1 / 26

Personal Health Information Task Force Presentation Andrea Seymour

Personal Health Information Task Force Presentation Andrea Seymour Vice President Health Information & CIO River Valley Health June 8, 2007. Topics. Context Privacy Definition Patient’s Privacy Rights Strengths - PHI Legislation Response to Consultation Questions Concluding Remarks.

benjamin-miles
Download Presentation

Personal Health Information Task Force Presentation Andrea Seymour

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Personal Health Information Task Force Presentation Andrea Seymour Vice President Health Information & CIO River Valley Health June 8, 2007

  2. Topics • Context • Privacy Definition • Patient’s Privacy Rights • Strengths - PHI Legislation • Response to Consultation Questions • Concluding Remarks

  3. Health Care Context Consumer Attitudes • Active participant in care • Control over personal information • Privacy aware Health Reform • Information intensive • Collaborative, team based, care delivery models • Continuum of care • Centres of excellence • Disease prevention, wellness focus • Genetics

  4. Health Care Context Technological advances • Telehealth (including telehomecare) • One patient–one record • Portable computing • Internet

  5. Privacy • The right to be left alone, free from intrusion or interruption • Includes elements of: • Security - protection from unauthorized loss, theft, access, use, modification, disclosure • Communications privacy - confidentiality “to keep secret” • Information privacy

  6. Information Privacy • The right of an individual to control the collection, use and disclosure of personal information about themselves. • Personal information is information about an identifiable individual recorded in any form • Protecting personal information means following fair information practices.

  7. In the beginning there was security and confidentiality…. Then came privacy…… THE IMPACT OF NEW PRIVACY PRINCIPLES New Obligations for Government and Business New Accountabilities Define Purposes Limiting Collection Limiting Use, Disclosure & Retention Openness Security and Confidentiality Some Accountability Safeguards Accuracy New Rights for Consumers Consent Individual Access Challenging Compliance 1996 CSA Code (Source: Priva_C, 2003)

  8. Patient’s Privacy Rights Patients have the right to: • Know how their health information will be used and disclosed • Ask questions about privacy and have these questions clearly and promptly answered

  9. Patient’s Privacy Rights Patients have the right to: • Know who has seen their personal information and for what purpose • See and obtain a copy of their records • Amend or include a statement of disagreement for anything in the record they believe to be in error

  10. Patients Privacy Rights Patients have the right to: • Expect that their health information will be kept secure, and provided to only those who need to know • Agree or object to disclosure of their information to visitors, clergy and others not involved in care delivery

  11. Patients Privacy Rights Patients have the right to: • Authorize or refuse additional uses of their information - such as fundraising, marketing, research • Complain if they believe their rights have been violated • Have their complaint escalated if they believe their rights have been violated

  12. Personal Health Information Response to Questions in Consultation Guide

  13. Scope of PHI Legislation Whom: Legislation should apply to all people, agencies or organizations who hold, contribute to, or require access to an individual’s personal health information

  14. Scope of PHI Legislation What: Legislation should cover personal information about an identifiable individual recorded in any form. (Source, POPIA, 2001)

  15. Scope of PHI Legislation Identifiable individual means the individual can be identified by the contents of the information because the information: • Contains the individuals name • Makes the individual’s identity obvious • Is likely in the circumstances to be combined with other information that includes the individual’s name or makes the identity of the individual obvious. (Source, POPIA, 2001)

  16. Scope of PHI Legislation What: The PHI legislation should emphasize the requirement to use non-identifiable information whenever possible Once deemed non-identifiable, the information falls outside the scope of this legislation

  17. Collection The collection of personal health information should be guided by the following: • Limit collection to what is required for defined purpose • Purpose may include improving health care system management or broadening understanding of population health/determinants of health

  18. Consent Implied knowledgeable consent should be the standard in New Brunswick within the “circle of care” Express consent should be the standard in New Brunswick whenever personally identifiable information is shared outside the “circle of care”

  19. Disclosure Exceptions to requiring express consent when disclosing personal health information : • Threat to health and/or safety of public at large • Court order • Compliance with New Brunswick and Canadian laws • Planning, monitoring and evaluating the health system when fraud or criminality is suspected • Determining eligibility to receive health service Whenever possible the patient should be notified that their information has been shared Note: Clarify relationships between Personal Health Information legislation and other legislation e.g. Mental Health Act

  20. Access Patient’s should be able to: • Access their personal health information • Request an addendum or amendment to their personal health information Note: • Recognize the need to harmonize Right to Information Act with Personal Health Information legislation

  21. Denial of Access Denial of access to personal health information could occur if: • Knowledge could endanger patient’s mental or physical health, • Access reveals information about another person, who has not given consent (de-identification not possible) • A review and appeal process is in place

  22. Independent Oversight A Privacy Commissioner for New Brunswick will • Focus and prioritize privacy • Improve public confidence • Create capacity for education and advice to public and data custodians • Advance the NB eHealth direction • Provides capacity to monitor and enforce compliance

  23. Safeguards The safeguard section of the proposed PHI legislation can be strengthened with more focus on: • Monitoring and measurement of compliance • Adherence to security standards • Mandatory privacy awareness training and education

  24. Concluding Remarks • A collaborative approach to implementation among NB data custodians is required to ensure: • Common interpretation of legislation, and • Standard adherence to privacy principles • Consistent implementation approach • Public trust and confidence • It is important that NB look at and learn from the experiences of other national and international health jurisdictions

  25. Concluding Remarks Data custodians from both the public and the private sector are covered by the same legislation and this will facilitate sharing of information among the “circle of care” Personal Health Information Privacy legislation will strengthen the NB approach to an electronic health record

  26. For more information Andrea Seymour Vice President Health Information & CIO River Valley Health P.O. Box 9000 Fredericton New Brunswick Andrea.Seymour@rvh.nb.ca Tel: 452-5204 Fax: 452-5670

More Related