1 / 12

How to Run A Hospital within the New Privacy Landscape

How to Run A Hospital within the New Privacy Landscape. Ann Cavoukian, Ph.D. Information & Privacy Commissioner/Ontario. The Access Group Roundtable on Health Sector Issues April 29, 2005. Why Bother???.

alda
Download Presentation

How to Run A Hospital within the New Privacy Landscape

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. How to Run A Hospital within the New Privacy Landscape Ann Cavoukian, Ph.D. Information & Privacy Commissioner/Ontario The Access Group Roundtable on Health Sector Issues April 29, 2005

  2. Why Bother??? • Privacy is fundamental to excellent information management practices and patient care – they are complimentary. • Privacy has always been a consideration --- our obligation to patients is now codified. • Legal test --- Reasonableness.

  3. Research • A health information custodian may use PHI for research purposes but only if the custodian has a research plan approved by a research ethics board. Research Ethics Board to consider: • Whether research could be accomplished without using the PHI. • Whether appropriate safeguards will be in place. • Public interest in conducting the research. • Whether obtaining consent directly is impractical.

  4. Fundraising • Adopt an opt out model in order to comply with fundraising provisions: • Stewardship • Oversight • Ongoing rigor & monitoring

  5. Lock Box Provisions Work Group: • Clinical Scenarios • Provincial Pilot – Consent Management • Physician involvement is key • Experience at TOH

  6. Compliance: Be Practical Do’s & Don’ts • Place whiteboards in non-public areas • Use the P.A. system accordingly • Don’t discuss confidential information in public areas. • Do not leave PHI such as charts, reports, lists etc in places where they can be viewed. • Do not leave the computer terminal with PHI readily visible

  7. Compliance: Be Practical Do’s & Don’ts • Never store PHI on lap tops, PDAs or desktops. • All PHI must be stored on the network. • Never e-mail PHI. • Access only information you require. • Remember to log off

  8. Compliance: Be Practical Do’s & Don’ts • Don’t reveal confidential information to others without a need for them to know it. • Keep your password to yourself. • Shred all papers that contain PHI when no longer in use. • Wear your ID badge at all times.

  9. Program Elements • Privacy Committee • Privacy Policy • Training & Orientation modules • Infonet (Intranet) Page for Staff & Physicians • Web Site for Patients & Partners • Notice to Patients --- posted at all key access points

  10. Tools and Templates Make Compliance Easy: Templates for: • Consent • Release of Information • Use of Data bases, • Affiliation Agreements, • Research, • Tools for Physicians

  11. Communication is Key Communication Plan: • CEO Letters, • Articles in Journals, • Brochures, • Program Launch, • Branding Privacy • CD ROMs • Videos • Web Based Education

  12. Compliance Reorganization of: • Risk Management • Legal • Privacy • Communications • Public Relations

More Related