eCTAS Online Help
Click here to see this page in full context

Reporting Privacy Breaches

For Application Basic and Complex

Scenario: A nurse at Site A accidentally logs into Site B and triages a patient. This exposes patient information from Site A to the wrong site (Site B) resulting in a privacy breach.

  1. Immediately apply a Transfer of Accountability (TOA) to the patient from Site B with the TOA note “Triaged in error”
  2. Log in to the correct site (Site A) and triage the patient
  3. Notify your Privacy Officer and eCTAS Coordinator immediately and follow hospital privacy policies. Hospitals should also notify the other site (Site B).
  4. Your eCTAS Coordinator must complete and submit the eCTAS Privacy Breach Reporting Form to eCTAS@ontariohealth.ca.

Important: Do not include PHI in the eCTAS Privacy Breach Reporting Form, or in your email.
  1. Resources at Site B should login to the eCTAS Registration View, locate the incorrect record in Past Record Lookup, and apply the action ‘Mark as Triaged in Error’. Resources can refer to eCTAS Registration View documentation for detailed instructions on how to locate and indicate records as triaged in error.

 

© 2025 Ontario Health. All rights reserved. Terms of Use.