PHIPA Audit & Compliance System

Ontario Personal Health Information Protection Act

AUTHORIZED ACCESS ONLY

This system monitors and audits access to Personal Health Information (PHI) under PHIPA. Unauthorized access, use, or disclosure is strictly prohibited and subject to legal penalties.

Review the information below, then scroll down and select I Agree - Log In to continue.

Your Responsibilities Under PHIPA

Access Control: Only access PHI necessary for your authorized job functions

Confidentiality: Keep PHI strictly confidential and do not disclose to unauthorized parties

Security: Use secure passwords, lock your workstation, and report security incidents immediately

Compliance: Follow all organizational policies, procedures, and PHIPA requirements

Audit Cooperation: All activities are logged for compliance auditing and may be reviewed

Strictly Prohibited Activities

Accessing PHI for personal reasons or curiosity (snooping)

Sharing login credentials, passwords, or access tokens with others

Copying, printing, or downloading PHI without authorization

Disclosing PHI via email, text, social media, or verbal communication

Bypassing, disabling, or tampering with security controls or audit logs

Consequences of Violations

PHIPA violations are serious offenses that may result in:

  • Disciplinary action up to and including termination of employment
  • Civil penalties under PHIPA (fines up to $100,000 per violation)
  • Criminal charges under the Criminal Code of Canada
  • Professional sanctions (loss of professional license/registration)
  • Legal liability for damages to affected individuals
System Monitoring & Audit

This system is actively monitored and audited for PHIPA compliance:

All database queries and PHI access attempts are logged with timestamps

User identity, workstation, IP address, and activity details are recorded

After-hours access and suspicious activities trigger immediate alerts

Audit logs are tamper-proof and retained per regulatory requirements

Regular compliance reviews are conducted by Privacy and Security Officers

Questions or Concerns?

Privacy Officer

For privacy-related questions
Email: privacy@invorg.ca
Phone: Ext. 2100

Security Incidents

Report suspected breaches
Email: security@invorg.ca
Emergency: Ext. 9999

By accessing this system, you acknowledge that:

  • You are an authorized INVORG team member with legitimate need-to-know access
  • You have completed required PHIPA privacy and security training
  • You understand your obligations under PHIPA and organizational policies
  • You consent to monitoring and auditing of all system activities
  • You will immediately report any suspected privacy breaches or security incidents
© 2026 INVORG Healthcare Information Services
PHIPA Audit System v1.0 | Last Updated: May 2026
Privacy Policy | Terms of Use | PHIPA Guidelines
An unhandled error has occurred. Reload 🗙