Other Events

Health Sector Privacy Officer Training 2017

Tuesday, January 31 to end of 2017 Webcast or in-person at St. Andrew’s Club and Conference Centre, Toronto, ON
Register now

Health Sector Privacy Officer Training 2017

Here are the details you’ve been asking for!

January 31 (in person in downtown Toronto or via webcast, your choice) +

Weekly/biweekly teaching sessions, resources & online community to end of 2017

As health care organizations and providers, your privacy practices are under scrutiny from your patients, residents or clients (and their families), the courts, the media and the Information and Privacy Commissioner of Ontario (IPC/O). Attorney General prosecutions are underway under the Personal Health Information Protection Act (PHIPA), and class actions have been filed in the courts. This year, Bill 119 amended PHIPA in numerous important ways (including doubling the fines to up to $100,000 for individuals and $500,000 for organizations and requiring reports to the IPC/O of certain privacy breaches and reports to regulatory Colleges).

This course focuses on Ontario legislation, but is of value to any health sector Privacy Officer.  It will give you confidence in your role by giving you the information and skills you need to succeed as a Privacy Officer or as:

  1. A Chief Information Officer
  2. A person with a Privacy Officer reporting to you, or
  3. If you advise organizations that are subject to health privacy requirements or create related health policy

You receive:

  • A full day session in downtown Toronto (or via webcast, the choice is yours) where we will launch the community and tackle some of the tough issues
  • An additional weekly or biweekly set of webinars, videos, resources and intensive instruction from a  leading legal educator in the field, most in real time
  • 30+ hours (up from the previous course that was 20 hours) with flexibility to learn at a pace that works for you, and with the support of a community
  • The most current information on privacy practices and expectations for health care organizations
  • Practical and dynamic skills training for adult learners using scenarios, stories, quizzes and practical applications for your environment
  • Sample tools to adapt to your organization for your everyday use, including these templates:
    • Privacy program checklist and document checklist
    • Privacy policies
    • Annual confidentiality pledge for all staff, students, volunteers and researchers
    • Privacy communiques (to customize and circulate as evidence of your due diligence)
    • Board update on privacy
    • Privacy impact assessment resources
    • Privacy breach checklist
    • Privacy breach notification/script
  • A privacy library
    • The primary Ontario privacy resource – “Guide to the Ontario Personal Health Information Protection Act: A Practical Guide for Health Care Providers” (H. Perun, M. Orr, F. Dimitriadis, Irwin Law, 2005)
    • Online resources compiled for you, so you do not have to search them out yourself
  • Strategies to assist you to work through your organization’s documents
  • A report card you complete at the end of the course to share with your Board or supervisor to demonstrate your organization’s privacy compliance status and privacy priorities (or gaps, if any)
  • A letter outlining the training you have received, for your organization’s due diligence

DAY 1 – January 31, 2017

LOCATION – St. Andrew’s Club and Conference Centre at 150 King St W., 27th Floor, Room L2, Toronto, ON (King St. W. and University Ave.) http://www.standrewsclub.ca/  (Or via webcast)


Some of you have said that travel at this time of year is tough, and/or that you welcome online opportunities, and that you love the community and problem-solving that comes with a membership that extends beyond a day a month for three months (the previous format). We have passed on that savings to you, and are pleased to offer new and interactive ways to learn where you get what you need.


Cove Academy is a new and innovative training platform. Our lead trainer in the course is Mary Jane Dykeman, a Principal of Cove Academy and lawyer at DDO Health Law. We bring experience, humour and vitality to each training session. We work with health care organizations across the continuum of care (from primary to quaternary care, community and social services, academic centres, as well as children’s, seniors’ and mental health and addiction providers). We know exactly why PHIPA was drafted as it was, the nuance of PHIPA’s application within your environment, and the common and complex issues Privacy Officers and others working in privacy face daily. We have developed scenarios that will resonate with you.


1.  Recent developments, risk management and due diligence (Day 1 session and throughout the course as new orders and decisions of IPC/O arise) 2. The privacy basics, including general limiting principles and collection rules 3.  Privacy compliance overview 4.  Creating and reinforcing a culture of privacy 5.  Security & safeguards, including the ins and outs of audits and increasing number of shared systems
6.  Consent and capacity in the PHIPA context 7.  Secondary Uses and Disclosures 8.  Disclosure to third parties 9.  Who is the health information Custodian? 10.  Privacy breach investigation & response
11.  IPC/O orders and decisions – what you need to know 12.  How to create and show due diligence 13.  Attorney General prosecutions – what we know so far 14.  Dealing with the media 15.  Tips for training staff whether you are a large or small health information custodian
16.   Circle of care and lockbox 17.   Access & Correction 18.  Special rules related to children 19.  Special rules in mental health settings 20.  Q&A – What keeps you up at night?