Freedom of Information & Protection of Privacy
(FIPPA) and its Application to Norfolk General Hospital
The Freedom of Information and Protection of Privacy Act (FIPPA) regulates the collection, use and disclosure of personal information, and the retention, destruction, security and accuracy of personal information; it requires hospitals to maintain certain data banks; it applies to all existing corporate records. The Act applies to all records that come into the custody or control of the hospital on or after January 1, 2007. Upon request, certain records must be made available in accordance with the Act.
To enhance accountability and transparency across the health care industry, Ontario’s hospitals and Local Health Integration Networks will be subject to the Freedom of Information and Protection of Privacy [FIPPA] Act beginning January 1, 2012.
The act is comprised of two principals of equal weight:
- Freedom of Information, the public has the right of access to all recorded administrative, financial and general information in the custody and control of Norfolk General Hospital dating from January 1, 2007, subject to exclusions and specific and limited exemptions.
- The Protection of Privacy provisions of the Act regulate the collection, use, disclosure, security and retention of personal information held by Norfolk General Hospital and provides individuals with the right of access to that information. Note that personal health information; i.e., the medical record is excluded from FIPPA; however access to one’s record may be obtained by contacting the Health Records department.
Norfolk General Hospital strongly supports the provisions of FIPPA and efforts to enhance transparency and accountability in hospitals. FIPPA provides a framework for access to the Hospital’s corporate administrative, financial and general records and protection of individual privacy.
What information is covered by the Act?
Most business records in the custody or under the control of the Hospital are subject to FIPPA and most of these will be available if requested. A few types of records however are specifically excluded so the Act does not apply to them. A few other types are covered by the Act but exempt from disclosure to protect public concerns, privacy, hospital operations and other important interests.
Some records which will generally be accessible under the Act include:
- those containing your own personal (not health) information;
- most hospital administrative records, financial and general records;
Examples of records which are not accessible under FIPPA include:
- personal health information (under PHIPA)
- quality of care information (under QCIPA)
- ecclesiastical records of an affiliated church or religious organization
- records re: operations of a hospital foundation
- administrative records of regulated health professional, re: personal practice
- records re: charitable donations made to the hospital
- records re: certain labour relations, employment matters
- records re: certain appointment, privileging matters
- certain records respecting or associated with research
- certain records of teaching materials
To access the Freedom of Information and Protection of Privacy Act, please visit:
For Information on the Act, please visit the Information Privacy Commissioner of Ontario website: