1 privacy and health information debra grant, ph.d. senior health privacy specialist information and...
TRANSCRIPT
1
Privacy and Health Information
Debra Grant, Ph.D.Debra Grant, Ph.D.Senior Health Privacy Specialist
Information and Privacy Commissioner/Ontario
Annual CAMRT ConferencePEI Association of Medical Radiation Technologies
Charlottetown, P.E.I.June 10, 2005
2
Health Privacy is Critical
• The need for privacy has never been greater:
– Extreme sensitivity of personal health information
– Patchwork of rules across the health sector; with some areas in some jurisdictions still unregulated
– Increasing electronic exchanges of health information
– Multiple providers involved in health care of an individual – need to integrate services
– Development of health networks
– Growing emphasis on improved use of technology, including computerized patient records
3
Unique Characteristics of Personal Health Information
• Highly sensitive and personal in nature
• Must be shared immediately and accurately among a range of health care providers for the benefit of the individual’s treatment and care
• Widely used and disclosed for secondary purposes that are seen to be in the public interest (e.g., research, planning, fraud investigation, quality assurance)
4
Privacy Risks:Unauthorized Disclosures
3rd Party Disclosures not authorized by patient may threaten integrity of system
Fear of stigmatization, discrimination, loss of employment opportunities, denial of insurance, denial of housing
California HealthCare Foundation survey: One in six people engage in privacy protective
behaviour to shield themselves from misuse of their information
5
Privacy Protective Behaviours
Multiple doctoring Out of pocket payment Avoiding testing Avoiding treatment Lying or withholding information from providers Asking providers to misrepresent diagnosis in
records Inaccurate and incomplete information less helpful
for primary purposes, such as treatment, and secondary purposes such as research
6
Privacy Defined
Information Privacy: Data Protection
– Freedom of choice; control
– Informational self-determination
– Personal control over the collection, use and disclosure of any recorded information about an identifiable individual
7
What Privacy is Not
Security Privacy
8
• Authentication
• Data Integrity
• Confidentiality
• Non-repudiation
• Privacy; Data Protection
• Fair Information Practices
Privacy and Security: The Difference
Security
9
Fair Information Practices
• Accountability• Identifying Purposes• Consent• Limiting Collection• Limiting Use,
Disclosure, Retention• Accuracy
• Safeguards• Openness• Individual Access• Challenging
Compliance
10
Legislative Context
• Patchwork of privacy laws • Health sector provincially regulated and funded• Provincial public sector legislation (applies to
ministries, hospitals, in some jurisdictions)• Provincial health sector legislation (Alberta,
Saskatchewan, Manitoba, Ontario)• Federal private sector (commercial health sector)• Provincial private sector (Quebec, B.C., Alberta)
11
Canada Privacy Act Canada Personal Information Protection and Electronic Documents Act
BC Freedom of Information and Protection of Privacy Act BC Personal Information Protection Act
Alberta Personal Information Protection ActAlberta Freedom of Information and Protection of Privacy Act Alberta Health Information Act
Sask. Freedom of Information and Protection of Privacy ActSask. Local Authority Freedom of Information and Protection of Privacy Act Sask. Health Information Protection Act
Manitoba Freedom of Information and Protection of Privacy ActManitoba Personal Health Information Act
Ontario Freedom of Information and Protection of Privacy Act Ontario Municipal Freedom of Information and Protection of Privacy Act Ontario Personal Health Information Protection Act
Quebec Act Respecting Access to Documents held by Public Bodies and the Protection of Personal Information Quebec Act Respecting the Protection of Personal Information in the Private Sector
Nunavut Access to Information and Protection of Privacy Act
Northwest Territories Access to Information and Protection of Privacy Act
Yukon Access to Information and Protection of Privacy Act
New Brunswick Right to Information ActNew Brunswick Protection of Personal Information Act
Privacy Legislation in Canada
Nova Scotia Freedom of Information and Protection of Privacy Act Nova Scotia Part XX of the Municipal Government Act
Prince Edward Island Freedom of Information and Protection of Privacy Act
Newfoundland & Labrador Access to Information and Protection of Privacy Act
This map is based on information taken from the Atlas of Canada Web site http://atlas.gc.ca. C 2003. Her Majesty the Queen in Right of Canada with permission of Natural Resources Canada.
12
Impact of Legislationon Practice
• Most jurisdictions do not have privacy legislation that has been/will be declared substantially similar to the federal legislation – more than one statute may apply
• All privacy statutes are based on “fair information practices”
13
FIPsFair Information Practices
1. Accountability• for personal information designate an
individual(s) accountable for compliance
2. Identifying Purposes• purpose of collection must be clear at or
before time of collection
3. Consent• individual has to give consent to collection,
use, disclosure of personal information
14
FIPs (cont’d)
4. Limiting Collection
• collect only information required for the identified purpose; information shall be collected by fair and lawful means
5. Limiting Use, Disclosure, Retention
• consent of individual required for all other purposes
6. Accuracy
• keep information as accurate and up-to-date as necessary for identified purpose
7. Safeguards
• protection and security required, appropriate to the sensitivity of the information
15
8. Openness
• policies and other information about the management of personal information should be readily available
9. Individual Access
• upon request, an individual shall be informed of the existence, use and disclosure of his or her personal information and be given access to that information, be able to challenge its accuracy and completeness and have it amended as appropriate
10. Challenging Compliance
• ability to challenge all practices in accord with the above principles to the accountable body in the organization
FIPs (cont’d)
16
Ontario’s PHIPAPersonal Health Information Protection Act
• Came into force November 1, 2004• Applies to organizations and individuals involved
in the delivery of health care services (including the Ministry of Health)
• The only health sector privacy legislation in Canada based on consent
• Perhaps the only health sector privacy legislation that will be declared substantially similar to the federal legislation
17
Records Management: General Practices
• Must take reasonable steps to ensure accuracy• Must maintain the security of PHI• Must have a contact person to ensure compliance
with legislation, respond to access/correction requests, inquiries and complaints from public
• Must have information practices based on fair information practice and transparent to the public
• Must be responsible for actions of agents – train and educate all staff on privacy and security
18
Issues Raised by Medical Radiation Technologists
• Individuals right of access to personal health information – who should be fulfilling the request
• Analogue images – must share original; custodian may not have custody or control of the image
19
Privacy Issues: EmergingMedical Radiation Technology
• Move from analogue to digital imaging has both benefits and risks
• Digital images do not deteriorate; easier to store and manipulate
• Digital images can be shared electronically
• Digital images are one type of electronic health record – has some of the same advantages and challenges as any other EHR
20
Electronic Health Records (EHR)
Advantages Improve quality and lower cost of health care Quick access to wide range of data Better security through more effective access
controls and audit trails Improve privacy protection by limiting access to
those with a need-to-know (e.g., role based access)
Better data for health system management, enhancing quality of care, and research
21
More about EHRs…
Challenges Facilitates data linkages and data sharing
Unauthorized access is more catastrophic due to volume of records and quantity and quality of data
Multiple users and multiple access points raises accountability issues and increase vulnerability
22
Key Questions about EHRs
Is participation voluntary or compulsory? What data should be entered on EHR? Is data centralized or stored at point of generation? How do you manage consent, particularly when
integrating legacy systems not designed with consent in mind?
What level of security constitutes “reasonable steps”? Who has access to what information and for what
purposes? If data centralized, who has custody and control of
EHR? Who is accountable?
23
Digital Imaging
• Digital imaging is considered to be a key building block for the EHR by CHI – substantial funding investment
• Digital imaging systems enable health care providers to view, manage, distribute and electronically store patients’ test images, MRIs, X-rays, CT scans, PET scans, and medical files from any location connected to the system
• The PACS (picture archiving and communication system) captures, stores and sends images using digital technology
24
Digital Imaging Pilots
• London, Ontario pilot – goal is to share patient information among care providers across 8 hospitals, through a highly secure information network, to provide a seamless continuum of care
• Plan to expand pilot to other hospitals in Southwestern Ontario
• Radiologists and clinicians timely access to virtual imaging across the region will enhance patient care
• Second pilot implemented by the Fraser Health Authority involving 12 regional hospitals in B.C.
• CHI plans to fund two more digital imaging pilot projects
25
Privacy Issues
• Who retains custody and control of the shared archive of images?
• Who decides who has access to what information in the archive and under what circumstance?
• Who checks for privacy breaches?• Under what legislative authority can a custodian
transfer custody and control of the images to a central archive?
• What is the legal status of a central archive? (e.g., agent, custodian, registry, etc)
26
Attitudes of Canadians
• Office of Health and the Information Highway, Health Canada reviewed public opinion polls on the use of information and communications technology in the health sector (2002)
• Review suggests Canadians would welcome expanded role for information and communications technologies in the health sector, provided privacy and autonomy are protected
• 9 in 10 Canadians from all regions of the country support the development of information systems that would make it easier to access and share information
• But, Canadians have serious fears about the erosion of personal privacy and doubts about the security of the Internet
27
Initiatives to Address Privacy Issues
• Harmonization of Privacy Rules
• Standardization of Privacy and Security Architecture for EHRs
28
Advisory Committee on Information and Emerging Technologies (ACIET)
• Dec. 2002, Federal/Provincial/Territorial Deputy Ministers of Health created ACIET
• Mandate to provide policy development and strategic advice on health information issues and emerging health products and technologies
29
ACIET on Privacy
• Privacy one of five initiatives identified for ACIET• Examine how to adequately protect privacy of
personal health information that will be collected/used/disclosed in a EHR system
• Pan-Canadian Personal Health Information Privacy and Confidentiality Framework finalized January 2005 – endorsed by all provinces and territories, except Saskatchewan and Quebec
• Framework loosely based on Ontario’s new Personal Health Information Protection Act
30
Canada Health Infoway (CHI)
• CHI was established in 2000 to foster and accelerate the development and adoption of pan-Canadian interoperable electronic health information systems
• Currently working on an EHR Privacy and Security Conceptual Architecture
31
Ontario’s E-Health Office
• Consent management framework
• Technological privacy principles for PHIPA compliance
• All work is being coordinated with work of CHI
32
Legislation Necessary but Not Sufficient for Privacy Protection
• “The most effective means to counter technology’s erosion of privacy is technology itself.”
Alan Greenspan, Federal Reserve Chairman
• “A technology should reveal no more information than is necessary…it should be built to be the least revealing system possible.”
Dr. Lawrence Lessig, Harvard, September 1999
33
Making Health Privacy Work:What You Can Do
• Think beyond legislation
• Use technology to help protect health information:
– Build privacy right into design specifications
– Minimize collection and routine use of personally identifiable information – use aggregated or coded information if possible
– Use encryption where practicable
– Think about anonymity and pseudonymity
– Conduct privacy impact assessments
34
How to Contact Us
Debra GrantDebra GrantSenior Health Privacy SpecialistInformation & Privacy Commissioner/Ontario2 Bloor Street East, Suite 1400Toronto, Ontario M4W 1A8
Phone: (416) 325-9170Web: www.ipc.on.caE-mail: [email protected]