information that cannot be examined and provide you with a copy of the remainder of the information. The practice of severance, which involves removing information that falls within an exception to disclosure from a copy of the record to be released, enables the disclosure of as much information as possible. This means that your request may result in the disclosure of only parts of the record(s) you wish to access.
- Will I have to pay anything for access?
A trustee may charge a reasonable fee for permitting examination of personal health information and providing a copy.
- How do I request corrections to my personal health information?
If, after obtaining access to your personal health information, you believe that there is an error or omission in the information, you may request a correction to that information. There is no prescribed form for this purpose, but PHIA requires that the request be in writing. Your letter should be sent to the trustee who maintains this information.
- What is the role of the ombudsman?
The responsibilities of the ombudsman under PHIA include the investigation of complaints respecting access to information and protection of personal health information; investigating, auditing, and monitoring compliance with the act; and promoting public awareness of PHIA.