Ontario Laboratories Information System (OLIS) - Grey Bruce Health Services Integration PIA Summary

Date of PIA Report: March 2012

Date PIA Summary Last Reviewed and Updated: December 2, 2025 (Rebranding)

The following is a summary of the above-referenced privacy impact assessment (PIA), including a brief background, key findings, and risks and recommendations as applicable. See our Privacy Contact page to find information on how to contact the Ontario Health Privacy Office should you have any questions.

Background

The Ontario Laboratories Information System (OLIS) Grey Bruce Health Services (GBHS) initiative is part of the OLIS go-to-market strategy and aligns with the broader eHealth Ontario strategy for the electronic health record. eHealth Ontario and the ConnectingGTA project (cGTA) are collaborating to make laboratory information from OLIS available to authorized users of GBHS’ Cerner Powerchart system (Powerchart), a clinical application operated by GBHS. Authorized users of Powerchart include clinicians from GBHS, South Bruce Grey Health Services and Hanover and District Hospital corporations.

Powerchart allows OLIS data to be displayed in a format that is consistent with the look and feel, which users are familiar with, and in a format that is consistent with the way these users are accustomed to viewing clinical data.

Clinicians will only be able to search on patients who are registered for care within their hospital settings. The viewer will allow the clinicians to view OLIS data through Powerchart for the purpose of providing or assisting in the provision of health care.

This project involves providing clinical access to Ontarians’ personal health information (PHI), and is therefore guided by Personal Health Information Protection Act, 2004 (PHIPA). PHIPA only allows for collection, use, and disclosure of personal health information under particular conditions.

Key Findings

The delta PIA concludes that eHealth Ontario has the overall PHIPA authority under section 6.2 of O. Reg. 329/04 to make OLIS data available to clinicians at the participating hospital corporations for the purpose of providing or assisting in the provision of health care. Additionally, both eHealth Ontario and GBHS, each have a robust infrastructure with strong privacy and security safeguards suitable for the processing and sharing sensitive PHI. The delta PIA makes a number of recommendations for this initiative, to ensure that eHealth Ontario continues to act in compliance with its privacy obligations in respect of legislation, policy and best practice.

Risks and Recommendations

The delta PIA provides a number of recommendations associated with the OLIS initiative, as summarized below:

1. eHealth Ontario to execute agreements with GBHS and participating health information custodians who will be accessing OLIS data as per eHealth Ontario privacy policy.
2. eHealth Ontario should require participating health information custodians to perform periodic audits to assess inappropriate access to OLIS data via the Cerner Powerchart.
3. eHealth Ontario and GBHS should develop a risk treatment plan prior to go-live to address applicable security risks.
4. eHealth Ontario to work with GBHS and participating health information custodians to ensure that coordinated privacy incident management and individual access processes are fully established in advance of go-live.

At the time of writing this PIA summary, all recommendations noted above had been implemented.