PHIPA DECISION 90

Complaint HA17-126-2

The Canadian Red Cross - Sudbury

March 22, 2019

Summary: An individual sought access to a full copy of his file from The Canadian Red Cross Society. The Red Cross issued a decision granting access to the responsive records in part, but withholding the names of employees who had provided care to the requester at his home pursuant to the exemption at section 52(1)(e)(i) (risk of serious harm). The adjudicator finds that section 52(1)(e)(i) does not apply and orders the Red Cross to provide the complainant with access to the records in full.

Statutes Considered: Personal Health Information Protection Act, 2004 , SO 2004, c 3 , Sched. A , as amended, section 52(1)(e)(i).

Orders and Investigation Reports Considered: PHIPA Decision 34 and Order PO-1940.

OVERVIEW:

[1]  The Canadian Red Cross Society (the Red Cross) received a request under the Personal Health Information Protection Act (PHIPA or the Act), for access to a full copy of the requester’s file, including the dates of all visits by the Red Cross to his home and the full names of the Red Cross staff who provided services to him.

[2]  The requester and his legal counsel submitted the access request on four separate occasions. On the last occasion, the requester’s legal counsel also sought access to copies of the Red Cross’ Code of Conduct and all policies and procedures that were in place while the requester was under the Red Cross’ care.

[3]  The Red Cross issued a decision granting partial access to the responsive records. The Red Cross’ decision stated, in part, “[o]ur releases are subject to our own privacy standards, as such you will see the names of our CRCS staff are redacted from the records provided.”

[4]   The requester filed a complaint with this office in response to the Red Cross’ decision, thereby becoming the complainant in this file.

[5]  During mediation, the Red Cross issued a revised decision in which it advised that it was denying access to the names of its staff pursuant to section 52(1)(e) of the Act. The revised decision stated, in part:

There have been multiple incidents of you being [verbally] abusive, specifically towards our female staff members, both in person and over the phone. The prejudicial views you have expressed regarding the intelligence and skills of women, especially those who are attempting to help you, have contributed to our concern that our female staff would be at risk of personal harm or abuse if you obtained their full names. [1]

[6]  Also during mediation, the Red Cross provided the complainant with copies of its policies and procedures, as requested by the complainant’s legal counsel. Therefore, access to the policies and procedures is no longer at issue in this complaint.

[7]  The mediator discussed the revised decision with the complainant, who expressed that he was not satisfied with the Red Cross’ reliance upon section 52(1)(e) of the Act or the severances it applied to the records. The complainant maintains that he is entitled to the withheld information and that it is important for patients to have access to this information.

[8]  As no further mediation was possible, the file was transferred to the adjudication stage of the complaint process. I decided to conduct a review under the Act to determine whether the exemption at section 52(1)(e)(i), in particular, applies to the information at issue. In doing so, I sought representations from the Red Cross, the complainant, and four affected parties. I received representations from the Red Cross, the complainant, and one of the four affected parties.

[9]  For the following reasons, I find that the exemption at section 52(1)(e)(i) does not apply in the circumstances of this complaint, and I order the Red Cross to grant the complainant full access to the records at issue.

RECORDS:

[10]  There are four pages of records at issue, which consist of a Client Narrative Report and a Care Plan.

DISCUSSION:

[11]  There appears to be no dispute that the Red Cross is a “health information custodian” under section 3(1) of PHIPA and that the records at issue are dedicated primarily to the complainant’s personal health information as contemplated by sections 4(1) and 52(3) of the Act. Accordingly, the complainant has a right of access to these records subject only to the exemptions in section 52(1) of the Act.

[12]  The sole issue to be determined in this review is whether the exemption in section 52(1)(e)(i) of the Act applies to the portions of the records withheld by the Red Cross.

Does the exemption at section 52(1)(e)(i) of PHIPA apply to the information at issue?

[13]  The exemption at section 52(1)(e)(i) states:

52(1) Subject to this Part, an individual has a right of access to a record of personal health information about the individual that is in the custody or under the control of a health information custodian unless,

(e) granting the access could reasonably be expected to,

(i) result in a risk of serious harm to the treatment or recovery of the individual or a risk of serious bodily harm to the individual or another person.

[14]  The purpose of section 52(1)(e)(i) is to protect the treatment, recovery, and physical security of a patient and others. This exemption is similar to section 49(d) of the Freedom of Information and Protection of Privacy Act (FIPPA), which provides an exemption from disclosure of medical information to a requester where it “could reasonably be expected to prejudice the mental or physical health of the individual.” It is also similar to section 20 of FIPPA, which applies “where the disclosure could reasonably be expected to seriously threaten the safety or health of an individual.” [2]

[15]  The standard of proof required under section 52(1)(e)(i) of PHIPA is the same as the standard under sections 49(d) and 20 of FIPPA, and other exemptions that contain the words “could reasonably be expected to” [3] . The health information custodian must demonstrate a risk of harm that is well beyond the merely possible or speculative, although it need not prove that granting access will in fact result in such harm. How much and what kind of evidence is needed will depend on the type of issue and seriousness of the consequences. [4]

Representations

[16]  The Red Cross submits that it regularly receives requests for client files and, typically, would not redact staff names prior to providing access to the records. The Red Cross submits, however, that given the circumstances of this case, its Ontario Director of Quality and Risk and its Privacy Officer made the “exceptional” decision to withhold staff names pursuant to section 52(1)(e) of the Act. The Red Cross submits that the decision was based on the complainant’s verbal abuse of its office staff and home workers, particularly directed toward female employees, during the course of his time as a client. The Red Cross states that on several occasions, the complainant made statements toward female staff, both in person and over the phone, that were “extremely hostile and abusive.” The Red Cross submits that although it did not document these occurrences in detail, the complainant used derogatory terms in his interactions and expressed prejudicial views regarding the intelligence and skills of women, especially those assigned to assist him. These instances of verbal abuse contributed to the Red Cross’ concern that releasing the names of the female staff that assisted the complainant would put them at risk of harm.

[17]  According to the Red Cross, the complainant has never made any direct physical threats toward its staff, but the Red Cross remains concerned about the mental health and well-being of its staff. The Red Cross submits that releasing the full names of the complainant’s home care workers is reasonably likely to cause the workers harm in the future as the complainant could use that information to obtain their personal phone numbers and addresses in order to contact them directly at their homes.

[18]  The Red Cross also maintains that the workers’ names comprise a minimal part of the complainant’s client file: workers’ names were redacted seven times in a 60-page record, and no other text was withheld. The Red Cross states that the redacted names are irrelevant to the substance of the complainant’s health record and do not compromise or have any bearing on it. Based on these considerations, the Red Cross concludes that the reason the complainant seeks access to the names in particular is “for some other purpose directed towards them personally.”

[19]  Finally, the Red Cross maintains that as an employer, it has both ethical and legal obligations to protect its workers. It states that the risk to workers is higher in rural and/or isolated environments, such as when providing home care services.

[20]  The complainant explains that he suffers from a disease and, as a result, he is very sick and in a wheelchair. He states that every person has a right to know the full name of a person entering their home. He also maintains that the Red Cross is “playing games and bad mouthing” him, and that it is “giving [him] reprisal and retaliation.”

[21]  One of the four affected parties provided representations for my consideration. That affected party maintains that her privacy should be protected by upholding the Red Cross’ decision.

Analysis and findings

[22]  As stated above, in PHIPA Decision 34, Adjudicator John Higgins determined that the standard of proof required under section 52(1)(e)(i) of the Act is a demonstrable risk of harm that is well beyond the merely possible or speculative although the evidence need not prove that granting access will in fact result in such harm.

[23]  In Order PO-1940, Adjudicator Laurel Cropley considered a similar fact situation to the one at hand: the institution withheld the names of staff members from records pursuant to the exemption at section 20 of FIPPA. The institution in that appeal submitted that it did “not see any justifiable need for the individual to have access to the names of those present at the meeting, other than to possibly harass those individuals.” The substantial evidence and history predating that appeal led Adjudicator Cropley to conclude that the information was properly withheld under section 49(a) in conjunction with section 20 of FIPPA; however, in a post-script to Order PO-1940, the adjudicator stated the following:

There are occasions where staff working in “public” offices […] will be required to deal with “difficult” clients. In these cases, individuals are often angry and frustrated, are perhaps inclined to using injudicious language, to raise their voices and even to use apparently aggressive body language and gestures. In my view, simply exhibiting inappropriate behaviour in his or her dealings with staff in these offices is not sufficient to engage a section 20 or 14(1)(e) claim [under FIPPA]. Rather, as was the case in this appeal, there must be clear and direct evidence that the behaviour in question is tied to the records at issue in a particular case such that a reasonable expectation of harm is established.

[24]  I agree with the adjudicator’s comments and find them helpful in this complaint.

[25]  As I noted above, the purpose of section 52(1)(e)(i) is to protect the treatment, recovery, and physical security of a patient and others. Having considered the parties’

[26]  submissions and the records at issue with the purpose of the exemption, I am not persuaded that providing the complainant with access to the information at issue could reasonably be expected to lead to any of the harms set out in section 52(1)(e)(i) of PHIPA.

[27]  The complainant’s treatment of female staff at the Red Cross is documented, although not in specific detail. It appears that incidents of verbal abuse occurred while Red Cross employees attended the complainant’s house and over the phone when the complainant called the Red Cross directly, or vice versa.

[28]  While this behaviour is inappropriate, I conclude that these instances of past verbal abuse are insufficient on their own to engage the exemption under section 52(1)(e)(i) of the Act. In my view, the harms that the Red Cross submits are “reasonably likely” to result from providing access to the information at issue are speculative in nature. There is no evidence in the records or the parties’ submissions to suggest that the complainant is likely to attempt to contact Red Cross staff, either in person, over the phone, or otherwise, if their names are released. I am also not satisfied by the evidence provided that the complainant could reasonably be expected to use the affected parties’ names to do so.

[29]  The wording of section 52(1)(e)(i) contemplates three specific types of harm: (1) a risk of serious harm to the treatment or recovery of the individual, (2) a risk of serious bodily harm to the individual, and (3) a risk of serious bodily harm to another person. In this case, the Red Cross is relying on the third type of harm contemplated by section 52(1)(e)(i). As suggested in my reasons, above, the Red Cross focuses on the anticipated verbal abuse that it submits its staff may face if the appellant is granted access to their names. However, I find that the evidence before me, including the nature of the appellant’s inappropriate comments to staff, is insufficient to conclude that this amounts to a risk of serious bodily harm to these individuals as the exemption in section 52(1)(e)(i) requires. As noted above, I am not persuaded that it is likely that the complainant would use the names to contact Red Cross staff. I also note that, as the Red Cross acknowledges, the complainant “has not made any direct physical threats towards [its] staff to date.”

[30]  While I have considered the concerns expressed by the Red Cross and the affected party who responded, the evidence before me does not establish that granting access to the information withheld under section 52(1)(e)(i) could reasonably be expected to result in a risk of serious harm to the treatment or recovery of the complainant or a risk of serious bodily harm to the complainant or another person. As there is insufficient evidence to establish the requirements of section 52(1)(e)(i), I find that the exemption does not apply. Accordingly, I find that the complainant has a right of access to the withheld information and I will order the Red Cross to grant access to it.

ORDER:

For the foregoing reasons, pursuant to section 61(1) of the Act:

1. I order the Red Cross to grant the complainant access to the information that it withheld pursuant to section 52(1)(e)(i) of the Act by May 1, 2019 but not before April 26, 2019.
2. In order to verify compliance with this Decision, I reserve the right to require that a copy of the record be provided to me.

Original signed by		March 22, 2019
Jaime Cardy
Adjudicator