Directory of Records and Personal Information Banks

Home » About the MHA » Freedom of Information » Directory of Records and Personal Information Banks

The Directory of Records is available to help you understand the types of records that are in the custody or control of the Middlesex Hospital Alliance:

PERSONAL INFORMATION BANKS INDEX

A personal information bank is personal information under the control of the MHA that is organized or intended to be retrieved by an individual’s name or an identifier such as a health records or employee number. For each Personal Information Bank, the following information is provided to you:

  • It’s title
  • Where the information is kept (location)
  • Legal authority for collection of the personal information
  • Types of Personal Information (PI) maintained (e.g. name, contact information)
  • How the information is used
  • Categories of individuals in bank (the categories of individuals about whom the personal information is maintained)
  • Retention and destruction (how long the information is kept)

Some hospital records may already be available to you without making a request in writing under FIPPA. If you cannot find the information located on our web site, please contact the FOI Coordinator.

Personal Information Banks Index

(Jump directly to any section by selecting the appropriate link below).

DIRECTORY OF RECORDS

FUNCTION

PERSONAL INFORMATION BANK
Academic

  • University of Western Ontario
  • Fanshawe College
  • Windsor University
  • St. Clair College
  • Lambton College
  • Highschool cooperatives

Location: Primarily held by Chief Operating Officer

back to top

 Student placement records
Administration

  • Accreditation
  • Community Relations – External hospitals
  • Community relations – General
  • Community Relations – Ontario Hospital Association
  • Emergency preparedness and recovery
  • Foundation
  • Government relations – General
  • Government relations (Ministry of Health and Long-Term Care)
  • Government relations (South West Local Health Integration Network)
  • Industry relations
  • Legal advice
  • Legislation and regulations
  • Reports and statistics
  • Strategic planning

Location: Primarily held by Chief Executive Officer.

back to top

 Hospital directory
Board/Governance

  • Board minutes
  • Board orientation
  • Board Sub-Committee minutes – Audit and Finance Committee
  • Board Sub-Committee minutes – Fiscal Advisory Committee
  • Board Sub-Committee minutes – Medical Advisory Committee
  • Board Sub-Committee minutes – Quality Committee
  • Board training
  • By-laws – Administrative
  • By-laws – Professional Staff
  • Incorporation documentation (Letters Patent and Supplemental Letters Patent)
  • Special events

Location: Primarily held by Chief Executive Officer.

back to top

 Board of Directors MembershipProfessional Staff privileges – cases
Clinical/Health Records

  • Cerner Patient Record
  • RadNet (Diagnostic Imaging)
  • dietary
  • Emergency
  • PathNet (Laboratory)
  • PathNet (Pathology)
  • PharmNet (Pharmacy)
  • Physiotherapy
  • SurgiNet (Surgical)
  • Transcription
  • Registration
  • Scheduling
  • EMPI (master patient index)
  • OHIP billings
  • ERNI (emergency national ambulation care reporting information)

Location: Primarily held by Health Records Service.

back to top

 All Clinical Records are Personal Information Banks. These are governed by the Personal Health Information Protection Act, 2004 and are accessed through the Health Records Service.
Communications and Public Relations

  • Annual reports
  • Celebrations and ceremonies
  • External Newsletters
  • Internal newsletters
  • Public relations
  • Special Events

Location: Primarily held by Administration.

back to top

 Public relations records
Equipment and Supplies

  • Catalogues
  • Manuals
  • Log Books/Audits

Location: Primarily held by Materials Management.

back to top
Facilities Management

  • Buildings and properties
  • Building management
  • Capital construction projects
  • Catering and conference records
  • Facilities management
  • Fire prevention
  • Housekeeping
  • Maintenance and repairs
  • Redevelopment
  • Utilities

Location: Primarily held by Environmental Services.

back to top

 Catering and conference records
Finance

  • Accounts Payable
  • Accounts Receivable
  • Bank credit/debit notes
  • Bank deposit slips
  • Bank drafts
  • Bank reconciliation
  • Bank statements
  • Cash receipts/fee payments
  • Cheque registers
  • Contracts (Sharepoint)
  • Debit memos/budget transfers
  • Delinquent accounts
  • Deposit slips
  • Electronic transfers
  • Equity
  • Fee invoices
  • Fees
  • Finance – General
  • Financial statements
  • Foreign drafts
  • General ledger
  • HMMS group purchasing
  • Internal cash receipt deposit forms
  • Invoices
  • Packing slips/receiving reports
  • Payment documentation
  • Payroll
  • Payroll – Income Tax Returns
  • Payroll – Monitoring
  • Payroll (cheque) registers
  • Payroll register
  • Personal expense reports
  • Personal expenses
  • Petty cash accounts
  • Petty cash reconciliations
  • Petty cash reimbursement forms
  • Procurement – Equipment
  • Procurement – Services
  • Procurement – Supplies
  • Purchase card statements
  • Purchase orders
  • Purchasing
  • Request for Proposals
  • Request for Proposals Responses
  • Tax returns
  • Travel and transportation
  • Trial balances
  • Trust funds
  • Vendor Information
  • Vendor Invoices

Location: Primarily held by Finance Department and Materials Management.

back to top
Human Resources

  • Applications
  • Benefits
  • Classification
  • Compensation – General
  • Compensation – Executive
  • Discipline
  • Employee Orientation
  • Education
  • Health and Safety – Accidents and Injuries
  • Health and safety – General
  • Hours of Work and Overtime
  • Human resources – General
  • Human resources – planning
  • Human rights
  • Job descriptions
  • Labour relations – ONA
  • Leave management
  • Pay equity
  • Pension
  • Professional Staff Human Resources Plan
  • Promotions
  • Salary review
  • Terminations
  • Training and development
  • WSIB applications
  • WSIB claims
  • WSIB reimbursement

Location: Primarily held by Human Resources Department and Occupational Health and Safety.

back to top

 Individual employee files/Employment related recordsEmployee incident filesHuman rights recordsOccupational health and safety recordsIncident reoprts
Information Systems

  • Mail
  • Records management
  • Security
  • Information systems manuals
  • Telecommunication services
  • Information Systems architecture
  • Webfilter
  • Audit logs

Location: Primarily held by Information Management Office.

back to top

 Security recordsInvestigation records
Patient Relations

  • Compliments and Complaints
  • Responses

Location: Primarily held by Administration.

back to top

 Compliments and Complaints
Policies and Procedures

  • Administrative policies
  • Clinical policies
  • Emergency policies
  • Departmental Standards

back to top
Professional Staff Relations

  • Professional Staff communications
  • Professional Staff contracts
  • Professional Staff credentialing
  • Professional Staff medical directives
  • Professional Staff orientation
  • Professional Staff recruitment

Location: Primarily held by Administration.

back to top

 Physician contractsPhysician credentialing files
Privacy

  • Information and Privacy Commissioner of Ontario
  • Freedom of information records
  • Privacy audits
  • Privacy breaches
  • Privacy complaints
  • StatisticsLocation: Primarily held by the Chief Privacy Officer.

back to top

 Freedom of information recordsPrivacy records
Quality of Care Committee

  • Quality of Care Committee (under QCIPA)

Location: Primarily held by Administration.

back to top
Risk Management

  • Complaints
  • Incident reports
  • Insurance
  • Litigation files
  • Patient safety
  • Security reports
  • Security surveillance

Location: Primarily held by Administration.

back to top

 Litigation filesIncident ReportsSecurity surveillanceSecurity reports
Volunteers

  • Volunteer lists
  • Volunteer orientation

Location: Primarily held by Human Resources

back to top

 Volunteers

 PERSONAL INFORMATION BANKS INDEX

A personal information bank is personal information under the control of MHA that is organized or intended to be retrieved by an individual’s name or an identifier such as a health records or employee number.

PERSONAL INFORMATION BANK

DETAILS

Board of Directors Membership

Location:  AdministrationAuthority: Public Hospitals ActTypes of PI: Names and contact information.Uses: Information is used to elect or appoint individuals, including to confirm eligibility to serve, administer meetings and for contact purposes.Individuals Included: Members of the Board of Directors

Retention and Destruction: 5 years after dissolution of the corporation

back to top
Catering and conference records

Location:  DietaryAuthority:  Freedom of Information and Protection of Privacy Act S. 28(2)Types of PI: Names,  contact information, booking informationUses: information used to administer the use of facilitiesIndividuals Included: Anyone engaging catering services

Retention and Destruction: 2 years

back to top
Patient Health Records

  • Cerner Patient Record
    • RadNet (Diagnostic Imaging)
    • Dietary
    • Emergency
    • PathNet (Laboratory)
    • PathNet (Pathology)
    • PharmNet (Pharmacy)
    • Physiotherapy
    • SurgiNet (Surgical)
    • Transcription
    • Registration
  • EMPI  (master Patient index)
  • OHIP billings
  • ERNI (emergency national ambulation care reporting information)

Location: Health Records ServicesAuthority: Public Hospitals Act; Personal Health Information Protection Act, 2004; Mental Health ActTypes of PI: This bank contains some or all of the following types of information: admission and separation records, medical history, laboratory tests and reports, diagnostic services reports, requisitions, doctor’s orders, nursing notes, counseling notes, accounting statements, x-rays, operating room reports, pharmacy, social services and other patient and treatment and services records.Uses:  Primarily to provide health servicesIndividuals Included: All registered in-patients and out-patients of MHA

Retention and Destruction:  10 years

back to top
Contracts Management System

Location: SharePointAuthority: ContractsTypes of PI: Name, address, telephone numbers, e-mail address, banking information and fee amount.Users:  To manage the contract or agreement arrangements of payments upon delivery of products or services.Individuals Included:  Individuals who are under contract or agreement to provide products or services to the public body.

Retention and Destruction: 5 years after dissolution of the corporation – only to the extent necessary to explain financial records; otherwise, 15 years

back to top
Employee files/Employment related records

Location:  Human ResourcesAuthority:  Employment Standards ActTypes of PI:  May include name, birth date, gender, social insurance number, home and office addresses, telephone and fax numbers, employment authorization, email address, employee identification number, resume/application for employment, confidentiality agreement, education, employment history, appointment records, performance appraisals, employee relations, attendance records, pay and benefits information, staff development and training, learning accounts, occupational health and safety, employee assistance, health and life insurance records, employee conflict of interest disclosure statements, grievances, recognition awards, job classification, professional association memberships and certifications, security clearance, parking/building passes, correspondence with regulatory colleges, employee authentication log-on, and other personal data related to employment.Uses:  to administer the hiring process from start to finishIndividuals Included: All employees of MHA

Retention and Destruction: 7 years from termination

back to top
Employee incident files

Location:  Human Resources / Occupational Health and SafetyAuthority:  Workplace Safety and Insurance ActTypes of PI:  names, contact information, employee number, employment information, medical informationUses: investigation, preventionIndividuals Included: Employees involved in incidents at MHA

Retention and Destruction: Year of record +6 years

back to top
Expense Claims

Location:  Accounts PayableAuthority: Freedom of Information and Protection of Privacy Act S. 28(2)Types of PI: Names, contact information, financial information, event attendanceUses: reimbursementIndividuals Included:  MHA staff

Retention and Destruction: Year of Record + 6 years

back to top
Freedom of Information Requests

Location: Freedom of Information and Protection of Privacy Coordinator’s office.Authority: Freedom of Information and Protection of Privacy ActTypes of PI: Name of the person making the request, address, telephone numbers, description of information requested and/or reasons and evidence to correct information, fees paid, banking information, correspondence and copies of requested records.Uses:  Respond and process requests, compile statistics.Individuals Included:  Individuals submitting requests under the Act, including individuals acting on behalf of another person (third parties).

Retention and Destruction: Kept for the required retention period or remainder of the calendar year plus a further five years (whichever is longer).

back to top
Hospital Directory

Location:  Human ResourcesAuthority: Employment Standards ActTypes of PI: Name, department, telephone number, email, address, date of birthUses: To contact members of the MHA community and to authenticate users for restricted resources. Contact information available for public search on the internet; personal information required for identity management restricted to relevant staff.Individuals Included: MHA employees, professional staff and external persons with specific need to be included in the MHA directory.

Retention and Disposal: TBD

back to top
Human rights case files

Location:  Human ResourcesAuthority: Human Rights CodeTypes of PI: Name of the person making the claim, address, telephone numbers, description of claim, response to claim.Uses: Respond and process human rights claims; compile statisticsIndividuals Included:  Individuals submitting requests under the Act, including individuals acting on behalf of another person (third parties).

Retention and Destruction: 21 years

back to top
Images, photographs, consent forms for public relations

Location: CommunicationsAuthority: Freedom of Information and Protection of Privacy Act S. 28(2)Types of PI: Photographs,Uses:  public relations, newslettersIndividuals Included: Individuals involved in public relations efforts to promote MHA

Retention and Destruction: TBD

back to top
Insurance Claims (non-litigation)

Location:  AdministrationAuthority: Insurance ActTypes of PI: Name of the person making the complaint or potential claimant, address, telephone numbers, description of complaint or concerns, response to complaint or concerns.Uses: Respond and process human rights claims; compile statisticsIndividuals Included:  Individuals submitting requests under the Act, including individuals acting on behalf of another person (third parties).

Retention and Destruction:  7 years (if under 18, kept 7 years after 18th birthday)

back to top
Incident Reports

Location: Human Resources and Occupational Health and SafetyAuthority: Workplace Safety and Insurance ActTypes of PI: Names, names, contact information, employee number, employment information, medical informationUses: investigation, preventionIndividuals included: Employees at the MHA

Retention and Destruction: Year of Record + 6 years

back to top
IT Security Investigations

Location:  Information TechnologyAuthority:  Freedom of Information and Protection of Privacy Act S. 28(2)Types of PI:  Names, IT historyUses: InvestigationIndividuals Included: Subjects of investigations including anyone with access to MHA information systems

Retention and Destruction: 2 years

back to top
Job Competitions

Location:  Human ResourcesAuthority:  Employment Standards ActTypes of PI:  May include name, home and office addresses, telephone numbers, application form, resume, references, samples of work, job advertisement, screening and evaluation results, and appointment of successful candidate.Uses: Document the hiring process and provide statistics.Individuals Included: Applicants for employment opportunities at MHA

Retention and Destruction:  Current Calendar Year + 6 years after position staffed

back to top
Litigation files

Location: AdministrationAuthority: Public Hospitals ActTypes of PI: names, claims, background informationUses: Respond and process litigation claims; compile statisticsIndividuals Included:  Individuals suing MHA or MHA sues; including individuals acting on behalf of another person (third parties).

Retention and Destruction: 15 years from date of notice of dismissal or settlement

back to top
Occupational Health and Safety Records

Location: Occupational Health and Safety DepartmentAuthority: Occupational Health and Safety ActTypes of PI: Names, date of birth, employment information, medical informationUses: Conduct inspections and investigations, reporting purposesIndividuals included: MHA employees

Retention and Destruction: 7 years from termination

back to top
OHIP Payments

Location: FinanceAuthority: Health Insurance ActTypes of PI: OHIP numbers, account number, service dateUses:  ReimbursementIndividuals Included:  Physicians

Retention and Destruction:  Year of record +6

back to top
Patient Payments

Location: FinanceAuthority: Public Hospitals Act, Health Insurance ActTypes of PI: Name, address, telephone numbers, e-mail address, financial information, amount paid or outstanding.Uses: Settlement of accountsIndividuals Included: Individuals who pay or owe money to MHA.

Retention and Destruction: Year of Record + 6 years

back to top
Patient Relations Compliments and Complaints

Location: AdministrationAuthority: Public Hospitals ActTypes of PI: names, health information, visit historyUses: Respond and process compliments and complaints about MHA; compile statisticsIndividuals Included:  Individuals submitting compliments or complaints, including individuals acting on behalf of another person (third parties).

Retention and Destruction: 10 years

back to top
Pay equity records

Location: Human ResourcesAuthority: Pay Equity ActTypes of PI:  Names, salaryUses:  EvaluationIndividuals Included:  MHA staff

Retention and Destruction: Permanent

back to top
Professional Staff contracts Professional Staff  credentialing files

Location:  AdministrationAuthority: Public Hospitals ActTypes of PI:  May include name, birth date, gender, home and office addresses, telephone and fax numbers, email address, MHA identification number, application for appointment, reappointment documentation, letters of reference, curriculum vitae, confidentiality agreement, education, employment history, performance appraisals, training, occupational health and safety, insurance, description of privileges, conflict of interest disclosure statements, recognition awards, professional association memberships and certifications, security clearance, parking/building passes, correspondence with regulatory colleges, log-on, and other personal data related to appointment to the Professional Staff.Uses:  credentialing, appointment to medical staffIndividuals Included: All members of the Professional Staff

Retention and Destruction: for tenure of professional staff member, plus 15 years.

back to top
Privacy complaints, breaches, audits

Location: Office of the Chief Privacy OfficerAuthority: Personal Health Information Protection Act, 2004Types of PI: Name (name of the person making the complaint, subject of a privacy breach, name of person audited), address, telephone numbers, description of information relevant to the complaint, breach or audit and responses, correspondence and copies of relevant records.Uses:  Respond and process complaints, breaches and audits, compile statistics.Individuals Included:  Individuals submitting complaints, individuals whose information was compromised, individuals whose information is audited, including individuals acting on behalf of another person (third parties).

Retention and Destruction: TBD

back to top
Professional Staff privileges case files

Location:  AdministrationAuthority: Public Hospitals ActTypes of PI:  Names, address, privileging informationUses:  Legal casesIndividuals Included:  All applicants to the Professional Staff, all members of the Professional Staff

Retention and Destruction: For tenure of professional staff member plus 15 years

back to top
Security Reports

Location: Environmental ServicesAuthority: Freedom of Information and Protection of Privacy Act S. 28(2)Types of PI: Names, address, incident reportsUses: Investigation and to ensure security within the organization.Individuals Included:  Employees, individuals outside the organization.

Retention and Destruction:  TBD

back to top
Security Surveillance

Location: Environmental ServicesAuthority:  Freedom of Information and Protection of Privacy Act S. 28(2)Types of PI: Video imagesUses:Iinvestigate incidents relating to safety or securityIndividuals Included:  MHA employees, physicians, individuals external to the Hospital.

Retention and Destruction: 120 Days

back to top
Student Placement

Location:  Volunteer ServicesAuthority: Employment Standards ActTypes of PI: Names, educational history, home addressUses:  Contacting students for the purpose of facilitating placementIndividuals Included: Students with placements at MHA

Retention and Destruction: 7 years from termination

back to top
Volunteers

Location: Volunteer ServicesAuthority: Employment Standards ActTypes of PI: Names, employment history, police record checkUses:  To track volunteer availabilityIndividuals Included: Volunteers with placements at MHA

Retention and Destruction: 7 years from termination

back to top