Skip to Content

share feedback print font size font shrink font grow youtube facebook twitter donate

About the privacy and access office 

Contact Us
GRH privacy and access office
P.O. Box 9056, 835 King St. West
Kitchener, ON, N2G 1G3


The efficient and effective operation of health care facilities is based on the availability of accurate, timely and complete information, This links clinical, financial and administrative data, for clinical and administrative decision-making, while facilitating the privacy and confidentiality of the clinical information in the hospital. 
Privacy and access office mission
The primary mandate of the privacy and access office is to establish standards of privacy, confidentiality, data security and freedom of information. The privacy and access office seeks to protect the personal health information of our patients as required by the Personal Health Information Protection Act (PHIPA) and to promote the openness and transparency of hospital information as required under the Freedom of Information and Protection of Privacy Act (FIPPA). Our chief privacy officer and privacy and access team are educated and trained to provide privacy and access guidance in the healthcare field. The office also acts as a resource for privacy and access information, issues on policy development, education for staff, patients, affiliates, and visitors.
The purpose of the privacy and access office
  • To assist in the protection of personal health information and personal information from theft, loss, unauthorized access, copying, modification, use, collection, disclosure, and disposal
  • To conduct audits and complete breach of confidentiality investigations and to monitor and manage our organization’s privacy compliance
  • To take steps to ensure that everyone who performs services for us protects patient's privacy and only uses personal health information and personal information for the purpose which patients have consented to
  • To facilitate patient requests to correct their personal health records, personal records, and to assist patients if they wish to withdraw consent from certain uses and disclosures (subject to legal exceptions)
  • To provide training on privacy and access legislation and GRH policies and procedures for all new staff and affiliates as well as providing refresher training as requested or required
  • To review internal and external requests to review our patient’s personal health information and or personal information for the purposes of research, internal audits, investigations and education
  • To process freedom of information requests in accordance with the relevant legislation

Overall goals

  • To ensure the privacy of all personal information including health information and to be certain that GRH staff are fully trained and aware of the legislative requirements
  • To provide accurate, timely and complete responses to breach of confidentiality and/or privacy related questions and concerns from GRH staff, patients, and affiliates
  • To continually improve and develop privacy and access policies and procedures
  • To maintain a balanced culture of privacy and access best practice throughout GRH
  • To promote openness and transparency in the spirit of relevant access legislation

For a list of our policies, procedures and forms please visit our resources and links pages

Copyright © 2009. Grand River Hospital. All Rights Reserved. | Privacy Policy | Sitemap

BIN # 88918 0394 RR 0001  |  Created by Blue Lemon Media