Download presentation
Presentation is loading. Please wait.
Published byJimmy Thomasson Modified over 9 years ago
1
Brave New World: Understanding and Managing Privacy Programs in an E-Health World e-Health Conference 2013: Accelerating Change May 28, 2013, 11.30 a.m. Presented by: Robin Gould Soil, CPO, University Health Network
2
2 | Confidential—not for public distribution Presenter: Robin Gould-Soil, CPO, University Health Network Relationships with commercial interests: Nothing to disclose Presenter Disclosure
3
3 | Confidential—not for public distribution ConnectingGTA is delivering a regional electronic health record that will make patient information available at the point- of-care to improve the patient and clinician experience 6 Local Health Integration Networks 750+ Health Care Organizations 6,267 Family Physicians 6,930 Physician Specialists 49,905 Nurses All sectors of care: Acute Care Community Support Services Complex Continuing Care Long Term Care Mental Health & Addictions Primary Care Rehabilitation
4
4 | Confidential—not for public distribution ConnectingGTA is providing three foundational components to support Ontario’s eHealth Blueprint IDENTIFY & COLLECT information (CDR) Provide ACCESS to information (e.g. Provider Portal) Provide ability to EXCHANGE information (HIAL) Information to be shared seamlessly & securely Clinicians with point of care access Robust, scalable & reusable platform Infrastructure & services that can support or be leveraged Increase collaboration among clinicians & organizations Respect standards in terms of privacy, stewardship of information, security
5
5 | Confidential—not for public distribution Assure individuals that organizations manage personal health information in a manner that is consistent with its public commitments and legislative responsibilities How does privacy support the delivery of an EHR A privacy program should: Help support the clinician workflow and improve the patient experience Help mitigate privacy risks to an organization Further demonstrate due diligence Support existing best practices Identify weaknesses in information management practices
6
6 | Confidential—not for public distribution Considerations Allow for the collection, use and disclosure of large amounts of health information from diverse sources Health care providers do not have sole custody or control of health information in a shared system Health care providers have different processes for implementing patient consent models Risks Increases the risk of health care providers using or disclosing health information for unauthorized purposes May attract hackers and others with malicious intent Easier to remove health information from a secure location and to transfer it to an unsecure device Privacy Considerations and Risks of an EHR
7
7 | Confidential—not for public distribution Make it patient & clinician focused Set and manage expectations Establish service standards Track success Approach for Developing Policies
8
8 | Confidential—not for public distribution Governance Committees Privacy and Security Policies, Procedures, and Standards Technology Planning of Program Advising Monitoring & Reporting Auditing Operational Processes Activities to Manage ConnectingGTA Privacy Program Support for Privacy rights Consent Mgmt. Privacy Auditing & Review Security Monitoring & Auditing System Dev Lifecycle Access Control P&S Breach Mgmt Identity Mgmt Vulnerability Mgmt Activities to Meet Operational Obligations CommunicationsSupportTraining People Makes Decisions About Defines & Guides Governance Committees Privacy and Security Policies, Procedures, and Standards Technology Planning of Program Advising Auditing Operational Processes Activities to Manage ConnectingGTA Privacy Program System Dev Lifecycle Access Control Identity Mgmt Vulnerability Mgmt Activities to Meet Operational Obligations CommunicationsSupportTraining People Makes Decisions About Defines & Guides Monitoring & Reporting Consent Mgmt. Privacy Auditing & Review Security Monitoring & Auditing P&S Breach Mgmt Support for Privacy rights
9
9 | Confidential—not for public distribution No two organizations are the same Be prepared to change Agree on common terminology Bring privacy into the design of the system Separate the policy from the standards Policies and standards should focus on patient’s perspective Ensure privacy is embed into the clinical and patient processes Align participant's privacy programs Test and Learn Lessons Learned
10
Thank you! Visit ConnectingGTA at: www.ehealthontario.cawww.ehealthontario.ca Email the team at: ConnectingGTA@uhn.caConnectingGTA@uhn.ca
Similar presentations
© 2024 SlidePlayer.com. Inc.
All rights reserved.