Frequently Asked Questions
St. Thomas Elgin General Hospital respects the privacy of your personal health information. The following is a list of questions that we frequently get asked. If you have other questions or concerns, please contact the Privacy Office.
What information does the hospital collect?
The hospital collects both personal and health information. Information like a patient’s name, date of birth, address, Health Card Number and extended health insurance numbers are examples of personal information. Information relating to previous health problems, the record of their visits to the hospital and what health care we provide to them during those visits are examples of your health information.
Why does the hospital need this information?
The information we collect from you is used:
- To provide you with quality health care and follow-up care in the community. We need personal information to make sure we can make the appropriate diagnosis and provide treatment.
- To release very limited information to family and friends who may call, for example to find out what room a patient is in. We may provide generalized condition reports such as “good, fair, serious or critical” to other individuals who are not immediate family. If a patient does not wish for their name to be included in the Patient Information list, he/she should notify Patient Registration when they arrive or inform their healthcare provider. This would mean that if anyone called in asking about a patient not on the Information List, the caller would be informed that we have no one by that name on our patient list. Your presence in the hospital as well as a general condition report (good, fair, serious, critical) must be provided by the hospital if requested by law enforcement agencies.
- To carry out quality assurance to help make us better. By reviewing the care we provide to patients we can determine what strategies are most successful.
- To ask you how we are doing. Patients may be asked to participate in surveys by either the hospital or by specific programs or departments in the hospital that participated in your care.
- To comply with the law. The law requires hospitals to turn over patients’ personal health information if there is a legal investigation. We also use the information to obtain funding for health services from the Ministry of Health.
- For fundraising. Patients’ contact information, for example, name and address are provided to the hospital’s Foundation so they may contact a patient to see if they wish to make a donation. Donations by our patients and members of the community raise money for equipment and facilities to provide all of our patients with the most modern health care services. The hospital does not provide names of patients who have certain more sensitive procedures or diagnoses to the Foundation. Personal health information, for example, diagnosis or treatment, is not released to the Foundation.
- For research. Some research is conducted using only non-identifiable, statistical information. Other forms of research require your permission to participate. You are under no obligation to agree to this research, and the care you receive will not be impacted in any way if you decline.
How does the hospital protect my information?
A few of the ways that the hospital strives to protect both patients’ personal information and their personal health information are by:
- Stressing to our staff, physicians, volunteers and students the importance of respecting patients’ privacy rights and the importance of maintaining confidentiality.
- Requiring that all staff wear photo identification at all times while on hospital property to protect against unauthorized individuals accessing information.
- Applying additional security measures to all electronic health records; for example, user names and passwords, firewall and antivirus software.
- Locked doors.
- Security personnel.
Does the hospital share my information with anyone?
We share some or all of patients’ information with:
- Health care providers at other hospitals, nursing homes or other health care agencies who become part of your health care team. Information is shared for the purpose of your continuing care in the community.
- Agencies that fund the hospital, for example OHIP, extended health insurance companies, Workplace Safety and Insurance Board, Ministry of Health.
- Other agencies as required by law, for example, public health surveillance.
Will the hospital disclose my health information to outside companies or to my employer?
The hospital requires your written permission or a court order to disclose health information to any organization or person not directly involved with the provision of patient care.
Where is my health information stored and for how long?
Hospitals are required to keep health records for at least 10 years past the date of admission. In some cases, for example health records for children and records maintained for the purpose of research, health records are kept for much longer. Most health records are maintained in the Health Record Services department, but some departments, including Diagnostic Imaging and Laboratories, maintain their own specific records.
How do I access or request a copy of my health information?
The health care provider can offer the patient information about their diagnosis and treatment while they are a patient at STEGH.
To obtain a copy of, or view your STEGH health record, please contact the Health Records department.
You have the right to access your personal health record and the hospital has an obligation to make it available to you with limited exceptions. If releasing your information would put yourself or a third-party at risk, the hospital has a legal right to choose not to disclose some or all of that information.
What if some of the information in my health record is incorrect?
Please see How Do I Correct My Personal Health Information section.
Can my family see my health information?
Although the patient has the right to access their health record, this right does not automatically extend to family members and/or friends. If the patient consents to let a friend or family member see their record, then the friend/family member may access the part(s) that you have consented to let them see.
What if I am unable to give consent to release my health information?
If a patient is unable to give consent for a friend or family member to access their health information due to reasons such as competency or consciousness, the consent decision falls to the appointed substitute decision maker, such as a spouse, parent or guardian.
Will my family and friends be able to call in to get information about me over the phone?
When someone calls the hospital, staff have no way to verify who is calling and what their relationship is to the patient. Normally, in order to protect patient privacy, only a minimum amount of information is given out over the phone.
Can all hospital staff access my health information?
The only persons whom the hospital authorizes to access a patient record are the staff and physicians involved in a patient's care, or staff who need information from a patient record to conduct the business of the hospital, e.g., the Finance department staff that sends a bill to a patient's extended health insurance company.
All staff and hospital affiliates are bound by hospital policies and practices related to Privacy and Confidentiality. These policies aim to ensure that staff only access information on a need-to-know basis. Regulated Health Professionals are also bound by privacy and confidentiality requirements from their professional Colleges.
Can I find out who has viewed my hospital record?
Yes. If a patient has concerns about unauthorized personnel accessing their information, they can make a request to the Privacy Office to audit their electronic hospital record. An audit is a process that tracks every staff or physician who has accessed an electronic record by date and time. We can perform an audit on an electronic health record and a limited audit on a hardcopy health record. We will ensure that all patient concerns are investigated promptly and a response is provided in a timely manner.
Please contact the Privacy Office to conduct an audit. A government-issued ID that has your signature will be required in order to do so.
I have noticed that many areas of the hospital are open and I can sometimes overhear staff talking to patients and family about health information. Is this not a breach of patient privacy?
Despite the pressures of an acute-care hospital setting, staff make every effort to discuss health information confidentially.
Can my family physician access my health information?
STEGH releases certain information, for example, inpatient discharge summaries, Emergency Department records, to family physicians to facilitate a patient’s continuing care. Other information can be released to the patient’s family physician at their request and with their consent. If a patient does not want their family doctor to receive information, they should let Patient Registration or their health care provider know.
What if I have concerns about my privacy?
Please contact the Privacy Office if you have any questions or concern