As a full service IT solutions provider, FoxIT takes care of a wide portfolio of business. Since 2011 however, one of the verticals we’ve had the highest growth is in the health industry. The growing number of medical clinics we support all follow a trend that represent a fundamental shift the way privately owned doctors’ offices and clinics are doing business; breaking away from the traditional break / fix model to forging business relationships with a single IT service provider to engage in proactive and fully managed IT support models that are custom tailored for each practices.

One of the key drivers for this change in direction has been as a result of the increased need for protecting sensitive patient information and maintaining a consistently secure IT Infrastructure as part of the requirement to stay in compliance with the PHIPA regulation.

PHIPA, or The Personal Health Information Protection Act, 2004 is an Ontario law that governs the collection, use and disclosure of personal health information within the health sector. The object is to keep personal health information confidential and secure, while allowing for the effective delivery of health care. Under this legislation, persons and organizations that provide health care are collectively known as health information “custodians. Failure to comply with the requirements of this legislation can translate to hefty fines for the health practitioners. The Ottawa Hospital for example, was fined $75000 in 2011 as a result of a single patient’s information being breached.

Alongside administrative safeguard practices the regulation requires that the health practitioners IT systems also meet certain safeguard requirements.

Examples of technical safeguards for records include:

  • -Using passwords to protect access to a computer
  • -Using passwords in conjunction with screen savers that are activated after a short period of time of inactivity
  • -Encrypting information and removing identifiers, where appropriate
  • -Storing electronic records on secure server
  • -Encrypting backup tapes of electronic records prior to storage
  • -Installing firewalls
  • -Using anti-virus protection
  • -Database management to vary access
  • -Creating a capacity to audit access to electronic records

Our personalized approach allows us to leverage our experience and consult with our Health Practitioner client’s to provide best-practice information management solutions that help them protect their patient information from being compromised. Through our service, our clients are able to review the ongoing maintenance, monitoring and management work we do on their behalf so that they can feel confident that their business is in compliance with the regulations. Also, as their trusted advisor we stay on top of industry changes that effect our clients IT environment and requirements and we’re able to recommend changes in real time we avoid any concerns from a security and compliance perspective.


If you’re a medical practitioner and you are concerned about how them PHIPA regulations impact your business, book a meeting with one of our consultants today!




Book an appointment today!

Copyright © 2015 | All rights reserved.