Data Privacy Day 2024 Events and Resources For You!

Data Privacy Day 2024 Events and Resources For You!

Data Privacy Day 2024 Events and Resources for You!

Data Privacy Day is an internationally recognized day dedicated to creating awareness about the importance of privacy and protecting personal information.

That means a lot to me and I think it means a lot to you, too. I think it is important that we give our patients and clients the gift of privacy. And that we have the right tools and resources for our employees to make good privacy and security decisions in our businesses.

Information Managers Ltd. is a Data Privacy Champion!

Data Privacy Week Champion badge 2024
As a DPD Champion, Information Managers recognizes and supports the principle that organizations, businesses, and government all share the responsibility to be conscientious stewards of data by respecting privacy, safeguarding data, and enabling trust.
Each of us is responsible to manage our name and our identity. When you share your personal information, you have the right and responsibility to ask the person or business why they need the information and how they will protect your personal information.
Jean L. Eaton

Your Practical Privacy Coach, Information Managers Ltd.

Data Privacy Day Pop-Up Privacy Chats on

LinkedIn Live

Friday, January 26, 2024

 

 

Data Privacy Day 2024 Champion bdge

🔒 Join Us for Privacy Chat Pop-Up on LinkedIn Live Event! 🔒

In celebration of Data Privacy Day, we invite you to an engaging and insightful Privacy Chat Pop-Up on LinkedIn Live. Mark your calendars for Friday, January 26, 2024, as we bring together experts to share valuable insights and practical tips for safeguarding personal information and enhancing privacy practices in your small business.

🗣 Event Highlights:

Friday, January 26, 2024 0900-1600

Pop in for 15 minute segments throughout the day!

Add your comments and join the conversation!

Free to attend!

🎙 Live on LinkedIn:

Visit our Information Managers business page on LinkedIn to catch the privacy chats live or enjoy replays at your convenience!

https://www.linkedin.com/company/information-managers-ca/

 

👥 Guest Speakers:

 

💡 Agenda:

  • Privacy vs Confidentiality
  • Cross Border Data Transfers
  • Know Your Data
  • Website Privacy Statements
  • Emerging Privacy Legislation
  • Tips to Select Your Canadian Practice Management Software
  • Privacy Tips for Parents
  • 6 Steps To Small Business Privacy Compliance
  • Plan Privacy Awareness Education for Your Team

 

🤝 Why Attend?

  • Gain practical privacy tips for immediate implementation
  • Equip your business with the right tools for privacy and security decisions
  • Elevate awareness about the importance of data privacy in your professional community

 

Data privacy is not just a buzzword; it’s a commitment to ensuring the security of personal information. Together, let’s empower ourselves, our clients, and our employees to make informed decisions in the realm of privacy.

 

🔗 Event Link:

 https://www.linkedin.com/company/information-managers-ca/

Sign into your LinkedIn account

Navigate to Information Managers Ltd page

Select the Pop-Up Chat to Join us Live!

📅 Save the Date and Let’s Chat Privacy!

 

#DataPrivacyWeek #PrivacyChat #SmallBusinessPrivacy #DataPrivacyDay #LinkedInLiveEvent #Healthcare #medical #dental #therapists

Data Privacy Day Resources

5 Steps To Prevent Employee Snooping

SAY NO TO SNOOPING!

If an individual affiliate knowingly breaches the privacy and security of health information, and the custodian can demonstrate that reasonable safeguards (including privacy awareness training) were in place, the individual affiliate can be charged under the Health Information Act. Fines of up to $50,000 may be applied to the individual, in addition to other sanctions from their employers and/or their professional regulatory colleges where applicable (HIA s.107).

What Is Snooping?

Looking at someone’s personal information without having an authorized purpose to access that information to do your job is known as ‘snooping’.

Even when you are “just looking” at personal information but don’t share that information with anyone else, this is still a privacy breach.

It is illegal.

Snooping incidents are on the rise and can cost you time, money, heartache, and headache in your practice.

When there is an offence under the privacy legislation like the Health Information Act, there may be an investigation, charges and court appearances, fines, penalties, and loss of employment.

Snooping is entirely preventable.

How Can You Prevent Employee Snooping?

Let’s take a look at the pro-active steps that you can take today to prevent employee snooping.

 

prevent employee snooping

Download the Practice Management Success Tip 5 Steps to Prevent Employee Snooping

The Practice Management Success Tip, 5 Steps to Prevent Employee Snooping, will help you

  • Take 5 practical steps to prevent employee snooping.
  • Provide clarity about what is considered a privacy breach.
  • Contribute to the health information privacy compliance in your healthcare practice.

Protect Your Organization and Your Patients With a Privacy Awareness Quiz

Equip your staff with the information they need to confidently and correctly handle personal health information.

Healthcare businesses need privacy awareness training to support key policies and procedures, and risk management programs need a privacy awareness training program.

Reasonable Safeguards

As an employer and healthcare provider, you are responsible to provide training to all of your employees about privacy awareness.

If you don’t provide the training, or if the employees don’t understand the policies and there is a privacy breach, then the healthcare provider is more likely to be held accountable under the legislation and face penalties, including fines and even prison!

Patients value the privacy and security of their information.

Healthcare providers and clinic managers value privacy and security, and they value not having adverse results as a lack of compliance or patient safety issues.

Data Privacy Day Privacy Awareness Quiz

Patients trust their healthcare providers with their sensitive, personal, and financial information.

If patients don’t feel that the healthcare provider will keep their information confidential and secure, patients may choose not to share their information, which may impact their healthcare and treatment.

When we are privacy aware, we can better respond to patients’ questions and build their trust in the quality of services that we provide.

Download the Privacy Awareness Quiz to use today to train your employees and protect your patients’ health information.

Online Legal Essentials Review

Online Legal Essentials Review

Online Legal Essentials Helps Canadian Entrepreneurs move from Overwhelm to Legal Easy!

Do you have a small business in Canada?

Then you need customizable templates to help you set up your business, operate your bricks and mortar local business or your online business!

Corrine Boudreau of Online Legal Essentials can help you!

Corinne has developed guided legal templates for Canadians doing business online.

Corinne has a knack for making things practical and easy to implement.  Being a lawyer since 2002 has given her perspective and experience to boil things down to the essentials.

You know that I love templates – and tips, tools, and training to make it easy!

Corinne delivers this for you!

 

Online legal essentials review
Online Legal Essentials Library Canadian Templates

Not Sure What Legal Documents You Need for Your Business?

Many healthcare providers are excited to open their first independent practice but have many questions about how to build a legal foundation for their practice.

The Ultimate Business Checklist will help you

  • Build a legal foundation for your healthcare business
  • Portray a professional appearance to your patients and clients
  • Guide you to make good decisions in the right order without missing steps

Grab the FREE Checklist from Online Legal Essentials

 

Ultimate Business Checklist

Do You Have a Website for Your Healthcare Practice?

Well then, you are required by law to have a Privacy Policy on it.

Online Legal Essentials is here to help you with a simple, easy to complete Privacy Policy (with Canadian PIPEDA and EU GDPR provisions).

You will also find in this program the following templates to protect your business online:

– Copyright Notices

– Website Legal Disclaimers

– Website Terms of Use

Videos and easy-to-use templates will have these tasks checked off your to-do list in no time!

Check out the Website Legal Essentials templates!

Roadmap for Healthcare Providers

Corinne Boudreau and I believe in the power of education and templates to help healthcare providers start profitable businesses in Canada.

When you register for this free on-demand webinar, you get access to the Roadmap guide and the Roadmap Timeline google sheet to help you with your project management for your business.

Make sure to check out the legal templates from Corinne–ideal to help you prepare the Canada specific legal documents for your new business. 

Are You Hiring Employees?

Make sure your contract terms are clear when you are hiring people for your business. 

 
The Legal Hiring Template Pack provides the necessary information and contract templates to help you start your new hires on the right foot.  
 

So Much MORE!

Corinne Boudreau has created so many more Canadian legal templates to help you in your business. 

Check out these titles, too!

Online Legal Essentials Templates

Lady in business suit Jean Eaton

“When we know better, we can we do better.”

I help healthcare practices with practical tips, tools, templates and training to help you in your career and help you to start, grow, or fix the business of a healthcare practice.

Affiliate Compensation: From time to time, I promote, endorse, or suggest products or services of others. In most cases, I will be compensated – either as an affiliate with a commission based on sales, or with a free product to review or use. My recommendations are always based on (i) my personal belief in the high quality and value of the product or service, and (ii) my review of the product or service, or a prior relationship or positive experience with the sponsoring person or organization.

Jean L. Eaton, Your Practical Privacy Coach with Information Managers Ltd.

Small Business Tech Day

Small Business Tech Day

Click on the >> Arrow above and watch the short (5 min) video to watch my 6 steps to help you right away!

The Privacy Playbook: 6 Steps to Small Business Privacy Compliance

I’m Jean L. Eaton, your Practical Privacy Coach and Practice Management Mentor. I help healthcare providers and clinic managers implement privacy best practices, like pulling together the right forms and paperwork to use with their employees and patients and implementing privacy best practices.

Whether it’s improving privacy workflow, understanding the impact of breaches, working with privacy legislation, privacy impact assessments, or mentoring privacy practices among staff, I make privacy in healthcare simple and straightforward.

I have found that when small business use these 6 steps to small business privacy compliance:

  • your privacy management program operates smoothly every month
  • you avoid nasty privacy and security incidents
  • your business operates more efficiently

When you focus on proper privacy and security practices, compliance falls into place.

Information Managers Is Proud to be an Official Partner of the Small Business Tech Day.

To access more replays recorded on November 16, 2023, 

Register here! It’s FREE!

 

How To Use Current Technology To Maximize Productivity And Profits In Your Business While Staying Protected And Secure

Small businesses must be nimble to prevent cybersecurity crime and continue to boost profitability and productivity. Technology automation and AI can help–when you implement wisely.

We can help you with that!

This Free Online Event Features Speakers Shark Tank’s Robert Herjavec, Co-Founder Of Siri Adam Cheyer And Best-Selling Author And Entrepreneur Extraordinaire Mike Michalowicz.

Solid Technology Solutions has been named as the official host of Edmonton Small Business Tech Day happening on November 16th.

This online event is designed to help small businesses navigate the future of technology, especially with the recent emergence of AI.

We’ll ensure you are equipped with the best advice from these world-renowned experts when it comes to changes in your day-to-day business.

Featuring well-known business leaders, tech experts and leading minds showing small businesses how to compete and succeed in many aspects of their business with a concentration on utilizing technology to be productive, profitable, and protected.

Learn how to maximize productivity, profits, and security in your business!

Discover cutting-edge technologies in these presentations that can streamline your business operations, saving you time and increasing overall efficiency.

“A Shark’s-Eye View Of The Future Of Small Business Tech” with Robert Herjavec

Shark Tank Celebrity Robert Herjavec will discuss the distinct differences between businesses losing money and those that are becoming more profitable and growing.

“New Business Protections You Need In Place NOW To Safeguard Your Assets” with Grant Dakin

Roughly 61% of all SMBs were the target of at least one cyber-attack in the past few years, which can equal hundreds of thousands of dollars in lost revenue. It’s no longer a question of IF you’ll get hacked, but WHEN. Millions of organizations are being held hostage by cybercriminals and hackers. During this session, you’ll get actionable steps to take to proactively protect your business from lost profits and irreparable reputational damage.

“The Good, The Bad, And The Ugly Of AI In Small Business” with Adam Cheyer

Your business needs to be prepared for current programs and technology and what’s on track to possibly disrupt it further.

“How To Get Your Business To Run On Its Own” with Mike Michalowicz

You can have the freedom to take a vacation or some well-deserved time off.

“The Privacy Playbook: 6 Steps to Small Business Privacy Compliance” with Jean L. Eaton

When you focus on proper privacy and security practices, compliance falls into place. Grab my 6 steps to help you right away.

Solid Technology Solutions is Your Proud Host

Solid Technology Solutions helps small businesses equip themselves with the best technology and practices available today to increase productivity and profitability and protect them against online threats.

Get your no-cost invitation!

Information Managers Is Proud to be an Official Partner of the Small Business Tech Day

Information Managers Partner image

No matter what happens with the economy, there are strategies you can use to keep growing profitably while keeping your business secure.

Today you can get these strategies when you join us at https://www.solidtech.ca/tech-week-2023-videos/.

Do You Want To Be A Confident Healthcare Privacy Officer?

Do You Want To Be A Confident Healthcare Privacy Officer?

What Is a Privacy Officer?

privacy officer is a key employee in a healthcare organization who is named by the healthcare provider (custodian) and assigned the responsibility to oversee all activities related to the implementation of, and adherence to, the organization’s privacy practices, and to ensure operational procedures are in compliance with relevant privacy laws. The Privacy Officer monitors employees and systems about how information is collected, used, and disclosed and access to identifying information.

A privacy officer may be known by other titles like privacy compliance officer or a security officer.

If your healthcare business involves the collection, use, and disclosure of your clients’ and patients’ personal health information, a privacy officer is necessary in order to meet legislated requirements.

If You Don’t Have a Privacy Officer

Healthcare practices without a privacy officer often experience confusion about how patients’ personal health information should be collected, used, and disclosed. Patients may complain about lack of access to their personal health information. Without a named privacy officer to assume the responsibility to implement and monitor reasonable administrative, technical, and physical safeguards you are more likely to experience privacy and security incidents, privacy breaches, investigations, fines, and charges under the privacy legislation!

Here are some examples of what can happen if you don’t have a privacy officer:

  • In 2019, the British Columbia Office of the Information and Privacy Commissioner (OIPC) conducted a privacy audit of 22 medical clinics. OIPC auditors examined 22 clinics and found gaps in privacy management programs at several clinics, including the absence of a designated privacy officer, a lack of funding and resources for privacy and a failure to ensure that privacy practices keep up with technological advances.
  • A complaint was made against a medical clinic with an employee suspected of accessing health information for an unauthorized purpose. The Alberta OIPC investigated and revealed confusion around the roles and responsibilities of privacy compliance among the custodians and the privacy officer. The OIPC determined that the custodian was in contravention of the regulation which requires custodians to ensure that their affiliates are aware of and adhere to the all of the custodian’s administrative, technical, and physical safeguards with respect to health information. (See Do You Know Where Your Policies and Procedures Are?)
  • Employees are not aware of privacy requirements and engage in snooping into personal health information. Consequences of employee snooping include firing, charges under the Health Information Act and court ordered fines, jail time, probation, community service and more. (See Snooping Conviction Earns 3 Years Probation )
Say No to Snooping

Roles and Responsibilities

So, what does a privacy officer do? The roles and responsibilities of a privacy officer in a typical healthcare practices include the following:

  • Identify privacy compliance issues for the business.
  • Ensure privacy and security policies and procedures are developed and keep them up to date.
  • Ensure that everyone working at your clinic and your vendors are aware of their privacy obligations.
  • Monitor your clinic’s ongoing compliance with privacy legislation like the Health Information Act (HIA) in Alberta.
  • Provide advice and interpretation of related legislation for the business.
  • Respond to requests for access and corrections to personal information.
  • Ensure the security and protection of personal information in the custody or control of the business.
  • Act as the primary point of privacy and access contact for staff, patients, vendors, regulators and other stakeholders.

Get the FREE Practice Management Success Tip, Privacy Officer Job Description Template.

 

 
Build a Strong Privacy Management Program for Your Clinic with These 5 Critical Modules

Build a Strong Privacy Management Program for Your Clinic with These 5 Critical Modules

Build a Strong Privacy Management Program for Your Clinic With These 5 Critical Modules

Many privacy officers in small healthcare practices have other roles—as a clinic manager, healthcare provider, computer network technician, or business owner. It is little wonder that new privacy officers can feel overwhelmed when trying to balance these responsibilities every day.

But that’s not the end of the problem. It actually gets worse!

You could continue to –

😮 Panic when a patient asks for their information for access or correction.

😔 Scramble when new employees and healthcare providers join your clinic . . .and suddenly realize that you never got around to providing privacy and cybersecurity awareness training.

😯 Hope that your practice will not be tapped on the shoulder for a practice review by your college or the OIPC.

🤐 Ignore privacy breach and hope no one else notices.

😒 Avoid difficult decisions with your owners / staff who insist on doing things their way – even when it is not privacy compliant.

😞 Never get ‘review privacy impact assessment’ and ‘review privacy policies and procedures’ off of your to-do list.

😥 Avoid discussing privacy and security with your EMR and computer networks managed service providers because you are unsure of what questions to ask and what types of answers you should receive.

If you don’t have a written privacy management program and action plan, you are missing the systems to monitor routine tasks that will protect privacy and alert you to potential problems before they become privacy and security incidents.

Carrying out the duties of a Privacy Officer correctly is vital to ensure your organization is safe from the consequences of a big privacy breach.

But did you know that those organizations who have a privacy officer and a privacy management program are:

  • Less likely to have a privacy or security incident
  • Increased staff satisfaction
  • Increased patient satisfaction and outcomes

We Know That Privacy Is Good For Business

​We know that having policies, procedures, and systems in place will improve your privacy compliance in your organization and help you make good business decision.

When we have consistent practices in place, it improves communication and prevents a multitude of problems.

I’d like to share with you what I believe are the 5 critical modules of a privacy management program

The 5 Modules of a Strong Privacy Management Program for Your Clinic includes

  1. Know Your Obligations
  2. Train
  3. Privacy Breach Management
  4. Document
  5. Access and Disclosure

We expect organizations which collect, use, or disclose health information to have key components of a privacy accountability program. These include:

Every healthcare and private organization that is subject to privacy laws must comply with them. A comprehensive privacy management program provides an effective way for organizations to create a culture of privacy in their practice, practice accountability for the collection, use, disclosure, and access of personal information, and show compliance with regulations.

Module 1—Know your Obligations

​Key accountability for your privacy management program starts with your healthcare provider(s). These are also known as “custodians”. They are ultimately responsible for the privacy, confidentiality and security of personal health information (PHI).

The key healthcare provider—physician, dentist, chiropractor, nurse—can assign or delegate a key person who is accountable to the custodian to implement and monitor a privacy management program. This is often known as a privacy officer. In many smaller healthcare practices, the clinic manager or practice manager is also the privacy officer.

The business owner (who might also be the healthcare provider) also has obligations to follow the privacy laws as it relates to the privacy of personal information of employee, customers, and general business information.

The healthcare provider, business owner, and privacy officer form a ‘trifecta’ of authority and responsibility in your practice to ensure that you comply with privacy legislation, professional standards of practice, and contractual commitments.

Knowing your obligations includes clear authority and accountability in your practice, identifying what identifying information that you have in your practice, and understanding how privacy legislation guides your business. Your privacy officer and custodians may require training in these areas to better understand their obligations.

Module 2—Training

​Training is an important component of your privacy management program. The privacy officer in your organization ensures that privacy awareness, cybersecurity, and privacy breach management are provided in your healthcare practice.

There should be both a formal and an informal training plan. A pre-planned privacy awareness training must be available for everyone in your organization, including new and seasoned professionals. It is critical that you can provide and document that everyone in your organization completed consistent common training.

We can provide informal training throughout the year. For example, have a standing agenda item during your staff meeting to do something consistently for everyone in the organization throughout the year. Leverage activities like Data Privacy Day, Change Your Password Month, Cybersecurity Awareness Week to provide a variety of content.

frequently missed trigger for additional training happens when an employee is promoted to a new position. This is a great opportunity for the privacy officer to meet with the employee and discuss their new role and how their responsibility, for example, of authorizing new users or supervising employees contributes to the confidentiality and security of PHI.

Remember to document who attended the training opportunities and keep copies of the training content to show your actions to protect privacy.

Listen to the podcast How To Keep Privacy Awareness Top Of Mind | Episode #093 for more tips and resources to help you plan training throughout the year.

Module 3 – Privacy Breach Management Plan

​Ensure that a written privacy breach management procedure is part of your overall privacy management program. The privacy officer will document your privacy breach management policies and procedures, sanctions policies and procedures, and train all employees to identify a privacy breach and report it to their supervisor. The privacy officer will manage a (suspected) privacy breach and ensure notification to their custodians, individuals affected by the breach, and others as needed.

The privacy officer will manage mandatory privacy breach notification requirements under the health privacy legislation like the Alberta Health Information Act (HIA), Ontario Personal Health and Information Protection Act (PHIPA) and the Personal Information Protection of Electronic Documents Act (PIPEDA) and other province’s legislation.

See Understanding a Privacy Breach for more tips.

Module 4—Document

​I think most people in healthcare are familiar with the adage, “If it is not documented, it didn’t happen.” This applies to your privacy management program, too. Your program should include written:

  • Health Information Privacy and Security Policies, Procedures
  • Risk Assessment – Safeguards
  • Practical Privacy Review
  • Privacy Impact Assessment
  • Information Management Agreement
  • Information Sharing Agreement
  • Successor Custodian
  • Training plan

These actions will help you protect the PHI of your patients and your business. They help to demonstrate your compliance with your privacy and security obligations. Review and update these key documents annually.

See Privacy Impact Assessment for more tips.

Module 5 – Access and Disclosure

​When you collect PHI from patients and PI from employees and customers, you must ensure that they can access, correct, and authorize disclosure of their information.

Release of information (ROI) policies and procedures is a critical module of your privacy management program. Your privacy officer is tasked with ensuring that your ROI plan is written, understood, includes specific training to your employees, and follows legislated standards and professional college standards of practice. When you meet your ROI obligations, you avoid complaints and breaches, work efficiently, and improve the trust of your patients.

Struggling to Learn Your Role As A Privacy Officer On Your Own?

If you are a privacy officer in a healthcare practice who needs practical privacy management strategies to protect your patients and your healthcare business but aren’t sure how to get started, register for the Practical Privacy Officer Strategies training here.

The training starts on September 26, 2023.

Not sure if this is for you?

Send me an email and ask me! I’m happy to mentor you and help you assess your practice management and privacy compliance priorities.

Listen to the replay of my recent LinkedIn Live Event here.