Your Privacy

Patient privacy is a top priority at Sinai Health. To that end, we have stringent practices and processes in place to ensure privacy protection for all of our patients and to comply with legislation. Sinai Health collects personal health information of its patients under the authority of the Personal Health Information Protection Act, 2004 (PHIPA). As a patient, you have the right to:

  • Have your personal health information kept confidential, with limited exceptions;
  • Access your personal health information;
  • Request a correction of incomplete or inaccurate information contained in your health record.

Through a robust privacy protection framework, we educate Sinai’s community of caregivers about ways to protect patient privacy and ensure compliance with Ontario’s privacy legislation. This includes staff training, confidentiality agreements, policies that outline Hospital privacy expectations, regular audits of access to patient records, and security controls that apply to both paper and electronic medical records.

To address any privacy questions or concerns that you may have, please contact our Privacy Office.

Your Personal Health Information

Your personal health information belongs to you and as a custodian of the information, we hold it in trust for you.

Collection of Personal Health Information:

We collect your personal health information under the authority of the Personal Health Information Protection Act, 2004 (PHIPA). The personal health information that we collect from patients may include contact information, medical history, medical test results, and details of the care you received during prior visits to Sinai Health or to other hospitals. We may also collect personal health information about you from other sources unless you have advised us not to.

Use and Disclosure of Personal Health Information:

Personal Health Information is used first and foremost to provide you with clinical care. We also use and disclose your personal health information to:

  • Obtain payment for treatment and care (from OHIP, WSIB, your private insurer or others)
  • Undertake clinical research studies
  • Conduct quality improvement activities (such as sending a patient satisfaction survey)
  • Conduct risk management activities
  • Teach
  • Fundraise, through the Hospital Foundation, to improve our healthcare services and programs (only your name and address are given, unless you instruct us that you prefer that your information not to be shared)
  • Plan, administer and manage Sinai Health and its programs
  • Compile statistics
  • Fulfil other purposes as required by law

Privacy Principles

The Canadian Standards Association has developed 10 Privacy Principles that underpin both Canadian and Ontario privacy legislation. These form the basis of our Privacy Policy and how Sinai Health collects, uses, discloses and safeguards the personal information (including personal health information) we hold about you.

  1. Accountability: We are a health information custodian under PHIPA and are responsible for the collection, use and disclosure of personal health information in our custody or control. Our privacy contact person is accountable for compliance with our Privacy Policy, and can be reached at [email protected] or (416) 586-4800 ext. 2101.
  2. Identifying purposes for collecting personal information: We will identify the purposes for which personal information is collected at or before the time the information is collected.
  3. Consent for collection, use, and disclosure of personal information: Your knowledge and consent (or of a person authorized to consent on your behalf) is required for the collection, use or disclosure of personal health information, except where otherwise permitted or required by law.
  4. Limiting collection of personal information: We will limit the collection of personal information to that which is necessary for the authorized purposes identified. Information will be collected by fair and lawful means.
  5. Limiting use, disclosure, and retention of personal information: Personal information will not be used or disclosed for purposes other than those for which it was collected. Personal information will be retained only as long as necessary to fulfil those purposes.
  6. Accuracy of personal information: Personal information will be as accurate, complete and up-to-date as is necessary for the purposes for which it is to be used.
  7. Ensuring safeguards for personal information: Personal information will be protected by security safeguards appropriate to the nature and format of the information being stored.
  8. Openness about privacy policy: We will provide you with specific information about our policies and practices relating to how we manage your personal information.
  9. Individual access to personal information: Upon written request by you or your substitute decision-maker, we will inform you of the existence, use and disclosure of your personal information and will give you access to that information, with limited exceptions. You may challenge the accuracy and completeness of the information and may request to have it amended.
  10. Challenging compliance with the privacy policy: You may address a challenge or complaint concerning compliance with the above principles to the Privacy Office at [email protected] or to the provincial Information Privacy Commissioner

Restricting Access to your Health Record

Should you wish to restrict access to your personal health information, please discuss your options with the Admitting Clerk, your Care Provider or contact the Privacy Office at (416) 586-4800 ext. 2101.      

Some ways to restrict access to your information include:

  • Phone inquiries: Upon admission to the Hospital, your name, location in the Hospital and general health status will be given to anyone who telephones asking about you, or who comes to the Information Desk. If you wish to be removed from the directory, tell your Admitting Clerk at the time of admission or contact the Privacy Office at (416) 586-4800 ext. 2101.
  • Fundraising: Please let your Admitting Clerk or our Privacy Office know if you do not wish to be contacted by the Foundation to be asked to support the hospital. Otherwise we are permitted by law to share your name and address to the Foundation 60 days after you are discharged.
  • Religion: Your name and location in the Hospital is given to a hospital chaplain who may visit with you. If you would prefer not be visited by a chaplain you can choose to not provide us with your religion during the admitting process.
  • Consent: We collect, use and disclose your personal health information for the purpose of your continued care or as required by law. We require your consent for other purposes such as sending your information to your lawyer.

Corrections to your Health Record

If you believe that the personal health information we have recorded about you is inaccurate or incomplete, please raise this with your care provider or contact Health Records Services at 416-586-4800 ext. 2649 (Mount Sinai Hospital) or 416-461-8252 ext. 2040/ 2299 (Hennick Bridgepoint Hospital).

Frequently Asked Questions - Privacy

Where can I get more information about my rights with respect to my personal health information?

  • Contact our Privacy Office at (416) 586-4800 ext. 2101 or [email protected] (but please do not include personal health information in any emails, since email is not a secure method of transfer)
  • The Information and Privacy Commissioner of Ontario ( has extensive information about the protection of health information as it pertains to the legislation.

What are examples of how Sinai Health protects my information?

  • Teaching our employees, professional staff, researchers, volunteers and students about confidentiality. They must sign a confidentiality agreement as a condition of their relationship with the Hospital;
  • Requiring all staff to wear photo identification at all times while on hospital property to protect against unauthorized individuals accessing information;
  • Requiring all staff with access to electronic health information systems to be issued their own user ID and password to access the system, which is subject to timeouts. Staff are not to share their IDs nor leave their systems unattended;
  • Applying additional security measures to all electronic health records – for example, firewalls; anti-virus protection; encryption of mobile devices;
  • Locking doors and filing cabinets;
  • Employing security personnel; and
  • Conducting regular, randomized audits on health records.

Does Sinai Health sell patient information?

No. Sinai Health does not sell patient information to anyone.

When may I be required to provide consent? What happens if I am unable to provide consent?

Examples include consent for researchers to store and use your personal health information for clinical studies, or consent to disclose your personal health information to your private insurance company to facilitate payment of your bill.

If you are unable to provide consent directly to the Hospital regarding your personal health information, your substitute decision-maker (such as your spouse, parent, adult child or guardian) or someone you have designated under a power of attorney for personal care or property will have the authority to make decisions for you. This person is bound by law to act on your behalf and to make decisions based on their interpretation of your prior capable wish, if known, or otherwise based on your values and beliefs.

How do I appoint a friend as my attorney for personal care so that this person can access my personal health information and make related decisions?

The Office of the Public Guardian and Trustee (OPGT) provides helpful information kits about writing a Power of Attorney for Personal Care (as well as a Power of Attorney for Property). Visit them online here, or you can call them directly in Toronto at (416) 314-2800 or toll-free at: 1-800-366-0335..

If you are capable to make decisions about your own information, you can simply give consent to share your personal health information with someone else; you can also delegate any decisions to that person. If you have been found incapable of making these information decisions, your substitute decision-maker under PHIPA (or for treatment under the Health Care Consent Act) will make them according to an established ranking. While you do not technically need a power of attorney, many people choose to sign one in order to set out their specific health care and information wishes, or to choose a different substitute decision-maker.

How can my family and friends find out where I am in the Hospital?

Patient inquiries can be made to the switchboard, 416-596-4200. An operator will confirm that you are in hospital and provide your location to the visitor or caller. If you do not want this information released, please tell the Admitting Clerk who registers you, a member of the health care team or contact the Privacy Office at 416-586-4800 ext. 2101.

Will my family and friends be able to call and get information about me over the phone?

When someone calls the Hospital, staff has no way to verify who is calling and their relationship to you. Normally, in order to protect patient privacy, only minimal information is given out over the phone, unless as mentioned above, you have advised us that you do not want any information released.

We ask patients to appoint one family or friend representative with whom to share information about you over the telephone. All other persons telephoning will be directed to you and/or the representative.

Personalized and/or password protected Internet Web pages offer a safe and efficient way to share information about a patient with family and friends. There is no fee for this service.

Will my family see my personal health information?

Although you have the right to access your health record, this right does not automatically extend to family members and/or friends. If you consent to have a friend or family member see your record, he/she will be able to access all or part of the record you have consented to share with them. If you become incapable to consent to treatment, or to give consent to collect, use or disclose your personal health information, your substitute decision-maker will have access to any personal health information required in order to assist him or her to make decisions on your behalf.

Will you contact me after I am discharged as a patient?

The law allows us to contact you for purposes of fundraising through the Hospital Foundation or patient satisfaction surveys, subject to certain rules. If you do not wish to be contacted for these purposes, please contact the Privacy Office at (416) 586-4800 ext. 2101 to ask to have your name removed from these lists.

How do I report a privacy concern?

Privacy concerns and questions can be raised directly with the Privacy Office at (416) 586-4800 ext. 2101. Concerns will be investigated and if a privacy breach has occurred, we will follow up with staff and will also keep you informed.

If you are dissatisfied with the response you receive from Sinai Health, you have the further right to raise your concerns with the Information and Privacy Commissioner of Ontario (IPC), toll-free at 1-800-387-0073.

Quick Links

Sinai Health’s Privacy Office: 416-586-4800 ext. 2101 (or for general inquiries, [email protected] (please do not send personal health information via email since it is not a secure method of transfer)

Office of the Information Privacy Commissioner of Ontario:, in Toronto area at 416-326-3333 or toll-free in Ontario at 1-800-387-0073.


Privacy Policy

If you would like to access your personal health record, please visit Health Records for details.