Scribd
Upload
49 views9 pages

Privacy

The document outlines best practices for privacy policies and procedures at an organization regarding personal health information (PHI). It discusses the Personal Health Information Protection Act and Personal Information Protection and Electronic Documents Act, which establish rules for collecting, using, and disclosing PHI. The document defines health information custodians, PHI, and the physical, administrative, and technological safeguards implemented to protect confidential information.

Uploaded by

api-382689726
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
49 views9 pages

Privacy

The document outlines best practices for privacy policies and procedures at an organization regarding personal health information (PHI). It discusses the Personal Health Information Protection Act and Personal Information Protection and Electronic Documents Act, which establish rules for collecting, using, and disclosing PHI. The document defines health information custodians, PHI, and the physical, administrative, and technological safeguards implemented to protect confidential information.

Uploaded by

api-382689726
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 9

Privacy Project

BEST PRACTICES DOCUMENT


Purpose
• The purpose of this document is to provide Best Practices that are in
place at the RCC regarding privacy polices and procedures.
• It describes safeguards and measures taken to protect Personal
Health Information (PHI).
Personal Health Information Protection Act
(PHIPA)
• PHIPA came into effect November 1st, 2004.
• Establishes and defines a set of rules regarding; the collection, use
and disclosure of PHI.
• It applies to all Health Information Custodians (HICs) operating within
the province of Ontario and to individuals and organizations that
receive PHI from HICs.
Personal Information Protection and
Electronic Documents Act (PIPEDA)
• PIPEDA came into effect January 1st, 2004.
• It is a federal legislation created to support and promote electronic
commerce by protecting personal information.
• It governs a set of rules regarding the collection, use and disclosure of
personal information.
Health Information Custodians (HIC)
• A HIC is a person or an organization that delivers health care services
where they collect, use or disclose PHI, as defined in PHIPA.
• They must take reasonable steps to ensure that PHI in their custody
or control is protected.
Personal Health Information (PHI)
• Refers to identifying information in oral, written or recorded form
about an individual that relates to their physical or mental health and
demographics.
• i.e. health card number, medical history, imaging and any other information
that is collected to identify an individual.
Safeguards
• Safeguards are implemented to ensure the protection of confidential
information.
• There are 3 methods of protection:
• Physical (such as locked filing cabinets, security camera, numbered rooms and
offices, restricted access to office and alarm system.)
• Administrative (such as policies, training, criminal record check,
confidentiality agreements and non-disclosure agreements for visitors.)
• Technological (such as password protected computers, user ids, firewalls,
encryption, data backup and storage and audits.)
A quick look….
Thank you!

You might also like