• About
  • Offices
  • Careers
  • Students
  • Alumni
Background Image
Logo Bennett Jones
  • People
  • Expertise
  • Resources
  • Search
  • Menu
  • Search Mobile
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z All

FEATURED AREAS

Energy
Funds & Finance
Mining
Capital Projects
All Industries
Crisis & Risk Management
Environmental, Social & Governance
Governmental Affairs & Public Policy
All Practices
Insights
Media
Events
Subscribe
COVID-19 Resource Centre
Business Law Talks Podcast
Kickstart
New Energy Economy Series
People
Featured Areas
All Practices
All Industries
About
Offices
Careers
Insights
Events
Search
Search
 
Blog

New Breach Notification Under Alberta's Health Information Act

May 16, 2018

As of August 31, 2018, custodians and their affiliates will have obligations to provide breach notifications under Alberta’s Health Information Act.

More specifically, a custodian will be required to give notice of any loss or unauthorized access to or disclosure of individually identifying health information in the custody or control of the custodian if there is a risk of harm to an individual as a result of the loss or unauthorized access or disclosure.

The notice must be given to:

  • the Alberta Information and Privacy Commissioner;
  • the Minister of Health; and
  • the individual who is the subject of the individually identifying health information (unless giving such notice would put the individual's physical or mental health at risk).

Similarly, any affiliate of a custodian will be obligated to notify the custodian of any or unauthorized access to or disclosure of individually identifying health information in the custody or control of the affiliate relevant to the custodian.

Each of the foregoing notices is required to be provided “as soon as practicable”.

Once amended by the Alberta Health Information Amendment Regulation on August 31, 2018, the Alberta Health Information Regulation provides a non-exhaustive list of factors that must be considered by a custodian when assessing whether there is a risk of harm to an individual as a result of a loss of or an unauthorized access to or disclosure of individually identifying health information.

These factors include whether there is a reasonable basis to believe that the applicable information:

  • has been or may be accessed by or disclosed to a person;
  • has been misused or will be misused;
  • could be used for the purpose of identity theft or to commit fraud; and
  • could cause embarrassment or physical, mental or financial harm to, or damage the reputation of the subject individual.

Bennett Jones would be pleased to help you understand the implications of these amendments. If you would like to learn more about same, members of our Health team can assist.

Authors

  • Michael R. Whitt Q.C. Michael R. Whitt Q.C., Partner, Patent Agent, Trademark Agent
  • J. Sébastien A. Gittens J. Sébastien A. Gittens, Partner, Trademark Agent
  • Kees  de Ridder Kees de Ridder, Associate, Patent Agent

Read the New Energy Economy Series

Related Links

  • Insights
  • Media
  • Subscribe

Recent Posts

Blog

The Rise of ESG Bonds in Corporate Financing

March 02, 2021
       

Blog

Another Reminder of the Low Bar for Class Action Certification [...]

March 01, 2021
       

Blog

Are Gun Manufacturers Liable for Mass Shootings?

March 01, 2021
       

Blog

Evidence of Harm Required To Advance Class Action Following Data Breach

February 24, 2021
       

Blog

Site Rehabilitation Program Periods 5 and 6 Further Expand Program Scope

February 22, 2021
       

The firm that businesses trust with their most complex legal matters.

  • Privacy Policy
  • Disclaimer
  • Terms of Use

© Bennett Jones LLP 2021. All rights reserved. Bennett Jones refers collectively to the Canadian legal practice of Bennett Jones LLP and the international legal practices and consulting activities of various entities which are associated with Bennett Jones LLP

Logo Bennett Jones