Privacy legislative acts: PIPA and FOIPPA
There are two legislative acts that affect the privacy of personal health information in BC.
The Personal Information Protection Act ("PIPA") covers personal information when it is held by a doctor or other private health care provider working in the community. The Freedom of Information and Protection of Privacy Act ("FOIPPA”) applies to health authorities, hospitals, and urgent care clinics, and to providers working within them. Both acts regulate the collection, use, and disclosure of personal information.
Comparing PIPA and FOIPPA
- PIPA applies to private organizations such as private practices, corporations, and First Nations.
- FOIPPA applies to public health care bodies such as hospitals, health authorities, and the Ministry of Health.
- Doctors in private practice who are also working in a hospital will generally be governed by PIPA with respect to the personal information collected, used, and disclosed in their private practice, and by FOIPPA with respect to personal information they collect, use, and disclose at the hospital. NOTE: this may cause confusion when a patient from your private practice is admitted to hospital. Know that we are all responsible for protecting personal information and only sharing information with those who have a need to know.
Review the following scenarios to see which legislation may apply to you. Please note these are general high-level examples. To determine your specific privacy obligations you would need to seek independent legal advice.
| SCENARIO | PIPA | FOIPPA |
|---|---|---|
| You are a doctor who runs your own private practice. | ✓ | |
| You are a doctor who works out of a hospital or hospital operated clinic. | ✓ | |
| You are a doctor who works for WorkSafe BC. | ✓ | |
| You are a doctor who is employed at Doctors of BC. | ✓ | |
| You are a doctor who works at a long-term care facility operated by a health authority. | ✓ | |
| You are a doctor who works at a privately operated long-term care facility. | ✓ |
The BC e-Health Act
The BC e-Health (Personal Health Information Access and Protection of Privacy) Act was enacted to provide legislative authority and a privacy framework to protect personal health information contained in designated health information banks (HIBs) of the Ministry of Health or health authorities. Examples include CareConnect, PharmaNet, the Provincial Laboratory Information Solution, Client Registry/Enterprise Master Patient Index, and Provider Registry.
Connected Care Act (Bill C-72)
Bill C-72, the Connected Care Act, is a legislative proposal aimed at improving access to integrated, patient-centered health care across Canada. This bill seeks to enhance the coordination and delivery of health care services by leveraging digital health technologies and fostering collaboration among health care providers. By prioritizing seamless care transitions and expanding the use of electronic medical records (EMRs), the Connected Care Act aims to ensure that all Canadians receive high-quality, efficient, and equitable health care, regardless of their location. Doctors of BC will continue to advocate for legislation that supports connecting the health system, with the understanding that this cannot be done at the expense of providers. We commit to updating our members as the legislation advances.
Artificial Intelligence Act- AIDA (Bill C-27)
The Artificial Intelligence Data Act (AIDA) is a proposed legislative framework designed to regulate the use of artificial intelligence (AI) and data technologies in Canada. AIDA aims to ensure that AI systems are developed and implemented in a manner that is ethical, transparent, and respects the privacy and security of individuals. By establishing guidelines for the responsible use of AI, including data governance, accountability, and oversight, the act seeks to mitigate potential risks and promote innovation in the health care sector and beyond. Doctors of BC will advocate for legislation that includes robust safeguards for the implementation of new technologies, ensuring that innovation can thrive without placing additional burdens on physicians.
For more detailed information on Health Information Legislation, please review our Privacy Toolkit and Legislative Framework for Privacy in the BC Health Care System.
Health Information Sharing
Doctors of BC recognizes the value and importance of information sharing across both public and private organizations. Information sharing is essential to various care components, including the evaluation of patient care. Please see below for details outlining Information regarding an Information Sharing Agreement (ISA) and the Integrated Activity Agreement (IAA).
An Information Sharing Agreement (ISA)
Public bodies, such as health authorities and the Ministry of Health, enter Information Sharing Agreements (ISAs) when there is a regular and systematic exchange of personal information between public sector organizations or between a public sector organization and an external entity, such as a private doctor’s office (e.g., family practice or community-based specialist). An ISA sets the conditions for the collection, use, or disclosure of personal information by the parties to the agreement.
See the Government of BC’s webpage on Information Sharing Agreements for more information.
The Integrated Activity Agreement (IAA)
Through FPSC funding, Doctors of BC has developed the Integrated Activity Agreement (IAA). The IAA provides the legal framework for public providers (i.e., health authorities) and private providers (i.e., doctors’ practices) to share identifiable information with each other and enable data-driven improvements to PCN’s and Team Based Care projects, leading to improved patient outcomes.
Doctors of BC’s Information Sharing Task Group remains committed to providing you with updates on the ongoing development of the draft Integrated Activity Agreement (IAA) and the progress in advancing this work across all providers in the community, including team-based care and community-based specialists. Over the past several months, we have been working closely with our partners through a demonstration project in Kootenay Boundary to pilot the IAA.
The IAA, which is now being advanced by Doctors of BC, will initially be demonstrated in select areas and is not yet being broadly implemented. Building on the insights gained from these demonstrations, we aim to refine and share an IAA model that can be adopted by providers across the province.
In alignment with our commitment to Truth & Reconciliation, we are collaborating with First Nations partners to ensure that the IAA respects Indigenous data sovereignty. This principled approach is part of our broader effort to advance cultural safety and equity in health care.
Health Information Standards
Health information standards establish consistency in documenting, exchanging, and interpreting a patient’s health information. Access and review information on health information standards (e.g., data format, clinical terminology, technical messaging, and more) that are in development, pending, and published. Please see below for further information.
The Health Information and Interoperability Standards Catalogue introduces current provincially endorsed standards for use by those implementing and integrating with:
- Clinical Information Systems (CIS)
- Electronic Medical Records (EMR)
- Local terminology servers, and
- Clinical Document Architecture (CDA) exchanges
Health information standards are important for doctors and their Quality Improvement (QI) initiatives. For more information on current QI initiatives, please visit the Joint Collaborative Committees (JCC) website.