Year Completed: 2024
Summary: The purpose of this PIA is to assess privacy risks associated with changes to the personal health information collected for the NIPT encounter in the BORN Information System.
Year Reviewed:
Privacy Impact Assessment Summaries
See concise overviews of privacy assessments for BIS changes — what’s new, what risks were considered, and how we protect your data.
Non-Invasive Prenatal Testing (NIPT) data enhancements
Diagnostic Evaluation Report Form (DERF) enhancements
Year Completed: 2024
Summary: The purpose of this PIA is to assess the privacy risks associated with changes to the personal health information collected for the DERF, a component of Prenatal Screening Ontario data in the BORN Information System.
Respiratory Syncytial Virus (RSV) reports to public health units (PHUs)
Year Completed: 2024
Summary: The purpose of this PIA is to assess the privacy risks associated with the collection and use of prenatal RSV vaccinestatus and infant monoclonal antibody immunization status and the subsequent disclosure of these data to PHUs for those PHUs to upload to the PHIX/Panorama system.
Year Reviewed:
Use of Microsoft PowerBI for reporting
Year Completed: 2024
Summary: The purpose of this PIA is to assess current and future risks to implementing Microsoft PowerBI as a business intelligence dashboard viewing tool within the BORN Information System and the BORN personal health information storage vault.
Year Reviewed:
Infant Death Registration Data linked to BORN Information System (BIS) data
Year Completed: 2024
Summary: The purpose of this PIA is to assess the collection and use of the data contained within the infant death registration files received by BORN as a one-time historical extract from the Registrar General of Ontario.
Year Reviewed:
Paediatric Diabetes Registry (PDR)
Year Completed: 2024
Summary: The purpose of this conceptual PIA is to identify the privacy impact and privacy risks associated with personal health information collected from Ontario’s Paediatric Diabetes Education Programs about the characteristics or health of children and adolescents living with diabetes.
Year Reviewed:
Fetal Blood Group Genotyping (fetal BGG) Screening
Year Completed: 2024
Summary: The purpose of this conceptual PIA is to is to identify the privacy impacts and privacy risks associated with the implementation of two new prenatal fetal BGG screening tests within BORN’s Prenatal Screening Ontario data in the BORN Information System.
Year Reviewed:
Midwifery Unaccommodated Client data in the BORN Information System (BIS)
Year Completed: 2024
Summary: The purpose of this PIA is to assess privacy risks and impacts associated with migrating midwifery unaccommodated client data from the Midwifery Invoice System to the BIS.
Year Reviewed:
Midwifery Invoice System (MIS) rebuild
Year Completed: 2024
Summary: The purpose of this PIA is to assess privacy risks and impacts associated with the rebuild of the MIS. The MIS is not considered a BORN data holding of personal health information.
Year Reviewed:
BORN Microsoft Azure Hosted Technology
Year Completed: 2023
Summary: The purpose of this PIA is to identify privacy impacts and risks associated with changes to BORN’s suite of core technologies. Specifically, the PIA assesses changes to the BORN Information System (BIS) since the 2020 PIA, migration of the personal health information storage vault and science infrastructure to BORN’s Microsoft Azure Cloud, and implementation of a new secure file transfer protocol (sFTP) solution.
Year Reviewed:
System and Organization Controls (SOC) 2 audit of a third party service provider
Year Completed: 2023
Summary: The purpose of this audit report is to summarize the privacy and information security controls that are in place at a third-party service provider.
Year Reviewed:
Fast Healthcare Interoperability Resources (FHIR) application for BORN clinical data integrations
Year Completed: 2022
Summary: The purpose of this PIA is to assess the FHIR application that would enable data contributors to review and correct errors in personal health information submitted to the BORN information system (BIS).BORN did not proceed with implementing the FHIR app.
Year Reviewed:
Year Completed: 2021
Summary: The purpose of this PIA is to assess privacy risks associated with the implementation and use of the BORN data warehouse, as well as identify privacy-related considerations for a future business intelligence solution
Year Reviewed: 2025
Year Completed: 2018;
Summary: The purpose of this PIA is to assess privacy risks and impacts associated with the implementation of a prenatal screening program at BORN, which facilitates prenatal screening and supports key health care providers.
Year Reviewed: 2025
Healthy Babies Healthy Children (HBHC) BORN Program
Year Completed: 2018
Summary: The purpose of this PIA is to assess privacy impact and risks associated with BORN collecting personal health information for the HBHC screening program, and additional data about children’s height, weight, and lifestyle to facilitate the province’s primary care Healthy Growth Initiative.
Year Reviewed:
BORN Information System (BIS) migration to the cloud
Year Completed: 2018
Summary: The purpose of this PIA is to assess privacy impacts and risks associated with migrating the BIS from CHEO infrastructure into the Microsoft Azure Cloud.
Year Reviewed:
Various BORN Information System (BIS) enhancements
Year Completed: 2016
Summary: The purpose of this PIA is to assess privacy risks of BORN Information System enhancements including: the ImmunizeCA project; the Ontario Perinatal Record and data pre-population projects; and the public health data cube (an analysis tool) project.
Year Reviewed:
BORN Information System (BIS) message and other enhancements
Year Completed: 2014
Summary: The purpose of this PIA is to assess privacy risks relating to numerous changes to the BORN Information System including: the 18 Month Enhanced Well Baby clinical encounter; CANS Autism Outcomes Assessments; in vitro fertilization clinic treatments; midwifery unaccommodated clients; gestational diabetes; and a secure messaging system within the BIS.
Year Reviewed: 2025
BORN Canadian Congenital Anomalies Surveillance System (CCASS) Implementation
Year Completed: 2011
Summary: The purpose of this PIA is to assess privacy risks relating to the CCASS core set of national variables for the Champlain Local Health Integration Network.
Year Reviewed: 2025
Delta PIA for the BORN Information System (BIS)
Year Completed: 2012
Summary: The purpose of the delta PIA is to assess privacy risks relating to several enhancements, including: to the Midwifery Invoice System to enable payment for midwifery services; to enable batch uploading of the antenatal records from physician electronic medical records; and to enable inclusion of assisted reproductive technology data in the BIS.
Year Reviewed: 2024
Original PIA for the BORN Information System (BIS)
Year Completed: 2011
Summary: The purpose of this PIA is to assess the development of privacy policies and controls prior to the implementation of the BIS at the Children's Hospital of Eastern Ontario.
Year Reviewed: 2024
Original Ontario Perinatal Surveillance System (OPSS) for the Ministry of Health and Long-Term Care
Year Completed: 2008
Summary: The purpose of this PIA is to provide the OPSS with pertinent information to facilitate and maintain an effective prescribed registry. This PIA identifies risks and mitigations associated with the OPSS.
Year Reviewed: 2024
Contact Us
BORN Ontario
401 Smyth Rd
Ottawa, ON K1H 8L1
General Inquiries
Send us an Email
Help Desk
BIS · CARTR Plus · MIS · NTQA
FAQ · Email Us
1-855-881-BORN (2676)
Sign up for our News Feed
Stay up-to-date on BORN Ontario news by subscribing to our news feed.
Frequently Asked Questions
Help Desk
BIS · CARTR Plus · MIS · NTQA
Need help? We're here for you.
Check our FAQ · Email us
Call toll-free: 1-855-881-BORN (2676)
