vanessa halter - nehta - national e-health transition authority - privacy & confidentiality in...
TRANSCRIPT
National E-Health Transition Authority www.nehta.gov.au1
Privacy & Confidentiality in Health:
Digital Records
eMedication Management Conference
15 March 2016
Vanessa Halter, CIPMSenior Privacy and eHealth Compliance Advisor
2 National E-Health Transition Authority www.nehta.gov.au
What does ‘privacy’ mean to you?
Like Love Haha Yay Wow Sad Angry
3 National E-Health Transition Authority www.nehta.gov.au
The potential for sharing health and information is a huge driver to implement eHealth.
However, increased availability does mean increased potential for privacy and
confidentiality breaches.
Previous attendees have raised …
4 National E-Health Transition Authority www.nehta.gov.au
5 National E-Health Transition Authority www.nehta.gov.au
6 National E-Health Transition Authority www.nehta.gov.au
Business case for privacy
Ethical and professional obligations:
Accreditation/registration
Integrity of the health system:
strong privacy will promote confidence in
healthcare services
Reputational damage:
for you and your patients
Legislative obligations: Australian Privacy
Principles
7 National E-Health Transition Authority www.nehta.gov.au
Privacy champion
Knows the business
Knows privacy
Builds privacy into design, policy and process
8 National E-Health Transition Authority www.nehta.gov.au
Collection
Use
StorageDisclosure
Destruction
Assess -> Address -> Monitor
9 National E-Health Transition Authority www.nehta.gov.au
Assess -> Address -> Monitor
• Who can access it?
• Is the information backed up/disaster recovery?
• Is it stored ‘securely’?
• Physical and technical controls
• What are the data breach/incident procedures?
10 National E-Health Transition Authority www.nehta.gov.au
Staff training
Staff can be your biggest asset but potentially your biggest privacy risk…
Training should be about empowering staff to confidently and competently uphold privacy
Training as part of
induction, and ongoing ‘refresher’
Content should be relevant to
the business
Keep a record as part of
employment files
11 National E-Health Transition Authority www.nehta.gov.auApollo 13, n.d. film photograph, viewed 7 March 2016<http://www.ncregister.com/images/uploads/apollo-13.jpg>
12 National E-Health Transition Authority www.nehta.gov.au
Privacy take homes
• Houston
• We
• Have
• A
• Problem
13 National E-Health Transition Authority www.nehta.gov.au
Privacy take homes
• H
• W
• H
• A
• P
andling privacy across entire patient journey
hy you should care: Business Case for privacy
ave a Privacy Champion
ssess > Address > Monitor your privacy risks
rivacy training
14 National E-Health Transition Authority www.nehta.gov.au
1300 901 001
Vanessa Halter, CIPMSenior Privacy and eHealth Compliance [email protected]