Directory of Personal Information Banks

Untitled Document

Directory of Personal Information Banks

Inclusion of a record in Alexandra Maine and General Hospital index of Personal Information Banks is not intended to indicate that this information will be available under Ontario’s Freedom of Information and Protection of Privacy Act (FIPPA). FIPPA requires Alexandra Maine and General Hospital to make available to the public a directory of the personal information banks it maintains. A personal information bank is personal information under the control of Alexandra Maine and General Hospital that is organized or intended to be retrieved by an individual’s name or unique identifier.

 

Please note that access to personal health information, such a patient’s medical chart or diagnostic tests, is not available under FIPPA. The Personal Health Information Protection Act (PHIPA) applies to a patient’s medical information and the Hospital protects that information in accordance with PHIPA. If you wish to make a request for your own patient record, please contact our Health Records Department.

 

Name of Personal Information Bank

Details

 

 

Accounts Receivable reports and worksheets

Legal Authority: Corporations Act

Information maintained: some or all of name, address, telephone number, email, financial information

Uses: to generate invoices and maintain a record of their status

Users: Finance Department personnel
Individuals in Bank: patients, employees, medical staff, students, public

Board membership

Legal authority: Corporations Act 

Information maintained: Some or all of name, email, home address, home address, home telephone

Uses: To document the membership of the health center’s governing body and to support communication with board members

Users: CEO and administrative personnel

Individual’s in bank: members of the Board

Education Records

Legal authority: Public Hospitals Act 

Information maintained: Names and areas of work

Uses: tracking of education and training 

User: authorized supervisors and managers, Organizational Development personnel, staff educators

Individuals in bank: employees

Electronic Systems and Accounts
Administration Records

Legal authority: Public Hospitals Act

Information maintained: some or all of name, user name, password, home contact information, employee number 

Uses: manage internet and e‐mail accounts, administer access permissions, investigate system incidents

Users: Information Technology personnel, Information Systems personnel

Individuals in bank: employees, medical staff, medical students and residents, other authorized system

Employee contact lists and scheduling
lists

Legal authority: Public Hospitals Act 

Information maintained: Some or all of name, home contact information, employee number Uses: appropriate operation of health center
Users: scheduling personnel, authorized supervisors  and managers Individuals in bank: employees

Employee payroll files

Legal authority: Employment Standards Act, Insurance Act, Canada Pension Plan Information maintained: records relating to individual employee’s wage and deductions
profile, some or all of name, address, gender, social insurance number, date of birth, telephone number, email address, employee number, employment history, tax exemptions, bank account number

Uses: calculate and administer payroll

Users: Finance Department personnel Individuals in bank: employees

Employee/Personnel records

Legal authority: Public Hospitals Act 

Information maintained: some or all of name, date of birth, home/emergency contact information, marital/family status and information, next-of‐kin, beneficiary information, citizenship/immigration status, SIN, employee number, education information, employment information, credentials, performance evaluations, discipline information, grievance information, financial information, disability and/or medical information, reference letters, comments and opinions

Uses: administration of the employment relationship 

Users: Human Resources personnel, authorized supervisory personnel

Individuals in bank: prospective employees, employees, past employees

Freedom of Information requests

Legal authority: Freedom of Information and Protection of Privacy Act
Information maintained: some or all of name, address, telephone number, email address, record of payment, subject of request, various types of personal information depending upon records requested.

Uses: process access requests and corrections to personal information requests or investigate privacy complaints

Users: FIPPA Head, FOI Coordinator, Chief Privacy Officer

Individuals in bank: information requesters

I.D. Cards

Legal authority: Public Hospitals Act
Information maintained: some of all of name, home contact information, employee number and photographs

Uses: administration of access control

Users: Human Resources Personnel, Financial  Services Personnel

Individuals in bank: employees, medical staff, volunteers, students

Incident/Complaint Files

Legal Authority: Public Hospitals Act, Excellent Care  for All Act

Information maintained: some or all of name, address, telephone number, email address, opinions, correspondence and other supporting documentation

Uses: Information is used to investigate and resolve incidents/complaints

Users: CEO, senior directors, authorized personnel directly involved in an investigation, patients and authorized family members

Individuals in bank: complainants and individuals  related to incident

Key Access Requests

Legal authority: Public Hospitals Act 

Information maintained: some of all of name and employee number

Uses: administration of access control

Users: Facilities Personnel
Individuals in bank: employees, medical staff, volunteers, students

Legal affairs and litigation files

Legal Authority: Public Hospitals Act, Limitations Act 

Information maintained: some or all of name, address, telephone number, email address, witnesses, personal health information, correspondence and other supporting documentation

Uses: Information is used to report and investigate workplace accidents Users: CEO, senior directors, authorized personnel, Risk Manager

Individuals in bank: employees, volunteers, students, medical staff, public

Medical staff credentials

Legal authority: Public Hospitals Act 

Information maintained: names, addresses, phone numbers, email addresses, professional and credentialing information

Uses: appropriate provision of patient care

Users: Board Chair, CEO, Chief of Staff, Deputy Chief of Staff, Credentials Committee, Medical Advisory Committee

Individuals in bank: medical staff

Occupational Health Records

Legal authority: Occupational Health & Safety Act;  Workplace Safety & Insurance Act Information maintained: health assessment, immunization status, incident reports, information to and from WSIB, diagnostic results (if applicable), nurses notes, physician notes.

Uses: maintenance of an occupational health record; to identify and respond to injuries and issues (WSIB and non-WSIB); to fulfill the health center’s obligations to provide a safe and healthy workplace.

Users: Occupational Health personnel and physicians

Individuals in bank: prospective employees, employees, past employees, students, volunteers, medical staff

OHIP Records

Legal Authority: Health Insurance Act 

Information maintained: some or all of name, address, telephone number, email, health card number, as well as personal health information

Uses: to submit patient accounts for reimbursement and to maintain a record of their status Users: Finance Department personnel

Individuals in Bank: patients

Personal Health Information Requests

Legal Authority: Personal Health Information Protection Act
Information maintained: some or all of name, address, telephone number, subject of request, as well personal health information

Uses: to process requests for personal health information under PHIPA

Users: Clinical Records Department personnel, authorized personnel involved in a request Individuals in Bank: patients, health care providers, others authorized to request personal health information

Photographs

Legal Authority: Corporations Act, Freedom of Information and Protection of Privacy Act
Information maintained: some or all of visual images, name, address, telephone number
Uses: communication, public relations, recognition Users: Public Relations
Individuals in Bank: employees, medical staff, students, volunteers, public

Records under the Personal Health
Information Protection Act

Legal authority: Public Hospitals’s Act, Personal  Health Information Protection Act Information maintained: some or all of name, address, telephone number, email address, date of birth, gender, clinical information and treatment records

Uses: maintain records of patient care

Users: Clinical Records Department, care providers, circle of care, patients
Individuals in bank: patients

Recruitment Records

Legal authority: Public Hospitals Act

Information maintained: staffing requisition, resumes (personal information including but not limited to name, address, telephone number, email), expression of interest, job posting, interview notes/guides, Personnel Action Forms, external advertisements (if applicable) Uses: maintenance of a recruitment file for posted
positions.

Users: Human Resources personnel, members of interview team
Individuals in bank: prospective employees, employees

Security Reports

Legal Authority: Public Hospitals Act 

Information maintained: Some or all of name, address, telephone number, date of birth, gender, driver’s license number, nature of incident/complaint, images, witness statements, case notes.

Uses: to enhance safety and security, to investigate security incidents

Users: Security personnel, authorized individuals involved in investigations

Individuals in Bank: patients, employees, medical staff, students, volunteers, public

Video Surveillance Records

Legal Authority: Public Hospitals Act, Freedom of  Information and Protection of Privacy Act Information maintained: video images of facility – common areas inside the buildings and property and grounds.

Uses: to enhance safety and security

Users: Security personnel, authorized individuals involved in investigations

Individuals in Bank: patients, employees, medical  staff, students, volunteers, public

Volunteer Records

Legal authority: Public Hospitals Act 

Information maintained: some or all of name, address, phone #, email, date of birth, gender, language, health restrictions/limitations, emergency contact, family physician, education, professional/work experience, special interests, skills, hobbies, community/volunteer experience, criminal records verification, completed reference forms, Occupational Health Services assessment, # volunteer hours

Uses: administration purposes

Users: Volunteer Services personnel

Individuals in bank: volunteers

Workplace accident/investigation reports

Legal Authority: Workplace Safety and Insurance Act 

Information maintained: some or all of name, address, telephone number, email address, witnesses, personal health information,  correspondence and other supporting documentation Uses: Information is used to report and investigate workplace accidents

Users: CEO, senior directors, authorized personnel  directly involved in an investigation Individuals in bank: employees, volunteers, students, medical staff

Workplace compensation and disability records

Legal authority: Public Hospitals Act, Labour Relations Act, Workplace Safety and Insurance Act

Information Maintained: some or all of name, date of birth, home contact information, marital/family status and information, SIN, employee number, employment information, long term disability claim information, Workplace Safety and Insurance Board claim information
Uses: administration of claims and benefits, accommodation and return to work planning Users: Human Resources, authorized personnel

Individuals in bank: employees



Note: Alexandra Maine and General Hospital Directory of Personal Information Banks directory

remains under development. Further Personal Information Banks will be added as they are identified.

Updated July 25, 2014