HealthcareSaskatchewan, CanadaEn vigueur September 1, 2003

HIPA (SK)

Health Information Protection Act (Saskatchewan)

Saskatchewan's health privacy law for trustees of health information

Effectuer une évaluation HIPA (SK) ← Tous les cadres

Aperçu

Saskatchewan's Health Information Protection Act (HIPA) governs how trustees collect, use, disclose, and safeguard personal health information. It was one of the earliest provincial health privacy laws and was strengthened with significantly higher penalties for snooping and unauthorized disclosure. Saskatchewan requires dual compliance with both HIPA and PIPEDA.

Autorité

Saskatchewan Information and Privacy Commissioner (OIPC SK)

Territoire

Saskatchewan, Canada

Date d'entrée en vigueur

September 1, 2003

Applicabilité

Qui doit se conformer à HIPA (SK)?

Trustees under HIPA include the Saskatchewan Health Authority, physicians, pharmacists, regulated health professionals, and government health bodies. Information management service providers acting for a trustee are subject to HIPA through agreement.

Portée de la conformité

Votre organisation collecte des renseignements personnels

Vous exercez vos activités dans le territoire applicable

Des activités commerciales sont impliquées

Vous utilisez ou communiquez des données personnelles

Vous n'êtes pas certain que HIPA (SK) s'applique? Effectuez une évaluation gratuite →

Obligations

Principales obligations en vertu de HIPA (SK)

Trustee Duty of Care

Trustees must protect the personal health information in their custody or control and use it only for authorized purposes.

Need-to-Know Access

Limit employee and agent access to personal health information strictly to what their duties require.

Consent & Permitted Use

Use and disclose personal health information with consent or as specifically permitted by HIPA.

Data Minimization

Collect and use the least amount of personal health information needed for the purpose.

Breach Response

Take reasonable steps on a privacy breach, including notifying affected individuals; the OIPC actively investigates snooping.

Information Management Agreements

Written agreements govern any third party that stores or processes health information for a trustee.

Application

Pénalités et application de la loi

Pénalité maximale

Up to $50,000 (individual) / $500,000 (organization)

Appliqué par : Saskatchewan Information and Privacy Commissioner

Cas notable

HIPA penalties were sharply increased to deter snooping, after repeated cases of staff accessing records without authorization.

Comment Canuckt vous protège des pénalités :

HIPA gap assessment mapped to Saskatchewan trustee duties and need-to-know access

Access-control and audit-log guidance calibrated to OIPC Saskatchewan snooping enforcement

Information-management-service-provider agreement templates

Breach workflow and PHI inventory for Saskatchewan trustees

Connexes

Cadres qui se recoupent souvent avec HIPA (SK)

Healthcare

PHIPA

Ontario's health privacy law — governing all PHI custodians

Privacy

PIPEDA

Canada's federal private-sector privacy law

Healthcare

PHIA (MB)

Canada's first comprehensive health privacy law, governing Manitoba trustees

Effectuez une analyse des écarts HIPA (SK) gratuitement

Répondez à 47 questions, obtenez un rapport d'écarts noté, et voyez exactement ce que vous devez faire pour vous conformer à HIPA (SK) — en moins de 3 heures. Gratuit pour toujours.

Commencer l'évaluation gratuite

Sans carte de crédit

Résultats en quelques heures

Données hébergées au Canada