Privacy Incident & Breach Management Change Summaries

Updated Version Effective Date: February 27, 2026
Previous Version: May 8, 2024

This summary highlights updates to this Privacy Incident & Breach Management Policy as of the effective date above. It is provided for convenience and does not include all details. Please review the full Privacy Incident & Breach Management Policy to understand all terms. If there is any inconsistency between this summary and the full Privacy Incident & Breach Management Policy, the full Privacy Incident & Breach Management Policy will govern.

Overview of Changes

This document has been updated to reflect revisions to definitions, scope, procedures, and organizational structure. Certain sections have been clarified, reorganized, and expanded to provide additional context and alignment with applicable privacy practices and legal frameworks.

Definitions and Scope

Updates were made to definitions and terminology used throughout the document.
The scope of the policy has been revised to reflect broader categories of information and applicable privacy considerations.
Certain concepts have been further described to distinguish between different types of privacy-related events.

Policy Structure and Organization

Sections have been reorganized to improve clarity and logical flow.
References to related policies and external materials have been updated.
Public-facing and internal procedural elements have been more clearly delineated.

Procedures and Processes

Updates were made to the description of procedures for identifying, managing, and responding to privacy-related events.
Certain process steps have been clarified and described in greater detail.
Additional context has been included regarding investigation, assessment, and response activities.

Roles and Responsibilities

Clarifications were made to roles and responsibilities associated with managing privacy-related events.
Certain responsibilities of internal personnel and third parties have been further described.

Reporting and Notification

Updates were made to reporting and notification provisions, including timing and coordination considerations.
References to applicable legal and regulatory requirements have been updated.

No Fundamental Changes

The overall structure and intent of the policy remain unchanged, including:

The classification of privacy-related events
The general process for identification, investigation, and notification
The role of designated personnel in managing privacy-related matters

Privacy Incident & Breach Management Policy Change Summaries

Overview of Changes

Definitions and Scope

Policy Structure and Organization

Procedures and Processes

Roles and Responsibilities

Reporting and Notification

No Fundamental Changes

Solutions

Product

Company

CBO Essentials

CBO Advanced

Community eRequest

Clinician eRefer

Appointment Booking

Public Sign-up

Caredove Forms

Caredove WebBuilder

Integrations

Mental Health & Addictions

Community Support & Seniors

Child Development Services

Home Care

Ontario Health Teams

Community Paramedicine: Embracing a Digital-First Approach to Care

A Blueprint for an Effective Central Intake Hub in Healthcare

Rethinking Referrals: Embracing Direct Access for Community Health Care

10 Reasons Rapid Access Low-Barrier Walk-In Counseling Shines!