Health Information

• Author: Barbara Von Tigerstrom
• Pages: 437-494

437

CHA PTER 7

HE A LT H INFOR M AT ION

As a subcategory of personal i nformation, health information is sub-

ject to many of the same sources of law di scussed in earlier ch apters,

including potential civi l claims for unauthorized acce ss or disclosure

and legislation governing its collection, use, disclosure, and protection

in the public and private sectors. Information about our health is, how-

ever, commonly understood to be one of the most sensitive types of

personal inform ation,1 and it is often shared in the context of profes-

sional relationships that c arry specia l legal and ethical obligations. At

the same time, there are compell ing reasons to use and sha re health

information for a range of purposes, such a s providing and adminis-

tering health ca re and conducting research. As a result of this unique

combination of factors, there are specific legal and et hical duties and

pieces of legislation that apply to this c ategory of information.

A. LEGA L AND ETHICAL OBLIGATIONS OF

HEALTH CARE PROFESSIONALS

Information about a person’s health is often collected and generated

through interactions with he alth care professionals who have distinct

ethical and legal obligations by v irtue of their roles and their therapeutic

1 See, for example, McInerney v MacDonald, [1992] 2 SCR 138 at para 18 [McInerney];

Jones v Tsige, 2012 ONCA 32 at para 72 [Jones v Tsige].

INFORM ATION AND PRIVACY LAW IN CAN ADA438

relationships with patients or clients. Regulated health care profes-

sionals must follow codes of ethics and professional standards that are

set and enforced by professional associations and regulatory bodies.

In Canada, health c are professions are “self-regulating,” meaning that

members of the profession take a leading role in governi ng entry to the

profession and standards of conduct for its members, with i nput and

oversight from the public and provincial or terr itorial governments.

Professional bodies have authority under provincial/ter ritorial legis-

lation to carry out these functions, including the power to undertake

disciplinar y proceedings and impose penalties for professional miscon-

duct. This means that ethical standards adopted by the profession can

be enforced, with legal sanctions for non-compliance, if non-compli-

ance is found to constitute misconduct. Ethical obligations of confiden-

tiality could therefore have legal as well as moral force.

Other legal consequences could follow from the common law or

equitable duties that health c are professionals owe to their patients.

They will in most circumstances owe duties of care that, if breached,

could become the subject of a claim in negligence. In some instan-

ces, there will also be an express or implied contract ual relationship

between prov ider and patie nt. In addition, t he relationship between

patients and at least some health care professionals — notably phys-

icians, according to the Supreme Court of Canad a (SCC) — is fiduciary

in nature, a relationship of tr ust and confidence in which the profes-

sional must act in the patient’s best interests.2 All of these legal dut-

ies are relevant to the obligations of health ca re professionals to keep

health information confidential and to give patients reasonable access

to their own health information.

1) Obligations of Confidentiality

The codes of ethics of the medical and other health professions include

an ethical obligation to maint ain the confidentiality of patients’ infor-

mation. For example, the Code of Ethics and Professional ism of the

Canadian Medical Association require s doctors to

18. Fulfill your duty of conf identiality to the pat ient by keeping

identifi able patient inform ation confident ial; collecti ng, using, and

disclosing only a s much health informat ion as necessar y to benefit

the patient; and sha ring information only t o benefit the patient and

within t he patient’s circle of care.

2 McInerney, above note 1; Norberg v Wynrib, [1992] 2 SCR 226.

Health In formation 439

and to

21. Avoid health ca re discussions, i ncluding in persona l, public, or

virtua l conversations, that could rea sonably be seen as revea ling

confidential or ident ifying infor mation or as being disr espectful to

patients, their f amilies, or careg ivers.3

Exceptions to the duty of confidentiality include “situations where the

informed consent of the patient has been obtained for disclosure or as

provided for by law.”4 The Code of Ethics for Registered Nurses sets

out a detailed list of ethical responsibilities regarding privacy and con-

fidentiality, including collecting, using, and disclosing health informa-

tion only “on a need-to-know basis”; limiting disclosures to what is

necessary for a par ticular purpose; protecting health in formation when

communicating with other s or using information technology or social

media; and not abusing access to hea lth care records.5 Similar obliga-

tions are included, with var ying levels of detail, in t he relevant codes

for other professions, such as psychology,6 dentistry,7 and pharmacy.8

The legal obligation to maintain confidentiality of patient informa-

tion is also well recogn ized. A 1928 decision of the SCC, Halls v Mitchell,

remains one of the leading authorities, despite the fact that the mai n

3 Canadian Medic al Association, “Code of Eth ics and Professionalis m” (Decem-

ber 2018), online: http://policybas e.cma.ca/dbtw-w pd/Policy pdf/ PD19-03.pdf

[CMA, “Code of Ethics”].

4 Ibid at para 18.

5 Canadian Nurse s Association, “Code of Ethic s for Registered Nurses” (Ottawa:

Canadia n Nurses Association , 2017), online: www.cna-a iic.ca /html /en/Code -of-

Ethics-2017-Edition/index.ht ml at 14 –15.

6 Canadian Psychological A ssociation, “Canadi an Code of Ethics for Psychol-

ogists,” 4th ed (Ottawa: C anadian Psychological A ssociation, 2017), online:

https://cpa.ca /docs/File /Ethics /CPA_Code_2017_4thEd.pdf at 16– 17.

7 See, for example, Alber ta Dental Associat ion & College, “Code of Ethics” (Octo-

ber 2007), online: ww w.dentalhealth alberta.ca /wp-content /uploads/ 2019/03/

ADAC-Code-of-Ethics.pdf at 7; College of Dental Surgeons of Br itish Columbia,

“Code of Ethics” (May 2015), online: www.cdsbc.org/CDSBCPublicLibrary/Code-

of-Eth ics.pdf at 2; Royal College of Dental Sur geons of Ontario, “RCDSO Code

of Ethics,” online: ww w.rcdso.org/en-ca/rcdso-members/your-responsibilities/

code-of-ethic s at para 15.

8 S ee, for example, Alberta College of Ph armacy, “Code of Ethics” (2014), online:

https://abphar macy.ca/sites/def ault/file s/CodeofEth icsBooklet_ May2014.pdf,

Principle 4 [AB College of Ph armacy, “Code of Ethics”]; College of Pharma-

cists of Brit ish Columbia, “Code of Ethics — Detailed” (2016), online: htt p://

library.bcpharmaci sts.org/6_Resources /6-1_Provincial_L egislation/5019-Code_

of_Ethic s_Detaile d.pdf at 5; Ontario College of Ph armacists, “Code of Eth-

ics” (December 2015), online; www.ocpinfo.com/librar y/council/download/

CodeofEthics2015.pdf at paras 2.9, 3.6, and 4.7