Welcome Huron Perth Healthcare Alliance


The ten principles which form the basis of MGH’s data protection are interrelated, and MGH will adhere to the ten principles as a whole.

Principle 1 – Accountability for Personal Health Information

Accountability for SMH compliance with the principles rest with the Chief Executive Officer, although other individuals within the centre are responsible for the day to day collection and processing of personal information. The hospital has appointed the Support Services Manager as the Privacy Officer to oversee compliance.

Principle 2 – Identifying Purposes for Personal Health Information

SMH will identify the purposes for which personal information is collected at or before the time of collection. The primary purposes are:
  • To provide clinical care to patients
  • To monitor and evaluate the quality of care and the outcomes resulting from that care
  • To assess resource utilization in the delivery of care; to plan for the development and delivery of care and services
  • To support research and education
  • To support and promote fundraising in relation to SMH
  • To meet legal and regulatory requirements

Principle 3 – Consent for the Collection, Use, and Disclosure of Personal Health Information

The knowledge and consent of the individual are required for the collection, use or disclosure of personal health information, except when appropriate.

Principle 4 – Limiting Collection of Personal Health Information

The collection of personal health information will be limited to that which is necessary for the purposes identified by SMH. Information will be collected by fair and lawful means.

Principle 5 – Limiting Use, Disclosure, and Retention of Personal Health Information

Personal health information will not be used or disclosed for purposes other than those for which it was collected, except with the consent of the individual or as required by law. Information will be retained only as long as necessary for the fulfillment of those purposes or as legislated. Disposal of personal health information will be done in a secure and confidential manner.

Principle 6 – Ensuring Accuracy of Personal Health Information

Personal health information should be as accurate, complete, and up-to-date as is necessary for the purposes for which it is to be used.

Principle 7 – Ensuring Appropriate Safeguards for Personal Health Information

Personal health information shall be protected by security safeguards appropriate to the sensitivity of the information, regardless of the format in which is it stored.

The security safeguards will protect personal health information against loss or theft, as well as unauthorized access, disclosure, copying, use, or modification. The nature of the safeguards will vary depending on the sensitivity of the information that has been collected, the amount, distribution, and format of the information, and the method of storage.

Principle 8- Openness Concerning Policies and Practices

SMH will make readily available to individuals specific information about its policies and practices relating to the management of personal health information under its custody or control.

Principle 9 – Individual Access to and Amendment of Personal Health Information

Upon request, an individual shall be informed of the existence, use, and the disclosure of his or her personal health information and may access, inspect, or copy (upon payment of cost recovery fee) his or her personal health information, subject to legal restrictions. An individual shall be able to challenge the accuracy and completeness of the information and have it amended as appropriate.

When an individual successfully demonstrates the inaccuracy or incompleteness of personal health information, SMH will amend the information as required. Depending on the nature of the information challenged, amendment may involve the correction, deletion, or addition of information. Where appropriate, the amended information will be transmitted to third parties having access to the information in question.

Principle 10 – Challenging Compliance with SMH’s Privacy, Confidentiality and Security Policy

An individual shall be able to address a challenge concerning compliance with SMH’s Privacy, Confidentiality and Security to the Privacy Officer. All formal complaints must be submitted in writing to the Privacy Officer. All complaints will be investigated and remedial action taken when appropriate including, if necessary, amending its policies and practices.