You visit an Eastern Health facility for a procedure. During your visit, you are in contact with multiple health care professionals, both directly and indirectly. From the clerk who registers you and the nurse who provides care to the lab technician who processes your specimens and the health information management professional who codes your chart, there are a number of people who must access your personal health information to do their jobs – all in support of providing you with the best care possible.
Personal health information is very sensitive. Some of you may wonder whether your health information is being adequately safeguarded. As a privacy analyst with Eastern Health, I can say that the organization is committed to the protection of privacy, and that we, as employees, take this obligation very seriously.
Eastern Health formed an Access and Privacy Office in 2010, and part of our role is to make sure that we are adhering to provincial privacy legislation and best practices throughout the organization. There are a lot of things we do to promote our commitment to privacy publicly, such our education through signage, posters, news releases, policies, and the information we post on our website.
But, what you may not be aware of are the numerous behind-the-scenes privacy initiatives happening at Eastern Health to make sure that your information is protected. Examples of these initiatives include:
- Eastern Health has an Oath of Confidentiality, which all employees, volunteers, and vendors must sign, as mandated by the Personal Health Information Act.
- The Access and Privacy Office offers physical privacy audits to departments throughout the region, where we meet with the manager and staff to discuss any privacy concerns they may have about their physical space, while assessing privacy risks and issuing recommendations.
- We run audits of our electronic health record systems to ensure that only those who require access to your health record actually access it.
- Eastern Health sends emails to all staff on a bi-weekly basis to remind them of their privacy and confidentiality obligations.
- We present our Privacy Eye (PI) award to individuals or departments on a quarterly basis who have taken a proactive approach to privacy protection.
- We hold a Privacy Awareness Week every September, where we have a number of events like a contest and webinars and distribute new materials throughout our facilities, such as these tent cards.
- Eastern Health completes Privacy Impact Assessments (PIAs) on new projects or initiatives that involve the collection, use, and disclosure of personal information or personal health information. We also do PIAs when there are changes to current projects or initiatives that alter how we use these types of information.
If you have any questions about how your privacy is protected at Eastern Health, I invite you to contact the Access and Privacy Office at (709) 777-8025 or firstname.lastname@example.org. ■
This story was written by Ceara Brenton, a privacy analyst with Eastern Health.