Health Information

• Author: Barbara Von Tigerstrom
• Pages: 437-494

437

CHAPTER 7

HEALTH INFORMATION

As a subcategory of personal information, health information is sub-

ject to many of the same sources of law discussed in earlier chapters,

including potential civil claims for unauthorized access or disclosure

and legislation governing its collection, use, disclosure, and protection

in the public and private sectors. Information about our health is, how-

ever, commonly understood to be one of the most sensitive types of

personal information,1 and it is often shared in the context of profes-

sional relationships that carry special legal and ethical obligations. At

the same time, there are compelling reasons to use and share health

information for a range of purposes, such as providing and adminis-

tering health care and conducting research. As a result of this unique

combination of factors, there are specific legal and ethical duties and

pieces of legislation that apply to this category of information.

A. LEGAL AND ETHICAL OBLIGATIONS OF

HEALTH CARE PROFESSIONALS

Information about a person’s health is often collected and generated

through interactions with health care professionals who have distinct

ethical and legal obligations by v irtue of their roles and their therapeutic

1 See, for example, McInerney v MacDonald, [1992] 2 SCR 138 at para 18 [McInerney];

Jones v Tsige, 2012 ONCA 32 at para 72 [Jones v Tsige].

INFORM ATION AND PRIVACY LAW IN CANADA438

relationships with patients or clients. Regulated health care profes-

sionals must follow codes of ethics and professional standards that are

set and enforced by professional associations and regulatory bodies.

In Canada, health care professions are “self-regulating,” meaning that

members of the profession take a leading role in governi ng entry to the

profession and standards of conduct for its members, with input and

oversight from the public and provincial or territorial governments.

Professional bodies have authority under provincial/territorial legis-

lation to carry out these functions, including the power to undertake

disciplinar y proceedings and impose penalties for professional miscon-

duct. This means that ethical standards adopted by the profession can

be enforced, with legal sanctions for non-compliance, if non-compli-

ance is found to constitute misconduct. Ethical obligations of confiden-

tiality could therefore have legal as well as moral force.

Other legal consequences could follow from the common law or

equitable duties that health care professionals owe to their patients.

They will in most circumstances owe duties of care that, if breached,

could become the subject of a claim in negligence. In some instan-

ces, there will also be an express or implied contractual relationship

between provider and patient. In addition, the relationship between

patients and at least some health care professionals — notably phys-

icians, according to the Supreme Court of Canad a (SCC) — is fiduciary

in nature, a relationship of trust and confidence in which the profes-

sional must act in the patient’s best interests.2 All of these legal dut-

ies are relevant to the obligations of health care professionals to keep

health information confidential and to give patients reasonable access

to their own health information.

1) Obligations of Confidentiality

The codes of ethics of the medical and other health professions include

an ethical obligation to maintain the confidentiality of patients’ infor-

mation. For example, the Code of Ethics and Professionalism of the

Canadian Medical Association requires doctors to

18. Fulfill your duty of confidentiality to the patient by keeping

identifiable patient information confidential; collecting, using, and

disclosing only as much health information as necessary to benefit

the patient; and sharing information only to benefit the patient and

within the patient’s circle of care.

2 McInerney, above note 1; Norberg v Wynrib, [1992] 2 SCR 226.

Health In formation439

and to

21. Avoid health care discussions, including in personal, public, or

virtual conversations, that could reasonably be seen as revealing

confidential or identifying information or as being disrespectful to

patients, their families, or careg ivers.3

Exceptions to the duty of confidentiality include “situations where the

informed consent of the patient has been obtained for disclosure or as

provided for by law.”4 The Code of Ethics for Registered Nurses sets

out a detailed list of ethical responsibilities regarding privacy and con-

fidentiality, including collecting, using, and disclosing health informa-

tion only “on a need-to-know basis”; limiting disclosures to what is

necessary for a par ticular purpose; protecting health in formation when

communicating with others or using information technology or social

media; and not abusing access to health care records.5 Similar obliga-

tions are included, with varying levels of detail, in the relevant codes

for other professions, such as psychology,6 dentistry,7 and pharmacy.8

The legal obligation to maintain confidentiality of patient informa-

tion is also well recogn ized. A 1928 decision of the SCC, Halls v Mitchell,

remains one of the leading authorities, despite the fact that the main

3 Canadian Medic al Association, “Code of Eth ics and Professionalis m” (Decem-

ber 2018), online: http://policybase.cma.ca/dbtw-wpd/Policypdf/PD19-03.pdf

[CMA, “Code of Ethics”].

4 Ibid at para 18.

5 Canadian Nurse s Association, “Code of Ethic s for Registered Nurses” (Ottawa:

Canadia n Nurses Association , 2017), online: www.cna-aiic.ca/html/en/Code-of-

Ethics-2017-Edition/index.html at 14 –15.

6 Canadian Psychological A ssociation, “Canadi an Code of Ethics for Psychol-

ogists,” 4th ed (Ottawa: C anadian Psychological A ssociation, 2017), online:

https://cpa.ca/docs/File/Ethics/CPA_Code_2017_4thEd.pdf at 16– 17.

7 See, for example, Alber ta Dental Associat ion & College, “Code of Ethics” (Octo-

ber 2007), online: www.dentalhealthalberta.ca/wp-content/uploads/2019/03/

ADAC-Code-of-Ethics.pdf at 7; College of Dental Surgeons of Br itish Columbia,

“Code of Ethics” (May 2015), online: www.cdsbc.org/CDSBCPublicLibrary/Code-

of-Ethics.pdf at 2; Royal College of Dental Sur geons of Ontario, “RCDSO Code

of Ethics,” online: www.rcdso.org/en-ca/rcdso-members/your-responsibilities/

code-of-ethics at para 15.

8 S ee, for example, Alberta College of Ph armacy, “Code of Ethics” (2014), online:

https://abpharmacy.ca/sites/default/files/CodeofEthicsBooklet_May2014.pdf,

Principle 4 [AB College of Ph armacy, “Code of Ethics”]; College of Pharma-

cists of Brit ish Columbia, “Code of Ethics — Detailed” (2016), online: http://

library.bcpharmacists.org/6_Resources/6-1_Provincial_Legislation/5019-Code_

of_Ethics_Detailed.pdf at 5; Ontario College of Ph armacists, “Code of Eth-

ics” (December 2015), online; www.ocpinfo.com/library/council/download/

CodeofEthics2015.pdf at paras 2.9, 3.6, and 4.7