Privacy Flashcards
Information privacy
the client’s right to control how his/her personal health
information is collected, used and disclosed
Security
refers to the processes and
tools that ensure confidentiality of information.
(QOCIPA) Quality of Care Information Protection Act,
2016
provides broad
protection to quality of care information
purpose is to promote open discussion of adverse events, peer review activities and quality of care information, while protecting this information from being used in litigation or accessed by clients
Personal Health Information Protection Act, 2004
PHIPA
health care information privacy
in Ontario.
sets consistent rules for the management of personal health information and outlines the client’s rights regarding his/her personal health information.
Personal Health Information (PHI)
any identifying information about an individual in oral or recorded form, as it relates to their physical or mental health, their family, donations of body parts or substances, their health number, or an individual’s substitute decision-maker
Health Information Custodians (HIC)
health professionals, pharmacies, hospitals, etc.
can collect, use, and disclose PHI.
Agents of Custodians
individuals that are authorized by a custodian, acts for, or on behalf of, the custodian
Providers
e.g., software/hardware vendors, network providers, etc.
can only use information as necessary in the course of providing services
(!) must not disclose PHI
except for the purpose of enabling a health information custodian to use electronic means to collect, use, modify, disclose, retain or dispose of personal health information
what includes consent for the collection, use, and disclosure of PHI includes:
*Before the release of PHI, consent must be acquired.
informed consent of the individual, not obtained through deception or coercion,
consent may be expressed or implied,
clearly worded consent forms that are understandable and concise
*HICs and their agents may consider that they have implied consent when disclosing PHI to other custodians for the purpose of providing healthcare to the individual
Office of Information and Privacy Commissioner Rights
to investigate, enter, and inspect the premises and access PHI in order to respond to complaints
to investigate if the Commissioner has reasonable evidence to believe that an individual has or is about to contravene the Act
Circle of Care (6)
health information custodian may only “assume an individual’s implied consent to collect, use or disclose personal health information if all of the following six (6) conditions are satisfied