This site uses cookies to provide you with a more responsive and personalised service. By using this site you agree to our use of cookies. Please read our cookie notice for more information on the cookies we use and how to delete or block them.

Bookmark Email Print this page

A new era of transparency for hospitals

Changes to the Freedom of Information and Protection of Privacy Act


A new era of transparency for hospitals


On December 8, 2010, the Ontario government passed legislation to broaden the scope of the Freedom of Information and Protection of Privacy Act (FIPPA) and designate hospitals as “institutions” under the Act. Ontario will usher in a new era of transparency and giving hospitals approximately one year to comply with FIPPA, the changes to which will be effective on January 1, 2012.  


Under the amended FIPPA, the general public will have a right of access to hospital administration, financial and other records unless the records are excluded from the right of access or subject to an exemption under FIPPA, as would be the case for patients’ personal health information. The newly revised legislation will allow anyone to access any record held or controlled by an institution on any issue, subject to the exclusions and exceptions set out in the Act. This includes records concerning procurement, employees, strategic plans, and budgets.

Hospitals will need to complete a number of set-up, operational and review tasks this year to ensure they are ready for their new obligations under FIPPA.

Are you ready?

  • Have you conducted an inventory of records subject to FIPPA?
  • Have you appointed a Freedom of Information (FOI) coordinator?
  • Can you locate records and respond to individuals within the required time limits?
  • Have you set up a FOI office?
  • Have you made mandatory information publicly available?
  • Have you evaluated your FOI program to ensure you can meet all the requirements under FIPPA?

Learn more about the changes to the Freedom of Information and Protection of Privacy Act for health-care institutions.

Related services

Enterprise risk
Security, privacy & resiliency
Privacy & data protection
Identity & access management
Security management & transformation

Related industries

Public Sector 
Health services


Questions? Need more information?