What Does PHIPA Mean, and Who Must Comply With It?
PHIPA stands for the Personal Health Information Privacy Act. It is a Canadian provincial law that governs how Ontario medical professionals, hospitals, and healthcare entities can collect, store, and disclose patients’ personal and health information within the province. PHIPA applies to both commercial and non-commercial data collection activities.
PHIPA protects information describing an Ontario citizen’s contact information, diagnosis, family medical history, treatment plan, and other personal and medical information. It requires entities to take steps reasonable under the circumstances to protect this information from being copied, stolen, or used and shared without prior consent. Organizations must also share, dispose, and retain medical records using secure protocols. Entities that violate PHIPA can be fined up to $500,000 per offense, while individuals could face up to $100,000 per offense. Corporation officers, members, agents, and employees can be fined individually if they authorized a PHIPA offense or knowingly refrained from taking steps to stop one when they had the authority to do so. Healthcare entities that disclose data to or collect information from individuals and businesses outside of Ontario for commercial purposes will need to comply with
How Does PHIPA Cloud Hosting Work?
Moving your healthcare data into the cloud is one way you can achieve PHIPA compliance. Our ePHI and HIPAA-compliant cloud hosting platform, Abacus Private Cloud, provides the infrastructure you’ll need to securely store your data at rest and in use with our three layers of physical, server, and data security.
How Can I Audit and Maintain Compliance with PHIPA?
While you are responsible for your ensuring your uploading and sharing activities complies with PHIPA, we can supply SSAE-18 SOC 1, 2, and 3 reports for auditing purposes. Our support team also automates software updates, applies IT patches, and provides firmware upgrades to protect your account.
Are there AbacusNext Clients who are PHIPA compliant today?
Yes! Contact us to see how Abacus Private Cloud can help you achieve PHIPA compliance.