How GEMINI Uses and Protects Patient Data

General Information

GEMINI is a not-for-profit research program based at the Li Ka Shing Knowledge Institute of Unity Health Toronto. GEMINI’s uses electronic data from participating hospitals in Ontario to measure and improve the quality of hospital care for adults.

GEMINI is administered and overseen by Unity Health Toronto.

GEMINI has developed a thorough governance framework. It seeks input from diverse stakeholders, including oversight committees, clinicians and researchers from participating hospitals and partner organizations. Before submission to the Research Ethics Board (REB), all research projects that would use de-identified data held securely by GEMINI are reviewed by a committee that includes members from a number of participating hospitals (including Unity Health Toronto).

Governance policies for GEMINI have been revised based on feedback from participating hospitals. GEMINI’s governance policies are available upon request.


Hospitals participating in GEMINI share data about patients who receive inpatient care at that hospital. After patients leave the hospital, the data is transferred over secure networks to GEMINI, which is based at Unity Health Toronto. More than 30 hospitals in Ontario (covering more than 60% of the province’s medical hospital beds) are part of the GEMINI network.

Participating hospitals give GEMINI select data about patient care that are stored on hospital computer systems. This includes personal health information (PHI) such as laboratory and imaging test results, medication prescriptions and vital signs data. Visit the GEMINI Data page for more info.

When GEMINI receives this data from hospitals, we take steps to remove information that could identify specific patients, then store this data securely in a database.

PHI is any information that identifies you and connects you to receiving care at a specific health care organization. This includes things like your physical or mental health, diagnoses, testing, treatment and demographic information (such as age, sex, neighbourhood).

Privacy and Security

GEMINI takes privacy and security very seriously. When GEMINI receives patients’ PHI, we are acting as an agent of the hospital that provides it. This means we follow Ontario’s Personal Health Information Protection Act (PHIPA), the same laws hospitals must follow. You can read about these laws here.

As an agent of the hospital, PHIPA allows GEMINI to use PHI to carry out certain activities on behalf of that hospital, including:

  • Generating statistics, which can lead to a better understanding of patient groups and their needs
  • Helping to understand and improve the quality of care and safety in hospitals
  • Once personal identifiers are removed, GEMINI facilitates access to the data for research studies as approved by hospitals’ Research Ethics Boards

Data sharing agreements between each participating hospital and Unity Health Toronto set out how PHI will be safely and securely managed, including:

  • How PHI will be securely transferred
  • How PHI will be used in the brief time before personal identifiers are removed
  • How data without personal identifiers is made available for approved research studies and to measure and improve the quality of hospital care for adults

GEMINI has strict measures to ensure privacy protection. Our privacy practices have been reviewed by legal counsel and by the privacy officers of all participating hospitals. We also ensure that our privacy practices are in line with other organizations in Ontario with large data repositories, including the Ontario Brain Institute BRAIN-CODE and ICES.

GEMINI staff manage all data according to strict rules set out in data sharing agreements and Research Ethics Board-approved protocols. GEMINI’s data platform has been tested for its security by a leading technology solutions firm.

GEMINI maintains a secure data platform with safeguards to protect both the PHI and de-identified data it holds, including:

  • Storing data in separate areas designated for specific access and use
  • Limiting data access only to where it is necessary
  • Strictly managing and auditing access to data
  • Conducting annual privacy and security training for staff

GEMINI takes steps to reduce the risk that individual patients could be identified from its research data. This includes:

  • Removing and masking all personal identifiers (such as names and addresses) through state-of-the-art tools
  • Organizing data in the data platform in ways that cannot be linked back to individuals
  • Ensuring that only aggregated data are reported publicly (GEMINI does not report items of data that pertain to groups of five or fewer individuals)

Research and Quality Improvement

A Research Ethics Board (REB) ensures that research meets scientific and ethical research standards to protect human research participants. An REB reviews and approves research studies before the research is started.

GEMINI’s activities are governed by protocols that have been approved by the Research Ethics Board (REB) of Unity Health Toronto in full compliance with PHIPA and a guidance document called the Tri-Council Policy Statement (TCPS2): Ethical Conduct for Research Involving Humans. TCPS2 is a joint policy of Canada’s three federal research agencies. Each participating hospital must get REB approval, either from their own REB or by assigning the review to the Unity Health Toronto REB.

Participating hospital securely provide PHI to GEMINI and direct GEMINI to remove personal identifiers without asking patients for consent. This is allowed under PHIPA and TCPS2, mainly because:

  • It is not feasible to seek consent from over a million individuals after they have been discharged from hospital.
  • Using data for research with personal identifiers removed carries little risk to individuals.
  • The activities of GEMINI do not directly influence a person’s clinical care (since the data is gathered after they leave the hospital).
  • The risk of privacy breach or re-identification is low.
  • As an added protection, any research study that is approved to use de-identified data held by GEMINI must receive REB approval, even if patient consent is not required.

Not seeking patient consent is a common approach in Canada and around the world for many large, retrospective research initiatives, like GEMINI. For example, ICES (formerly the Institute for Clinical Evaluative Sciences) has had authority under PHIPA for decades to analyze non-consented health data on all Ontarians. ICES makes de-identified data available for research purposes.

Research has shown that among hospitalized patients, if data are only used for those who can provide informed consent, then people with severe illness, those who don’t speak English and other under-represented groups (such as racialized individuals) are under-represented. As a result, research findings are biased and cannot measure the quality of care for all patients. One of GEMINI’s main goals is to measure the quality of care for all hospitalized adults, so it is crucial that people are not under-represented.

GEMINI has supported many research projects designed to identify opportunities to improve healthcare delivery and health outcomes. Here are a few examples of how GEMINI data has been used:

  1. Understanding general medicine hospital care: GEMINI identified that general medicine inpatients are the largest single group of hospitalized patients, making up 40 per cent of those who enter the hospital via the emergency department and growing rapidly. The Ontario government used our research in its report on how to solve the challenge of hospital overcrowding and improve health outcomes across the province.
  2. Ontario General Medicine Quality Improvement Network (GeMQIN): This network in collaboration with Ontario Health is the first network designed to improve quality in general medicine in Canada, and one of the first in the world.
  3. GEMINI data was used to create leading research on the impact of the COVID-19 pandemic on Canada’s hospitals:

GEMINI strongly believes that patient and family engagement is important to achieving and improving patient-centred health care.

  • GEMINI is doing research to better understand patient and caregiver perspectives on quality of care in general medicine, data collection and quality measurement. Patient advisors are helping to guide the design of this study
  • The steering committee overseeing GEMINI’s work with Ontario Health (GeMQIN) contains patient representatives
  • Patient and family partners are part of the GEMINI Steering Committee to help better inform GEMINI’s data governance policies