The Osgoode Certificate in Privacy Law and Information Management in Healthcare

Globally, in recent years, healthcare has accounted for more privacy breaches than any other industry.

The number of incidents continues to rise as healthcare institutions are frequently in the news for mismanaging personal health information.

Breaches and missteps can result in significant reputational risk and institutional liability. Maintaining adequate privacy around health information is a core priority of patients, medical institutions and professionals, software vendors, and clinical researchers.

A web of regulatory instruments and best practices have developed to protect sensitive medical data. These ensure that only those who require access for treatment or research purposes are able to view this most personal category of private information. Failure to adopt adequate protective initiatives can leave patients vulnerable to the loss of highly sensitive personal information and medical organizations liable for breeches that can lead to class actions and a loss of trust by their patient populations

Click HERE to learn more about the program or register.

What You Will Learn:

  • Demystifying the regulatory landscape: PHIPA, PIPEDA, MFIPPA, FIPPA and other targeted or sector specific laws (such as Public Hospitals Act, Mental Health Act, Health Protection and Promotion Act, Long-Term Care Homes Act etc.) and Privacy Act
  • Strategies and tactics for lost or stolen devices, including best practices for storing data
  • Responding to privacy breaches
  • Creating effective consent directives
  • Managing data sharing agreements with vendors and other patient services
  • Best practices for effective data management and ensuring data integrity
  • Determining and minimizing risk: medical devices and other sources of patient information
  • Conducting privacy impact assessments
  • Managing threat risk assessments
  • Understanding how to meet audit requirements and managing the costs of data verification
  • Guidelines for cross border data sharing (particularly in cloud-based services)

Who Should Take This Program:

  • Privacy officers and other privacy professionals working in healthcare settings
  • Health records leaders/custodians
  • Lawyers advising on privacy issues and information technology or health law
  • IT security managers
  • Nursing Administration
  • Risk Managers
  • Regional Health Authorities
  • Patient advocates
  • Family Councils
  • Board members
  • Class action litigators
  • Government Policy Makers
  • eMR vendors
  • Clinicians


Program Chair

  • Kate Dewhirst, Health Law