HealthcareNova Scotia, CanadaEn vigueur June 1, 2013

PHIA (NS)

Personal Health Information Act (Nova Scotia)

Nova Scotia's health privacy law for custodians of personal health information

Effectuer une évaluation PHIA (NS) ← Tous les cadres

Aperçu

Nova Scotia's Personal Health Information Act governs how custodians collect, use, disclose, retain, and destroy personal health information in the province. It sets consent rules, mandates safeguards, and requires custodians to notify affected individuals — and in serious cases the Information and Privacy Commissioner — of privacy breaches. Nova Scotia is deemed substantially similar to PIPEDA for health information.

Autorité

Information and Privacy Commissioner for Nova Scotia (OIPC NS)

Territoire

Nova Scotia, Canada

Date d'entrée en vigueur

June 1, 2013

Applicabilité

Qui doit se conformer à PHIA (NS)?

Custodians in Nova Scotia include regulated health professionals, hospitals, the provincial health authority, pharmacies, and continuing-care facilities. Information managers and agents that handle personal health information on a custodian’s behalf are bound through written agreements.

Portée de la conformité

Votre organisation collecte des renseignements personnels

Vous exercez vos activités dans le territoire applicable

Des activités commerciales sont impliquées

Vous utilisez ou communiquez des données personnelles

Vous n'êtes pas certain que PHIA (NS) s'applique? Effectuez une évaluation gratuite →

Obligations

Principales obligations en vertu de PHIA (NS)

Knowledgeable Consent

Collect, use, and disclose personal health information only with the individual’s knowledgeable consent, except where the Act permits otherwise (such as within a circle of care).

Limiting Principle

Collect, use, and disclose only as much personal health information as is reasonably necessary for the purpose.

Safeguards

Protect personal health information with reasonable administrative, technical, and physical safeguards against loss, theft, and unauthorized access.

Breach Notification

Notify the affected individual at the first reasonable opportunity, and the OIPC where a breach could cause harm or embarrassment.

Right of Access & Correction

Individuals can request access to their own health record and ask for corrections, with defined response timelines.

Information Manager Agreements

Written agreements are required before an information manager processes, stores, or destroys personal health information for a custodian.

Application

Pénalités et application de la loi

Pénalité maximale

Up to $10,000 (individual) / $50,000 (organization)

Appliqué par : Information and Privacy Commissioner for Nova Scotia

Cas notable

NS PHIA created specific offences for snooping — accessing a health record without authorization is a prosecutable act.

Comment Canuckt vous protège des pénalités :

PHIA (NS) gap assessment mapped to Nova Scotia custodian obligations and consent rules

Information-manager agreement template for vendors handling PHI on behalf of NS custodians

Breach workflow calibrated to OIPC Nova Scotia notification expectations

PHI data inventory across systems so you can prove the limiting principle is met

Connexes

Cadres qui se recoupent souvent avec PHIA (NS)

Healthcare

PHIPA

Ontario's health privacy law — governing all PHI custodians

Privacy

PIPEDA

Canada's federal private-sector privacy law

Healthcare

PHIPAA (NB)

New Brunswick's combined health privacy and access law

Effectuez une analyse des écarts PHIA (NS) gratuitement

Répondez à 47 questions, obtenez un rapport d'écarts noté, et voyez exactement ce que vous devez faire pour vous conformer à PHIA (NS) — en moins de 3 heures. Gratuit pour toujours.

Commencer l'évaluation gratuite

Sans carte de crédit

Résultats en quelques heures

Données hébergées au Canada