- Home
- About ICES
- Data Privacy and Security
Privacy Frequently Asked Questions
ICES has special designations under Ontario’s Personal Health Information Protection Act and the Coroners Act. To maintain these designations, ICES must have its practices and procedures reviewed and approved by the Information and Privacy Commissioner of Ontario every three years. ICES is one of a handful of organizations with these designations, which are subject to ongoing IPC oversight and renewal every three years.
ICES leads cutting-edge studies that evaluate the health system and the health or safety of the public. The foundation of this important work is the ICES Data Repository, which contains coded information from Ontario’s health system and other sources, such as the Chief Coroner of Ontario and other provincial and federal bodies.
The ICES Data Repository is based primarily on administrative records generated by Ontario’s publicly funded health system from 1986 to present. The repository also includes data from registries, surveys and research, and from government ministries and public agencies outside the health sector. These data are collected mostly by Ontario’s Ministry of Health and Long-Term Care, healthcare providers, and other ministries, agencies and research organizations.
If you have been a resident of Ontario and eligible for universal health coverage since 1986 some of your information is certain to be contained in the ICES Data Repository. By visiting the Data Dictionary on our web site and knowing your own history of contact with the province’s publicly funded health system, you can gain a good idea of what information ICES has about you.
The vast majority of information that comes to ICES arrives in identifiable form. It is received by a small, select group of individuals who are charged with removing any direct personal identifiers, such as your name and health card number, and replacing these with a confidential code called an ICES Key Number (IKN). The IKN is stable and present in all source data files at ICES, which allows them to be linked at the person level over time.
While ICES has historically avoided individual contact for its studies, we are currently piloting a small number of research projects called “patient contact studies.” Patient contact studies aim to involve individual Ontarians in studies of ways to improve the healthcare system. Individuals who potentially meet the criteria for these studies based on prior health services received are contacted, potentially by their primary care providers, to confirm their eligibility for the study and to gauge their willingness to participate, after which fully informed consent is obtained. All ICES patient contact studies are reviewed by ICES’ Executive Committee and our Privacy & Legal Office, and are also overseen by an Ontario Research Ethics Boards.
ICES employs a variety of security controls to ensure the confidentiality, integrity and availability of the data entrusted to it. This includes a robust policy framework based on industry best practices that govern the implementation of administrative, physical and technical safeguards and security technology. As a Prescribed Entity, ICES is subject to review and approval of its privacy practices and procedures every three years by the Office of the Information and Privacy Commissioner of Ontario.
ICES shares information in two situations only: (1) with researchers who have obtained approval from a research ethics board, and (2) with other organizations designated as prescribed entities or prescribed persons under either PHIPA or the Coroners Act. Sharing data enables the important work done by independent researchers and other organizations, and is explicitly permitted under PHIPA and the Coroners Act.
If you have complaints about ICES’ information handling practices or its compliance with PHIPA and/or the Coroners Act, please contact ICES’ Chief Privacy & Legal Officer, verbally or in writing:
Chief Privacy & Legal Officer, Privacy & Legal Office
ICES
V1 06 – 2075 Bayview Avenue
Toronto, ON M4N 3M5
Telephone: 416-480-4055
Fax: 416-480-6048
Email: [email protected]
If you are unsatisfied with the response provided by ICES, you may direct your complaint to the Information and Privacy Commissioner of Ontario (IPC):
Office of the Information and Privacy Commissioner of Ontario
1400-2 Bloor Street East
Toronto, ON M4W 1A8
Telephone: 416-326-3333 or 800-387-0073
Fax: 416-325-9195
Email: [email protected]
Please call, email or write us if you have any questions or concerns:
Chief Privacy and Legal Officer
ICES
V1 06, 2075 Bayview Avenue
Toronto, ON, M4N 3M5
T: 416-480-4055
F: 416-480-6048
[email protected]