Privacy Breach Report
All material breaches must be reported by custodians to the OIPC. Section 5 of the Personal Health Information Regulations of Personal Health Information Act (PHIA) outlines the factors that are relevant in determining what constitutes a material breach, including the sensitivity of the information involved, the number of people whose PHI was involved, the potential for the information to be misused and whether the cause of the breach indicates a systemic problem. The OIPC is available to assist custodians with advice whenever they have experienced a breach, whether or not it might be considered a material breach.
Privacy Breach Incident Form PDF document opens in new window (253 KB)
(For Custodians Only)