By Date

Health Sector Privacy Officer Training Spring 2016

Spring 2016  – 3 Full Days

April 12, May 10 & June 14

The privacy practices of health care organizations are under increasing scrutiny from patients (and their families), the courts, the media and the regulator, the Information and Privacy Commissioner of Ontario (IPC/O). As Privacy Officer, it is your job to ensure your organization is compliant with privacy laws and IPC/O guidelines. Whether you are new to the Privacy Officer role or are a seasoned privacy professional, you may wonder whether you have the latest information to do your job properly.  You may have already discovered that it is not enough to know the technicalities of the law; it is also important that you understand the spirit of the legislation and how to apply the law to specific and sometimes difficult situations.

This is the only course of its kind in Canada.

This course will give you confidence in your role by giving you the information and skills you need to succeed as a Privacy Officer.

You receive:

  • 20 hours of intensive instruction from leading legal educators in the field
    • 3 full day sessions each available in person in downtown Toronto or via webcast
  • Reassurance that you have the most current information on privacy practices and expectations for health care organizations
  • Practical and dynamic skills training for adult learners using scenarios, stories, quizzes and assignments
  • Sample tools to adapt to your organization for your everyday use, including (and many more):
    • Privacy program checklist
    • Privacy policies
    • Privacy breach checklist
    • Privacy breach notification
  • A privacy library
    • The primary Ontario privacy resource – “Guide to the Ontario Personal Health Information Protection Act: A Practical Guide for Health Care Providers” (H. Perun, M. Orr, F. Dimitriadis, Irwin Law, 2005)
    • Online resources are compiled for you in a few downloadable PDFs so you do not have to find the resources yourself and print them individually
  • A reading list to prepare you before each session
  • Homework to assist you to work through your own organization’s documents
  • A report card you complete yourself at the end of the course to share with your Board or supervisor to demonstrate your organization’s privacy compliance status and remaining privacy gaps, if any
  • A letter outlining the training you have received, for your organization’s due diligence

While we focus on Ontario legislation – this course is of value to any health sector Privacy Officer.

For more information – click on the title “Health Sector Privacy Officer Training” above. And for even more information, contact Franca Latino by phone at: 416-967-7100 x 242  or by email at:

Mental health comes out of shadows (The Lawyers Weekly)

Mary Jane Dykeman wrote a piece “Mental health comes out of shadows” for The Lawyers Weekly Health Law Focus. Click title for PDF version.


Proposed Changes to PHIPA through Bill 119 Blacklined – Not Official Copy


This week the Ontario government introduced Bill 119, which proposes to amend the Personal Health Information Protection Act, 2004 (PHIPA).  DDO Health Law has prepared a blacklined version of PHIPA so it is easy to see the proposed changes. Please click the title “Proposed Changes to PHIPA through Bill 119 Blacklined” above for a PDF version that you can download.

Caution: This is for general information purposes only and is not an official version.  These changes are not yet law and there may be further future amendments.  Please contact us if you have questions.

Mary Jane Dykeman

Kate Dewhirst   

Kathy O’Brien   

CASL (Anti-Spam) Toolkit for the Health Sector

DDO is pleased to announce the release of its CASL (Anti-Spam) Toolkit.  Though Canada’s anti-spam legislation regulates more than just spam, our Toolkit focuses solely on its section 6 spam provisions.

Does CASL apply to your organization?

Many health care organizations have asked us whether CASL applies to them.  It likely does.  If you, your staff, your Board members or your volunteers ever send email or text messages to your stakeholders for commercial purposes, there are new rules you will have to follow as of July 1, 2014.

Who can benefit from the Toolkit

Our Toolkit will be valuable to you if your organization is:

  • a hospital
  • a foundation
  • a health care charity
  • a family health team or nurse practitioner-led clinic
  • a long-term care home
  • a community health centre
  • a mental health or community-based agency
  • a member-based association
  • a shared services organization
  • an association for regulated health professionals, or
  • a regulated Colleges.

Unfortunately, CASL is complicated.  And there are no simple answers to the questions:

  • Do we have to get permission from everyone in our database to continue to send email messages?
  • Do we need to change our email and text messaging practices?
  • Isn’t there an exclusion for charities so we don’t have to comply with CASL?

Our general answer to those questions is: It depends. The analysis depends on the type of email or text messages you send and towhom and for what purposes.

How our Toolkit can help you

This Toolkit will help you work through:

  • which of your email and text messages count as “commercial electronic messages” and which messages are not covered by CASL
  • how to approach your stakeholder database – and how to decide when you should ask for express consent for your stakeholders to stay on your email mailing list or when to rely on “implied consent” or “business to business” relationships (Note: Express consent may NOT be the way to go)
  • how to use the fundraising exception if your organization is a registered charity
  • how to set up your email systems going forward to automatically comply with CASL
  • alternative ways to communicate with stakeholders that are not covered by CASL (such as by fax or phone)
  • what to do if you are still not compliant after July 1, 2014.

Getting the Toolkit

If you are interested in purchasing a copy of the Toolkit, please contact Julie Cannon at 416.967.7100 ext 242 or via e-mail at

Risk Management Issues in Health Research Conference

Agenda and Registration form for May 27th, 2013 Conference

Excellent Care for All Act Compliance and New Regulations