Can I access my personal health information in BORN?

PHIPA does not require BORN to provide individuals with access to records of their own personal health information. However, as a privacy best practice, if you make a request to BORN to access your own personal health information, BORN will confirm whether or not your information exists in the system and direct you to the health information custodian who was the source of the information. BORN will encourage you to contact the original health-care provider for access to the information so you have the best information and the best opportunity to have it explained, if necessary.

Requests to correct or change your personal health information will be referred to the health information custodian who provided the information to BORN, where issues of accuracy and completeness can be best addressed.

How does BORN protect personal health information?

BORN’s special registry status under the Personal Health Information Protection Act, 2004 (PHIPA) comes with certain obligations that BORN takes very seriously. To ensure personal health information is protected, BORN has put in place strong privacy protections for all the personal health information it receives. 

Personal health information within BORN is protected by administrative, physical and technological controls that conform to industry best practices for security and safeguards against unauthorized accidental or intentional release of information. 

Examples of these protections include:

  • All staff complete mandatory privacy training and sign a confidentiality agreement
  • Staff access to data is limited by specific authorization on a need-to-know basis
  • Facilities have controlled access and secure areas for computer storage
  • All data access is tracked
  • Systems employ firewalls, passwords and encryption to ensure electronic information is secure

The BORN privacy and security policies and procedures are approved by the Ontario Information and Privacy Commissioner (IPC) and are reviewed by the IPC every three years. BORN also conducts audits and investigations to monitor and manage our privacy compliance.

What kinds of information does BORN collect?

The information BORN collects includes:

  • Information about hospital births in the province, including interventions and outcomes in labour and birth
  • Results and follow-up from prenatal screening provided to pregnant women for Down syndrome, trisomy 18 and neural tube defects
  • Information about services provided to women whose babies have suspected or confirmed birth defects
  • Information about pregnancies and births attended by midwives
  • Newborn screening test results indicating whether a baby might be at risk a rare but treatable disease

Why does BORN collect personal health information?

BORN collects personal health information to facilitate or improve the provision of health care and conduct research. More specifically, our Statements of Purpose to facilitate and improve the provision of Health Care are:

  1. Identifying where certain Health Care Services have not been offered or made sufficiently available to Health Care Recipients to facilitate access to such services.
  2. Facilitating continuous improvement of Health Care delivery tools to minimize adverse outcomes for Health Care Recipients.
  3. Identifying where outcomes for Health Care Recipients are statistically discrepant with accepted norms.
  4. Enabling Health Care providers to improve care to Health Care Recipients by providing them with Reports to compare themselves with peers and/or benchmarks.
  5. Knowledge translation to improve the quality and efficiency of care for Health Care Recipients.
  6. Providing Health Care providers with comprehensive and timely Reports to support quality improvement, effective planning, administration, and management of Health Care delivery for Health Care Recipients.
  7. Enabling the provision of technologies within BORN Services to improve efficiencies, data accuracy, and data protection for Providers and Health Care Recipients.
  8. Creating and providing Reports:
  • for surveillance or to support local planning, coordination among providers, and implementation of provincial standards and guidelines.
  • to make Health Care service delivery easier and more efficient for Submitters, Health Care providers, and Health Care Recipients who receive such services.
  • for public use designed to help prevent disease or injury or to promote health;
  • to educate professionals involved in the delivery of Health Care; and
  • to educate potential Researchers interested in improving Health Care.”

In deciding the data elements to include in the BORN dataset, each element is reviewed to ensure it is required to be collected in order to achieve the purposes of the BORN Registry.

BORN uses the information for purposes of:

  • Supporting evidence-based decisions in maternal and infant care
  • Monitoring maternal and perinatal system performance, including analyzing and identifying gaps in the delivery of maternal or perinatal services
  • Facilitating access to specialized care and treatment for pregnant persons who have screened positive during their pregnancy for congenital anomalies or metabolic disorders
  • Ensuring screening for these anomalies and metabolic disorders are offered to all pregnant persons and babies
  • Providing advice to LHINs, hospitals, healthcare providers and the Ministry of Health on effective management and planning
  • BORN staff who are trained in privacy, have a need to use personal health information in their specific role and have signed confidentiality agreements, are authorized by BORN to access and use personal health information to carry out required BORN functions.
  • Hospitals and other healthcare organizations that provide information to BORN can, where specifically authorized by BORN and the organization, access and use only the personal health information that the organization provided to BORN. 
  • Researchers can obtain BORN information for specific research purposes where there is a research plan in place, research ethics board approval has been obtained, and agreements compliant with the strict requirements of the Personal Health Information Protection Act, 2004 (PHIPA) have been signed with BORN.

Who can use the personal health information collected by BORN Ontario?

  • BORN staff who are trained in privacy, have a need to use personal health information in their specific role and have signed confidentiality agreements, are authorized by BORN to access and use personal health information to carry out required BORN functions.
  • Hospitals and other health-care organizations that provide information to BORN can, where specifically authorized by BORN and the organization, access and use only the personal health information that the organization provided to BORN. 
  • Researchers can obtain BORN information for specific research purposes where there is a research plan in place, research ethics board approval has been obtained, and agreements compliant with the strict requirements of the Personal Health Information Protection Act, 2004 (PHIPA) have been signed with BORN.

How does BORN support external research?

BORN is committed to supporting research that improves the quality, access to, and integration of services for mothers infants and children in Ontario. BORN considers applications from researchers who require BORN information to conduct research. BORN undertakes a rigorous process of review for all requests from researchers, including ensuring that only the minimum amount of personal health information is provided.

Where possible, BORN approves the use of de-identified or aggregate information for the research. If personal health information is required, the researchers must have research ethics board approval and must be compliant with the requirements set out in the Personal Health Information Protection Act, 2004 (PHIPA).

Who can I contact if I have questions, complaints or concerns about BORN privacy practices?

Questions or concerns about BORN privacy policies or procedures may be addressed to the BORN Privacy Officer:

BORN Ontario Privacy Officer
BORN Ontario
CHEO Research Institute | Centre for Practice-Changing Research Building
401 Smyth Road, Ottawa, ON | K1H 8L1
613.737.7600