BC employee medical information case of note

4 Jan

On August 7th, British Columbia labour arbitrator Julie Nichols issued a decision that addressed the discharge of an employee who refused to consent to an independent medical examination.

The decision is notable for two reasons.

First, the facts are common. The employee went off and provided medical evidence from a family physician that indicated he needed to change jobs on account of an “acute stress/anxiety reaction.” After receiving three communications from the family physician that were not helpful, the employer sought an IME based on a discretion set out in the collective agreement. Arbitrator Nichols held the employer acted reasonably in the circumstances because it had grounds to question whether the employee had “medicalized” a workplace issue.

Second, the award deals with the scope of information available to an IME provider. Arbitrator Nichols held that non-medical parties (employers, unions, employees) are not in a good position to determine the information needed to conduct an IME and that a reasonable IME process contemplates the collection of some extraneous information by the IME provider. The form at issue permitted the IME physician “to review copies of all medical and/or employment records related to my condition that will assist” and limited this permission by date range. Arbitrator Nichols held the form was reasonable.

Metro Vancouver v Greater Vancouver Regional District Employees’ Union, 2014 CanLII 74955 (BC LA).

IPC notes an inconsistency in its treatment of OHIP billings as personal information

2 Jan

The IPC/Ontario issued an order on December 17th in which it noted an inconsistency in its treatment of OHIP billing information as personal information. It said:

As the parties have noted, a number of IPC orders have considered the issue of whether OHIP billings reveal personal information of doctors.  In these orders, this office has concluded that OHIP billings that can be connected with specific doctors are their personal information.  For example, in Order P-1502, the Commissioner found that payment to a physician for services rendered in connection with the prescription of home oxygen services was a “financial transaction” within the meaning of section 2(1)(b) of the Act, and therefore qualified as personal information.  I followed this above approach in Order PO-3200.

Interestingly, the above approach can be contrasted with the treatment of other professionals whose billing information has been ordered disclosed under the Act.  In Order PO-3207, I found that information about legal fees paid to a lawyer by a hospital was not exempt from disclosure under the personal privacy exemption, as it was not personal information.  In Orders MO-2363 and MO-2927, among others, this office found that the details of fee arrangements between government institutions and professional consultants did not qualify as the personal information of the consultants.

Though making this note, it was unnecessary for the IPC to resolve the inconsistency or depart from its prior decisions to make the order. The information at issue related to payments made to group practice. The IPC held that, in the circumstances, the information did not reveal anything about an individual physician.

Ministry of Health and Long-Term Care (Re), 2014 CanLII 77316 (ON IPC).

Arbitrator awards privacy damages for implying an employee suffered from mental distress

31 Dec

On December 4th, Arbitrator Andrew Sims ordered the Edmonton Police Service to pay a grievor $5,000 in damages for breach of privacy.

The case arises out of the Service’s handling of an intense interpersonal conflict between the grievor, a police detective, and his staff sergeant. The conflict led to a formal review in which the reviewing investigator recommended the grievor’s transfer to a new unit due to interpersonal problems, the responsibility for which was borne by the grievor and others. Before the Service addressed the recommendation, however, the grievor and his staff sergeant had an altercation.

The altercation invited an immediate decision to pursue the recommended transfer. Although the formal review had raised no concerns about the grievor’s mental health, when superintendent met with the grievor to advise him of the transfer she became concerned about his mental health on account of his reaction.

The superintendent raised the need for a psychological assessment, which the grievor undertook grudgingly but voluntarily. While this assessment was pending the superintendent met with the department and implied that the grievor was mentally unwell, in essence conveying the same opinion that was the basis for the pending assessment. In the end, a psychologist determined the grievor was “psychologically intact and functional.”

Based on the following analysis, Arbitrator Sims ordered the Service to pay $5,000 in damages:

Had the Employer described to a work group a physician’s diagnosis of a co-worker, that it had obtained in its role as employer, disclosure would clearly be a breach of the employee’s right to privacy of their personal medical information.  To anticipate a diagnosis, based only on personal observations, however genuine the concerns,and to discuss that in public, is just as serious a breach of privacy.  Arrangements were underway to get the grievor assessed.  Implying anything as to his state of health pending that assessment was inappropriate and unnecessary. The decision was made to transfer the grievor based on the problems he was having with his Staff Sergeant and the Unit Review.  This was decided before the health concerns arose from the interview.  Given that, there was really no need to go into whether the grievor had health issues at all. The emphasis on the grievors “H.R. issues” had the effect of adding undue emphasis to the suggestion that the broader issues in the unit, which were serious in themselves, were due to the grievor’s health issues.  That too was unjustified given the more balanced assessment in the unit review itself.  The grievor’s reputation amongst his peers, his need and ability to interact with them in future, and his sense of employment security were all impacted by the excessive commentary during this meeting.  While I accept that the comments were made out of genuine (although to a significant degree unfounded) concern, they amounted to a breach of privacy and caused harm to the grievor’s privacy interests. Police officers are particularly dependent upon their reputation amongst their peers.  Any suggestion of mental problems or unreliability can seriously hurt their working relationships and their careers.  I find these breaches of privacy sufficiently serious to justify financial compensation which, based on a review of the authorities discussed above, I award at $5,000.

Edmonton Police Service v Edmonton Police Association, 2014 CanLII 73072 (AB GAA).

A broader implication of the SCC’s decision in Fearon

25 Dec

The Supreme Court of Canada issued R v Fearon on December 11th. A 4-3 majority held that the police can search a cell phone incident to arrest without a warrant but subject to various limitations prescribed by the Court. One always must be careful in drawing too much from the Court’s handling of a specific issue in a specific context, but the dialogue between the majority and minority about the mitigating effect of a computer inspection protocol is notable for organizations.

The majority allows warrantless searches, in part, based on a finding that the privacy impact of a cell phone search incident to arrest can be meaningfully mitigated by the application of a “tailored” inspection. Justice Cromwell explains:

First, the scope of the search must be tailored to the purpose for which it may lawfully be conducted. In other words, it is not enough that a cell phone search in general terms is truly incidental to the arrest.  Both the nature and the extent of the search performed on the cell phone must be truly incidental to the particular arrest for the particular offence. In practice, this will mean that, generally, even when a cell phone search is permitted because it is truly incidental to the arrest, only recently sent or drafted emails, texts, photos and the call log may be examined as in most cases only those sorts of items will have the necessary link to the purposes for which prompt examination of the device is permitted. But these are not rules, and other searches may in some circumstances be justified. The test is whether the nature and extent of the search are tailored to the purpose for which the search may lawfully be conducted. To paraphrase Caslake, the police must be able to explain, within the permitted purposes, what they searched and why: see para. 25.

This approach responds to the privacy concerns posed by the virtually infinite storage capacity of cell phones by, in general, excluding resort to that capacity in a search incident to arrest.  It would also provide these protections while preserving the ability of the police to have resort to basic cell phone data where this serves the purposes for which searches incident to arrest are permitted.

Given the Crown bears the onus of establishing a reasonable search incident to arrest, the majority makes clear that police must take “detailed notes” of their inspection process.

For the minority, the privacy interest in a cell phone is too great to permit any warantless intrusion. Justice Karakatsanis also calls the majority’s reliance on the mitigating effect of a tailored inspection protocol “complicated,” “impractical” and inviting of “after-the-fact litigation.”

Organizations have been reckoning with an expectation of privacy on workplace computers since the Supreme Court of Canada’s 2012 finding in R v Cole. I’ve argued elsewhere that, notwithstanding Cole, the standard for employer searches will likely remain reasonably permissive. The reasoning in Fearon can be used by employers to argue for a permissive search standard. Employers should be careful, however, to (1) document the purpose of their inspections and (2) follow a logical, documented inspection process. Justice Karakatsanis is correct; litigation about the manner in which a computer inspection has been conducted is too easy to foresee.

 R v Fearon, 2014 SCC 77 (CanLII).

 

FOI matter moot because the stated reasons for a request spent

20 Dec

On December 15, the Alberta Court of Appeal held that an FOI matter was moot, in part, because the stated reasons for a request were spent. It said:

Second, the dispute about whether certain records can remain private is of no further consequence or practical utility. The ATA wanted SBEBA’s records for reasons that are, now, purely academic. There is no longer any need for the ATA “to gain a full understanding of the operation of SBEBA with its member school boards”; there is no longer any risk of the ATA not “following correct procedures related to the SBEBA” or “interfering with or being seen to interfere with the SBEBA”. Further, the collective agreement entered into between the ATA and Buffalo Trail has long since expired, such that there is no longer any need “to act fully on” it. SBEBA was not revived for the most recent collective bargaining process and will not be the bargaining agent for, or otherwise negotiate on behalf of, Buffalo Trail in any future such process or dispute.

The Court also held that the OIPC lacked standing to pursue an appeal because the issue under appeal did not go to its jurisdiction.

This is another example of the very tough go the OIPC has had in the Alberta courts.

Alberta Teachers’ Association v Information and Privacy Commissioner, 2014 ABCA 432 (CanLII).

HO, HO, HO-013 – Big order for Ontario hospitals lands just before the holidays

20 Dec

On December 16th the Information and Privacy Commissioner/Ontario issued its 13th order under the Personal Health Information Protection Act. It contains very detailed prescriptions pertaining to the PHIPA data security standard in section 12. The standard is contextual – i.e., the standard of care is always based on all the “circumstances.” However, given Ontario hospitals face similar foreseeable risks, hospitals should pay very close heed to the prescriptions in HO-013.

I’ll spare you a description of the background and get to the point. Here is a bulleted summary of the data security prescriptions in HO-13. Rather than describe each in detail I will give you very short (synthesized) descriptions and page references.

  1. Ensure that patient information systems support audits and investigations of system misuse. Collect reliable data on all access, copying, disclosure, modification and disposal of patient records. Retain data for a reasonable period of time. Pages 23 to 29.
  2. Conduct periodic audits for patient information system misuse: “Audits are essential technical safeguards for electronic information systems.” Conduct random audits on all system activity. Run a special audit program for “high profile” patients. Pages 32 to 34.
  3. Ensure that patient information systems feature reasonable search controls. Search controls should limit the ability of agents to perform “open-ended” searches. Pages 29 to 32.
  4. Ensure that patient information systems feature a login notice that appears on its own screen and requires express acknowledgement. Page 22.
  5. Conduct regular and comprehensive privacy training pursuant to a privacy training program policy. Require pre-authorization training and annual re-training. Training materials should be detailed and contain certain information prescribed in HO-013. Pages 34 to 36.
  6. Communicate regularly about privacy compliance and compliance duties pursuant to a privacy awareness program policy. Page 36.
  7. Administer a “pledge of confidentiality” that contains certain information prescribed in HO-013. Require agents to sign pre-authorization and annually. Pages 37 and 38.
  8. Maintain and administer a privacy breach management policy that meets particular requirements specified in HO-013. Pages 40 and 41.

Most hospitals will already have data security programs that feature many of the elements in the list above. Regardless, there are detailed requirements in HO-013 (not included in the summary above) that invite hospitals to conduct a broad gap analysis. Some gaps are likely to be closed easily and others may require the investment of additional ongoing resources – e.g., gaps with respect to training and communication programming. The most problematic prescriptions in HO-013 are those related to the modification of patient information systems. The prescriptions regarding search controls, for example, seem problematic and may create system usability (search) problems. The responding hospital did raise concerns about usability that the IPC dismissed.

Order HO-013 (IPC Ontario).

Newfoundland privacy breach class action moves forward

22 Nov

On November 14th the Supreme Court of Newfoundland and Labrador Trial Division held that the pleadings in a privacy breach class action disclose a reasonable cause of action.

Even for an application of the Hunt v Carey standard, the Court did not probe at the pleadings with any significant force. It:

  • held that an alleged failure to establish safeguards was enough to found a “willful violation” claim;
  • held that a question about whether Newfoundland’s statutory privacy tort could operate together with the common law vicarious liability doctrine should be determined at trial;
  • held that the availability of the common law intrusion upon seclusion tort in Newfoundland should be determined at trial;
  • allowed a negligence claim for distress and humiliation to proceed even though no specific psychiatric illness or prolonged psychological injury was pleaded because “the threshold of compensable harm will depend on the evidence at trial”; and
  • held that the availability of contract claim for non-economic loss should be determined at trial.

The Court struck claims for breach of statute, breach of the Charter and breach of fiduciary duty. The Court remains seized of the certification application.

Hynes v Western Regional Integrated Health Authority, 2014 CanLII 67125 (NL SCTD).

Follow

Get every new post delivered to your Inbox.

Join 1,519 other followers