The Children's Hospital of Eastern Ontario (CHEO) is a prescribed registry in respect of BORN Ontario (Better Outcomes Registry and Network) as per section 13(1) of Ontario Regulation 329/04 - General (Regulation) under the Personal Health Information Protection Act, 2004 (PHIPA).
BORN Ontario has implemented a rigorous program to protect personal health information from theft, loss, unauthorized access, copying, modification, use, disclosure and disposal. BORN conducts audits and investigations to monitor and manage our privacy compliance. The registry’s information practices and procedures are approved by the Information and Privacy Commissioner of Ontario every three years.
Collection of Personal Health Information
BORN collects personal health information from healthcare providers such as hospitals, midwives and laboratories. The personal health information collected includes:
- Information about hospital and home births in the province, including interventions and outcomes in labour and birth
- Results and follow-up from prenatal screening provided to pregnant women for Down Syndrome, Trisomy 18 and Neural Tube Defects
- Information about services provided to women whose babies have suspected or confirmed birth defects
- Newborn screening test results indicating whether a baby might be at risk for a rare but treatable disease
View a list of data elements collected in the BORN Information System.
Purpose for the use of Personal Health Information
BORN uses personal health information to ensure healthcare providers and organizations have the necessary knowledge to assess and improve the quality of services available to mothers, infants and children in Ontario.
The information is also summarized to produce reports and analyses for planning and management of the healthcare delivery system at the organizational, provincial, LHIN or other regional levels. Public reports do not contain personal health information or identify individuals; these analyses provide aggregated data only. The reports are made available online through reporting.
BORN provides data to organizations who use it for purposes in accordance with the BORN mandate, such as boards of health, while conforming to the limiting principle that only the minimum personal health information necessary for the purpose will be provided. BORN also facilitates research on maternal and child health issues as authorized by law. BORN works with researchers who have made requests for BORN data to ensure:
- The minimum amount of identifiable information is included
- The appropriate agreements with researchers regarding confidentiality and security are in place
- The work is subject to the requirements of the Personal Health Information Protection Act, 2004 (PHIPA), including review and approval by a Research Ethics Board
Personal health information within BORN is protected by administrative, physical and technological controls that adhere to industry best practices for security and safeguards against unauthorized accidental or intentional release of information.
Examples of these protections include state-of the-art electronic security, requirements to educate all users in their responsibilities to protect the data and report any problems, and places of business with appropriate locks and other physical controls.
Access and Correction
As a privacy best practice, if you make a request to BORN to access your own personal health information, BORN will confirm whether or not your information exists in the system and direct you to the health information custodian who was the source of the information. BORN will encourage you to contact the original healthcare provider for access to the information so you have the best information and the best opportunity to have it explained, if necessary.
Any requests to correct your personal health information should be directed to your healthcare provider.
Details of the BORN Ontario privacy policies, frequently asked questions, and other information can be found under Privacy Resources.
Individuals may obtain further information about BORN privacy policies and procedures by calling, emailing or writing to the Privacy Officer.
Complaints or concerns about BORN privacy policies and procedures may also be sent to the BORN Privacy Officer by email, phone, or in writing. Individuals are encouraged to complete a BORN Complaint Form and submit it to the Privacy Officer, who can be reached as follows:
|BORN Ontario Privacy Officer|
|CHEO Research Institute | Centre for Practice-Changing Research Building|
|401 Smyth Road, Ottawa, ON | K1H 8L1|
Information and Privacy Commissioner: review and approval letters of BORN Ontario’s privacy policies and procedures
The IPC reviews and approves the BORN Privacy and Security Management Plan every three years:
- 2011 IPC Approval Letter for BORN
- 2014 IPC Approval Letter for BORN
- 2017 IPC Approval Letter for BORN
Individuals may make a complaint regarding compliance to the Personal Health Informtion Protection Act, 2004 and its regulation to the Information and Privacy Commissioner of Ontario who can be reached as follows:
Information and Privacy Commissioner
2 Bloor Street East | Suite 1400
Toronto | ON | M4W 1A8
Phone: 416.326.3333 or 1.800.387.0073