Are You Drowning in Patient Referrals?

Posted on May 13, 2019 by Jean Eaton in Blog No Comments

Are you drowning in patient referrals?

Playing telephone tag with specialists and patients?

Faxing is old technology, a massive time waster, and can be very costly both financially and emotionally when faxes get lost in the system.

In our Practice Management Nugget Webinars for Your Healthcare Practice series on October 12, 2017, I spoke with Dr. Denis Vincent, Physician Founder of ezReferral. There are many things that you can do right away to improve patient referral management.

Dr. Denis Vincent's #1 Tip to improve the patient referral process:

“Find more effective ways to involve and engage the patient in the referral process.”

The traditional referral workflow is inefficient

Using phone and fax messages from the referring provider to the consulting provider and back to the referring provider and then to the patient takes time. And every time that the message is transferred, there is a risk that the message is not understood or is lost.

So, we have a tendency to create complicated backup systems to double-check and make sure that none of the steps get missed. Many practices have created a ‘referral binder’ monster – the master referral list for the clinic. This binder is full of post-it notes, tags, and phone messages and reminders to help us make sure that the referral appointment is booked, the patient is notified, and the appropriate follow-up takes place.

Even in practices with an electronic medical record (EMR), we use a paper process to ‘make it easier’ to track patient referrals.

But the binder can only be used by one person at a time and only seen by the people in that office. The patient has no idea about the status of their referral so they phone the office regularly to ask for updates.

But wait! We want to make sure that everyone knows what is happening with the referral. We leave phone messages and voice mail and talk to the patient, the specialist, the referring provider to remind, confirm, and follow-up.

Save 60 minutes for each patient referral

Denis Vincent suggests that his family physician office referral coordinator used to spend an average of 75 minutes on each patient referral. That referral cycle can take months just to get to the point where the specialist appoint is confirmed and the patient is notified.

Now, using ezReferral, the entire referral process takes an average of 15 minutes of staff time per patient referral. That is a savings of 60 minutes per referral!

You can do this when you use a synchronous patient referral management system. EzReferral is a secure cloud-based solution that manages the patient referral process with clear real-time communication that the referring provider, specialist provider, and the patient can see at any time.

Multi-disciplinary healthcare team

ezReferral is designed to work with any multi-disciplinary referral pattern in your practice. For example, family physician to specialist physician or any other healthcare provider.

14 days from referral order to confirming appointment. Can you do that?

Starting in January 2017, physicians in Alberta must meet new time frames for acknowledging and responding to referral requests. If you are asked to consult on a patient, you will have:^[1]

7 days to acknowledge receipt of the request to the referring healthcare provider.
14 days to let the referring healthcare provider know whether you can accept the referral.
14 days to contact the patient to schedule an appointment or to confirm the status of the referral, if no appointment date has been determined.
30 days to provide the referring healthcare provider with a written report after your first appointment with the patient.
Consulting physicians will also need to be reasonably available to respond to referral requests and ensure their process is accessible.
Referring physicians will have to make sure they include all pertinent clinical information (including relevant investigation results) and the purpose of the consultation with their request, to enable the consulting physician to determine whether he/she can accept the referral within the mandated 14-day time frame.

([1] College of Physicians and Surgeons of Alberta)

These are good standards to meet for every type of healthcare provider.

You can meet these standards when you use a synchronous patient referral management system. EzReferral is a secure cloud-based solution that manages the patient referral process with clear real-time communication that the referring provider, specialist provider, and the patient can see at any time.

Patient Benefits

Patient Engagement
Patient Satisfaction
Patient Peace of Mind
Better Patient Care

Referrer Benefits

Happier patients
Reduce workload
Eliminate the “black hole”
Satisfied Staff

Specialist Benefits

Reduced workload
Reduce no-shows
Reduce phone calls
Reduce overhead
Audit trail

Testimonial from Edmonton Eyelids

“Our office has been using ezReferral since July 2016. It’s easy to rave about this powerful communication tool – each referral received through this system takes a fraction of the time required through our faxed referral system, due mainly to the fact that most patients choose to receive referral notifications by text and/or email (thereby eliminating the “middle ground” in which some referrals can get lost). What truly sets ezReferral apart from ANY online interface that I have ever used: the support staff is accessible, proactive, and fast.”

Shawna Sazwan
Edmonton Eyelids

Dr. Vincent has implemented ezReferral in his family practice. I have to admit, I’m blown away with his experience that 95% of the patients choose to receive their notifications by text messaging. That’s much better than I anticipated.

This solution is ideal for healthcare practices with referrals within the medical community and even better when you are working with multidisciplinary referral teams. This works well for both paper based and electronic medical record based practices.

Watch the webinar replay now to see how you can save time, money, while improving the patients’ access to health care in a timely, efficient manner. You will also discover the key steps and timelines to prepare for implementation in your practice.

Practice Management Nugget webinar interview with Denis Vincent was recorded live on October 12, 2017.

Watch the Webinar

If you are a member of Practice Management Success, login here and view the webinar replay and access the members-only resources.

#PracticeManagementNuggets, Dr. Denis Vincent, ez Referral, ezReferral, fax, health care, healthcare, medical, patient referral management, practice management, review ezReferral

International Receptionist Day is just one day, but recognition of this important role should occur all year

Posted on May 8, 2019 by Jean Eaton in Blog, Guest Post No Comments

A Guest Post by Nelson Scott

It seems at times that receptionists “don’t get no respect,” to paraphrase the late comedian Roger Dangerfield.

To some eyes, the job just consists of answering the phone, directing visitors to “have a seat” while waiting for their appointments, and maybe a few other tasks.

This is why the second Wednesday of May each year is designated as International Receptionists Day (IRD). According to information on the website www.internationalreceptionistsday.com, the purpose of IRD is to “foster a recognition of the importance of a receptionist's role.”

Being a receptionist is about much more than dealing with telephone calls or offering visitors coffee while they wait. Receptionists are often the first people visitors and callers encounter, and as such are the people who create initial impressions of the organization.

First Impressions Matter

Outsiders form an opinion of the organization on what the receptionist does and says. Receptionists are the face of the organization to the world.

If that first impression is negative, it will take several positive experiences to overcome that perception.

Some organizations get this. Rather than relying on the generic title “receptionist,” one company designated the person in this position as the “Manager of First Impressions.”

Recognition All Year

Hopefully, the focus on the contributions of receptionists will continue beyond this single day. The danger of designated days that pop up on the calendar throughout the year is that they create the impression that having acknowledged the contributions of receptionists, administrative professionals (fourth Wednesday in April) or teachers (October 5) on their designated day, we can check “recognize the receptionist” off our to-do list for another year and move on.

Bob Nelson, who initiated Employee Appreciation Day (first Friday in March) in 1994, shortly after publication of his book 1001 Ways to Reward Employees, described the concept of a designated day to recognize staff as “silly” in a 2015 article in Business Insider.

“I’m a big advocate of using recognition on a daily basis,” he is quoted as saying. “But I did want to have one day where we could call attention to the topic and have conversations about its importance.”

Designated dates are reminders that recognition is important and they create focus on specific positions.

The 3-F Approach

When looking for ways to mark IRD and other designated days, organizations frequently default to what I describe as the “3-F” approach: Food, Flowers and Fudge (and other Fattening treats). While there’s nothing wrong with expressing appreciation by taking receptionists to lunch, bringing them flowers or leaving a box of chocolates on their desks, I challenge you to be more creative when planning to celebrate your receptionist(s).

Make it Personal

Here are a few ideas to kick-start your creativity (you can likely come up with better ideas):

Leave a note of appreciation on the receptionist’s desk, where it will be the first thing that person sees in the morning.
Receptionists often bring coffee and tea to visitors while they wait. Turn things around by delivering a drink purchased from the receptionist’s favourite coffee shop to his/her desk.
Invite other staff to answer the question, “How does our receptionist support your work?” Have them write their responses in a card or a poster-sized sheet of paper which will be presented to the receptionist. Remind the staff that the more Explicit the description of the contribution, the greater the impact of their words.
Is there a job title that better captures the value that these individuals contribute to your organization? Ask other staff to devise titles, such as “Manager of First Impressions” that describe the essence of what receptionists do.

Recognizing receptionists—and all other staff members—is a good place to begin, but recognition should be ongoing. Recognition is a task that should never disappear from our to-do lists.

Nelson Scott

Nelson Scott – Guest Author

Nelson Scott is an Edmonton-based speaker, trainer and author who provides tools, tips and techniques to enable managers and supervisors to hire, engage and retain the right people. For more tips and articles about hiring and recognizing staff, subscribe to his newsletter Briefly Noted.

Contact Nelson here or Visit the website www.greatstaffrecognition.com or

Connect on LinkedIn or Twitter @NelsonScott_

Want to learn more from Nelson?

Sign up for his newsletter, Briefly Noted,

for more tips on how to improve your employee recognition

Yes, please send me the newsletter!

Admin Assistant Day, GREAT staff recognition, International Receptionist Day, Nelson Scott, Secretaries Day

Privacy Awareness Week 2019

Posted on May 7, 2019 by Jean Eaton in Blog No Comments

Privacy Awareness Week (PAW), an initiative of the Asia Pacific Privacy Authorities forum (APPA), is held every year to promote awareness of privacy issues and the importance of protecting personal information. This year, Privacy Awareness Week is celebrated May 6-10, 2019.

Protect Your Organization and Your Patients

Equip your staff with the information they need to confidently and correctly handle personal health information.

Healthcare businesses need privacy awareness training to support key policies, procedures and risk management programs need a privacy awareness training program.

Reasonable Safeguards

As an employer and health care provider, you are responsible to provide training to all of your employees about privacy awareness.

If you don’t provide the training, or if the employees don’t understand the policies and there is a privacy breach, then the healthcare provider is more likely to be held accountable under the legislation and face penalties including fines and even prison!

Patients value the privacy and security of their information.

Healthcare providers and clinic managers value privacy and security, and they value not having adverse results as a lack of compliance or patient safety issues.

Privacy Awareness Quiz

Patients trust their healthcare providers with their sensitive, personal, and financial information.

If patients don’t feel that the healthcare provider will keep their information confidential and secure, patients may choose not to share their information which may impact their healthcare and treatment.

When we are privacy aware, we can better respond to patients’ questions and build their trust in the quality of services that we provide.

Avoid Fines

On August 31, 2018, amendments to the Health Information Act (HIA) came into force that introduce a fine of not less than $200,000 for a person who fails to take reasonable steps in accordance with HIA regulations to maintain safeguards to protect against reasonably anticipated threats to the security of health information (sections 107(1.1)(a) and 107(7)).

SAY NO TO SNOOPING! If an individual affiliate knowingly breaches the privacy and security of health information, and the custodian can demonstrate that reasonable safeguards (including privacy awareness training) were in place, the individual affiliate can be charged under the Health Information Act. Fines of up to $50,000 per may be applied to the individual in addition to other sanctions from their employers and/or their professional regulatory colleges where applicable. (HIA s.107)

What Will You Do To Be More #PrivacyAware?

Join Information Managers for Privacy Awareness Week! May 6-10, 2019. #PrivacyMatters!

Information Managers would like to spread the message of #PrivacyMatters to raise privacy awareness in healthcare everyday.

Share these free resources in your healthcare practice to keep privacy top-of-mind and demonstrate your commitment to privacy awareness!

Download Your Privacy Awareness Quiz!

Common scenarios in healthcare.

Grab Your Quiz

I Heart Privacy! #PrivacyMatters

Print badges for your team.

Or, use the done-for-you sheet of labels that you can print right away and slip into badge holders or print to stickers or labels.

You can even customize the labels and add your business name!

Instant Download Here

Download Your Monthly Privacy and Security Awareness Audit Template

Grab Your Free Privacy and Security Monthly Audit Template

Privacy Awareness in Healthcare: Essentials

Grab this from Corridor Interactive!

Special Privacy Awareness Week Pricing!

Hurry! Expires soon!

Grab Your Privacy Awareness Training

#PrivacyMatters, health, healthcare, privacy awareness, training

How Will Netcare Patient Portal Impact Your Healthcare Practice?

Posted on April 3, 2019 by Jean Eaton in Blog

⇓ ⇓ Click the >> arrow button to play the video!

It's Here!

After many long years of waiting, residents of Alberta can now access their personal immunization history, medication history, lab test results, and more in their own MyHealth Records – the patient portal view of Alberta Netcare.

Watch the short video above for my quick review of MyHealth Records.

Alberta Netcare has announced the next step to grant patients access to their own record in Alberta Netcare Portal (ANP).

MyHealth Records

The Alberta Netcare website says that MyHealth Records is a Personal Health Record for Albertans to access some of their health information, such as lab results, medications, and immunizations drawn from Alberta Netcare.

MyHealth Records also provides access to several health and wellness tools to help track and maintain overall health. (See the complete list of features here.

Alberta Health has announced that the first step for patients to access thier own records is to request your MyAlberta Digital ID (MADI) which will eventually act as your login credentials to the ANP.

If you have not already registered for MADI access you may do so here: MyAlberta Digital ID.

You will see 2 options – one for a basic account and one for a verified account. Select the verified account.

You will receive a personal identification number (PIN) in the mail.

When you have a verified account, you can go to your MyAlberta Digital ID account and add a new MyHealth Records access.

You can do this now – no need to wait!

You will (probably) have access to medications dispensed by pharmacists and lab and diagnostic imaging tests results for the last 18 months. Remember, not all test results are available.

You can now also add your own journal entries for your weight, food diary, exercise diary and other tools to help you manage your health.

This is a patient portal into your health information maintained by Alberta Health Services and Alberta Netcare.

The original or ‘source’ data continues to be securely managed in the service providers’ originating electronic systems. The originating systems and their custodians are required to keep the records for the entire records retention period; generally 10 years.

The information in the MyHealth Records portal may only be available to you for 18 months to 2 years. If you choose to add information to your account, I believe that information will be maintained for a limited time (for example, 2 years).

Patient portal

Patient Portals Can Reduce Barriers

The use of a patient portal can reduce barriers for patients to access their own records. Other benefits to patient portals may include:

Increased empowerment to patients who can access their own results in a timely fashion
Better communication with patients
Fewer access requests (and increased administration efficiencies)
Fewer missed appointments (and increased access to care)

How Will Patient Portals Affect Your Healthcare Practice?

Will you tell your patients that they can access some of their lab results themselves directly from MyHealth Records?

Let me know your experiences with patient portals and your questions. I really would like to know your thoughts on how portals may impact your healthcare practice.

#digitalhealth, Alberta Netcare Portal, ANP, benefits, health, healthcare, MyHealth Records, Netcare, Patient portals

Does Your Healthcare Practice Need an Information Manager Agreement For Your Shredding Service?

Posted on April 1, 2019 by Jean Eaton in Blog

Q: We are selecting a vendor to look after our shredding. Do we need an information management agreement (IMA)?

A: Yes, you need an information manager agreement (IMA) with your shredding vendor.

Think about all the health information that you have authorized them to manage on your behalf. You certainly want to select a reputable vendor who will pick up the paper and securely transport it to their facility for secure shredding.

The Health Information Act (HIA) allows custodians to contract with other health service providers and vendors for the purposes of providing information management or information technology services, like shredding. This requires the custodian to give the vendor access to the papers with health information so that the vendor can securely destroy the paper.

The shredding vendor is known under the HIA as an information manager.

The custodian must ensure that the vendor has reasonable safeguards in place to protect the sensitive health information. The custodians must also ensure that there is a written agreement between the custodian and the information manager. These agreements are known as “Information Manager Agreements.” This requirement is stated in the HIA section 66(2).

There are many reputable vendors from which to choose

Some vendors will do the shredding right in your parking lot; others will transport it to their processing facility.

Remember to ask for a certificate of destruction at the completion of the shredding to document the secure destruction of the paper. Some vendors require a witness from the clinic to confirm that the shredding was done securely.

Some vendors can offer a recycling program for the paper after it has been securely shredded.

Ask your shredding vendor for an IMA. This is different than a service agreement where you agree to pay a fee for the shredding service.

For more information on what is an IMA, see the e-book, Top 3 Agreements Your Healthcare Practice MUST Have (and Why).

health, healthcare, information management agreement, information manager agreement, shredding

Fax Received in Error – Is this a Notifiable Privacy Breach?|

Posted on March 28, 2019 by Jean Eaton in Blog

Has this ever happened to you?

You are a clinic manager in a healthcare practice. One day, you receive a phone from a healthcare provider in another clinic.

They have received a fax with patients’ health information from someone in your clinic. But the fax is not addressed to them – they received it in error.

Is this a mandatory notifiable privacy breach under Alberta’s new Health Information Act (HIA) regulations?

Part A: Circumstances Where Notification Is Required

There are 5 triggers under the Alberta Health Information Act (HIA) that require mandatory privacy breach notification to the Office of the Information and Privacy Commissioner (OIPC) and the Alberta Minister of Health and the individual(s) affected in the breach.

In this scenario, the receiving custodian accessed health information for an individual who was not his patient. Clearly, there is a reasonable basis to believe that the information has been accessed (read) by a person (section 8.1(1)(a) of the Health Information Regulation.)

However, the sending custodian had no reason to believe that the information would be misused.

Fax Sending Receiving Error

Part B: Circumstances Where Notification Is Not Required

The sending custodian assessed the circumstances of the breach and concluded (as per section 8.1(1)(i) of the Health Information Regulation) that the receiving custodian:

Accessed the health information in a manner consistent with his role as a health services provider and did not do it for an improper purpose.
Is subject to confidentiality policies and procedures that meet the requirements of section 60 of the Act.
Did not use or disclose the information beyond determining that he received it in error.

The sending custodian assessed that the risk is appropriately mitigated and this privacy breach incident did not trigger mandatory notification requirements.

Next Steps

The sending custodian must record the privacy breach in their business records. (I suggest that you use an internal privacy breach reporting form and spreadsheet. You can access these templates in the 4 Step Response Plan.) Remember to include your determination that you do not need to report this breach and the reasons that support your decision.

We know that faxes are a frequent source of privacy breach incidents. What can you do in your practice to reduce the risk of faxes in error?

Practice Management Nuggets Podcast

This topic is included in our Practice Management Nuggets podcast! Be sure to tune in to the podcast episode Fax Received in Error – Is this a Notifiable Privacy Breach? | Episode #067 .

Listen to the Podcast

My Favorite Takeaways From the Podcast

Understand the mandatory privacy breach notification triggers and the circumstances where notification is not required.
Record your privacy breaches – even the ones that do not trigger mandatory privacy breach notification.
Review and improve your fax procedures. We know that this continues to be a frequent source of breaches. What can you do to better manage this known risk?

If you are a member of Practice Management Success, login here and view the webinar replay.

#PracticeManagementNuggets, clinic, fax, healthfare, mandatory privacy breach notification, medical, podcast, privacy breach

Preventing a Privacy Breach Is Less Expensive Than Managing A Privacy Breach!

Posted on March 4, 2019 by Jean Eaton in Blog

Do you have a privacy breach awareness program in place in your healthcare practice? Spotting a privacy breach is the first step to stopping a privacy breach. You Can Use This Privacy Breach Example to Review and Improve Your Practices.

In May 2018 an employee of the NWT was travelling on business in Ottawa.

The employee left the laptop in a locked vehicle. The laptop was stolen. The employee thought that the laptop had been encrypted; however, in the investigation it was determined that the laptop was not encrypted.

Loss of Control of Health Information

The employee had authorized access to the health information to perform statistical analysis for their job. The employee thought that the laptop was encrypted and that it had a secure password.

Later, when the theft was reported to the NWT Health Department and an internal investigation was conducted, it was determined that the laptop had not been encrypted.

There was a large amount of data on the laptop – an estimated 80% of the NWT's population might be affected by the breach.

Apparently, the laptop has not been recovered.

In 2018, the NWT Privacy Commissioner reported the investigation.

In February 2019, the investigation about the incident is still being reported in the media! The NWT Health Department has provided reams of information about the information that was included in the breach.

This breach was entirely preventable.

Keep this story in mind when you are trying to determine the return on investment to purchase a robust privacy and security management plan for your mobile devices and remote access to health information.

You can pay a little more now and ensure that your devices are securely encrypted with secure access and remote-wipe abilities and privacy awareness training . . . or you can pay over and over again for an investigation and bad publicity that never ends!

Privacy Breaches – What You Need to Know

Preventing a privacy breach from common sources of risk is usually far more cost effective than managing the privacy breach investigation!
Password protection of your laptop, smart phone, or USB device is NOT the same as encryption. Make sure that your mobile devices are encrypted. If you are not sure, find out from a reputable certified IT technician.

When we know better, we can do better…

I’ve helped hundreds of healthcare practices prevent privacy breach pain like this. If you would like to discuss how I can help your practice, just send me an email. I am here to help you.

Jean L. Eaton, Your Practical Privacy Coach

References and Resources

N.W.T. employee dug through planters, trash to find stolen laptop, weeks after privacy training. Priscilla Hwang · CBC News · Posted: Feb 26, 2019 https://www.cbc.ca/news/canada/north/stolen-laptop-nwt-security-details-ottawa-1.5024775

#PrivacyBreach, encryption, Prevent privacy breach, stolen laptop

Are You Prepared For Patient Centered Care in Your Clinic?

Posted on February 21, 2019 by Jean Eaton in Blog

Do you have patients who come to your clinic once–and never return again?

Can’t remember the last time you did a patient satisfaction survey?

Do your patients complain about waiting too long, or not receiving the customer services that they expect?

Have your patients posted a complaint about your clinic on social media?

Do your staff ask you for training on how to empathize with difficult patients and their families?

Practice Management Nuggets Podcast

Brian Lee, CEO of Everyone's a Caregiver Learning Systems is my guest expert on Practice Management Nugget Podcast for Your Healthcare Practice. Brian Lee, CSP, is one of North America’s leading experts in the field of World-Class patient experience, staff engagement and culture change.

Brian Lee discussed options for the healthcare provider and business owner to easily deliver training to your healthcare team so that you can improve patient satisfaction and patient centered care in your clinic.

My favorite takeaways from the podcast

In the patient centered clinic, everything that we see and do needs to meet the patient’s expectation or we need to manage those expectations.
When you improve employee morale, you improve the patient experience, too.
Most healthcare providers and support teams never receive education about healthcare customer service skills.

The return on investment of patient experience education, empowering providers and staff to deliver an enhanced, timely, patient experience, is pretty dramatic. When you are prepared for patient centered care in your clinic, you will improve patient satisfaction, and save time and money in your healthcare practice.

Be sure to tune in to my interview with Brian Lee on How Improved Patient Satisfaction Saves You Time And Money | Episode #074

Then, click here to get the free sample modules of the new Patient Centered Clinic: the unique on-line education to help you empower providers and staff to deliver an enhanced, timely, patient experience!

If you are a member of Practice Management Success, login here and view the webinar replay.

Listen to the Podcast

#PracticeManagementNuggets, Patient centered, patient centered care in Canada, patient centered care in community healthcare practices, Patient centered care in your clinic, patient centered clinic, patient centred clinic, patient-centered medical home, patient-centred, podcast

Curiosity Is NOT Need-To-Know

Posted on February 18, 2019 by Jean Eaton in Blog

I am often asked if it is ‘OK’ to look up patients information on Netcare when the patient hasn’t been seen for some time and the care provider wants to know how they are doing.

Let me be clear: If you are not currently providing a health service to the patient in a current episode of care, you must not look up that patient’s information on Netcare or any other EMR or paper system.

The patient has a right to privacy – which means don’t look unless you have a need to know.

Curiosity is not a legitimate need to know. That is snooping!

You Can Use This Privacy Breach Example to Review and Improve Your Practices

Pro-active Auditing Reveals Snooping in Sask eHealth

What Happened

On April 6, 2018, a highway collision occurred involving the hockey team Humboldt Broncos which left 16 dead and 13 injured.

The trustee of the Saskatchewan Electronic Health Record Viewer, eHealth, pro-actively audited their electronic health record system to identify potential unauthorized use of the system by authorized users.

eHealth detected that two physicians and an administrator at the Humboldt Clinic Limited inappropriately accessed the personal health information of two individuals involved in a collision involving the Humboldt Broncos.

The auditing revealed that there were many instances where access was made between April 7 and April 10 to the records of two patients. The records belonged to two individuals who died in the crash on April 6.

The physicians had provided care to the individuals in January of 2018 but were not involved in providing care to them on or about April 6. The physicians’ access was prompted because of their ‘concern’ for the individuals.

[click_to_tweet tweet=”Curiosity is NOT need-to-know! The patient has a right to privacy – which means don’t look unless you have a need to know to provide a current health service to the patient. @InfomanLtd #PrivacyBreach #Privacy #PrivacyBreachNugget” quote=”Curiosity is NOT need-to-know! “]

Clearly, these users of the Viewer were not currently providing care and treatment to the patients.

The access of the Viewer in this example not a legitimate need-to-know under Saskatchewan’s The Health Information Protection Act (HIPA).

eHealth reported these privacy breaches to the Information and Privacy Commissioner (IPC) of Saskatchewan.

4 Step Response Plan

The trustee, eHealth, undertook the first step to respond to a privacy breach by spotting and stopping the breach. The audit identified the breach. Then eHealth contained the breach by suspending or terminating access to the Viewer.

Secondly, eHealth appropriately notified the individuals’ next of kin of the privacy breach.

The third step is to investigate the breach. eHealth notified the IPC of the breach. The clinic, however, did not investigate the cause of the privacy beach.

Preventing a similar breach is the fourth step. The clinic has privacy policies and a privacy training strategy. The eHealth Viewer also has online training for its users.

IPC Recommendations

Subsequent to its investigation, the Saskatchewan IPC observed that the training had not prevented this breach.

The IPA recommended that the clinic provide further training to its employees and contractors on the need-to-know principle. Additionally, the clinic is recommended to document the privacy breaches and the lessons learned to prevent a similar privacy breach.

Reference: Saskatchewan IPC Investigation Report 177-2018, January 29, 2019

Privacy Breach Nuggets You Need to Know

There are many privacy breaches in the news each day. The more you know about the breaches and how they can affect you allows you to be more proactive to prevent privacy breach pain.

Privacy education is more than just having policies and procedures. Demonstrating good practices, regular discussion about examples, and even gamification helps to ensure that all members of your healthcare team understand their roles and responsibilities.

If you need to start or update your privacy breach management program, check out the 4 Step Response Plan; Prevent Privacy Breach Pain.

“When we know better, we can do better”

I’ve helped hundreds of healthcare practices prevent privacy breach pain like this. If you would like to discuss how I can help your practice, just send me an email. I am here to help you.

Jean L. Eaton, Your Practical Privacy Coach

#digitalhealth, clinic, healthcare, HIPA, Humboldt, medical, privacy breach, privacy breach nugget

Plan a Mental Health And Safety Program For Your Staff

Posted on January 29, 2019 by Jean Eaton in Blog

Are you a clinic manager? Do you need to mental health and safety program for your staff, but you feel like expensive, boring, consultants are conspiring against you and sabotaging your success?

Do you have questions about workplace mental health or maybe you need some tools to help you?

Well, look no further because Robert Manolson will give you awesome free resources and tips that you need to plan a mental health safety program without you having to become a mental health expert. Best of all, these goodies will put you on the fast-track to workplace mental health success right now.

In Practice Management Nuggets Podcasts for Your Healthcare Practice, I interviewed Robert Manolson, of Powerful Play Experiences, on how any clinic manager can plan a mental health and safety program for your staff! You can listen to the podcast here:

Positive Workplace Mental Health | Episode #049

In this Practice Management Nugget Podcast for Your Healthcare Practice, Robert Manolson, Mental Health Champion and creator of Powerful Play Experiences will:

discuss why workplace mental health is important
introduce us to The National Standard For Psychological Health and Safety in The Workplace (Canadian Mental Health Commission )
share his first-hand experiences from the Psychological Health and Safety Advisor Training program
share totally amazing, free resources available to initiate a well thought out and organized plan to address mental health in your workplace.

Learn How To Initiate Positive Workplace Mental Health

Regardless of how you choose to use these workplace mental health ideas, don't just sit on this new knowledge and forget about it. Put it to good use so you can mental health and safety program for your staff, which is really what every leader wants, right?

As Robert Manolson says, “Start today! And lead the way!”

#BellLetsTalk, #PracticeManagementNuggets, Powerful Play Experiences, Psychological Health and Safety Advisor, Robert Manolson, Workplace Mental Health

1 2 3 ›»