SHIIP End User Agreement (EUA)

This annual agreement binds the user to SHIIP‘s End User Agreement.

You have been authorized to access the personal health information (PHI) held in the Shared Health Integrated Information Portal (SHIIP) as a representative of, and under the authority of, a health care provider that has entered into an agreement with your local Health Information Network Provider/Electronic Service Provider, Kingston Health Sciences Centre (KHSC). Access to PHI in SHIIP happens through a provider portal populated by clinicians and other health care providers. This agreement gives your health care provider the right to provide you access to SHIIP and obligates you and your organization to comply with the terms and conditions of this agreement. As a condition of your access to SHIIP, you confirm that you have completed the privacy training required by your organization for access to SHIIP and its PHI content and will comply with these obligations as they relate to your access.

You agree to:
  • Comply with the internal policies and procedures of the health care provider that has authorized your access, including (but not limited to) privacy practices, consent management, and privacy breach management. In the absence of these policies, the corresponding policies and procedures from the HINP/ESP (KHSC) as published on their website, will be adhered to.
  • Access SHIIP exclusively for the purpose(s) associated with your role and as authorized by the health care provider.
    • a. Only access PHI for the purpose of providing or assisting in the provision of health care to the individual to whom the PHI relates, in compliance with all policies governing your access.
    b. Only use these modules for the purpose of applying, amending or removing a consent directive given by a patient of the health care provider that has authorized your access, or when performing audits of the access to PHI of such patients and other privacy or security related functions assigned to you by that health care provider.
  • Direct your questions to the Privacy Officer of the health care provider that has authorized your access if you require clarification regarding any conditions of your access or of the use of this information.
  • Be held accountable for actions performed in connection with access to SHIIP under your user ID and password regardless of whether a third party carried out the actions or whether you authorized such third party actions.
  • Consent to the logging and auditing of actions you take in relation to your use of SHIIP and the collection, use, disclosure and retention of your personal information for such logging and auditing. The SHIIP HINP/ESP (KHSC) and the health care provider that has authorized your access will monitor your access to ensure compliance. Instances of non-compliance may result in the restriction, suspension or termination of your access to SHIIP. In addition, any instances of non-compliance may be reported to other health care providers, a regulator or regulatory body, to individuals whose PHI has been compromised by your non-compliance and to other affected individuals.