Are You Using Zoom In Your Healthcare Practice?

Posted on June 24, 2020 by Meghan in Blog No Comments

Are you using Zoom in your healthcare practice?

In healthcare, it is important that patients trust you before they will share their personal information, listen to you, and before they will carry out your treatment recommendations.

In telemedicine, your patients need to be able to see your face, hear your voice in order to trust you.

When you appear confident on camera during telemedicine call this will build trust with your patient and remove distractions so that your patient better listens to your advice.

This on-line training will help you become more confident using Zoom for meetings, virtual care, and telemedicine.

The Communicate & Meet With Zoom in Your Healthcare Practice course will look at the basics of both joining and hosting a meeting, as well as the difference between the free and pro plan options.

Communicate and Meet Using Zoom In Your Healthcare Practice

Online course

Are you using Zoom for your Telemedicine or Virtual Care Encounters? Build trust with your patients when you confidently use Zoom to Communicate and Meet.

Ideal for physicians, dentists, chiropractic, physio, optometry – every healthcare professional who use Zoom for telehealth, virtual care, or team meetings!

25 step-by-step videos to get started quickly and be successful with Zoom
Bonus downloadable Zoom instructions for patients
Bonus training: Easily Improve Your Video Conference Presence with Lauren Sergy
Bonus: Virtual Care Workflow
Bonus: Virtual Background templates and training

If you are new to Zoom, I suggest that you follow the on-screen videos step by step.

If you are familiar with Zoom, and just need to dig a little deeper into the advanced settings or have specific questions, you can select the training that would most help you.

Note: This training is not specific to Zoom Healthcare; however, many of the features are similar between the public and the Healthcare versions of Zoom.

The Practice Management Success Tip, Communicate and Meet Using Zoom In Your Healthcare Practice, will help you

Gain your patients' trust.
Communicate confidently on-camera with your patients and your employees.
Document your new virtual workflow process.
Present yourself professionally.

Show Me Communicate and Meet Using Zoom In Your Healthcare Practice

healthcare, healthcare business, medical, physician, small business, Social Media for the Small Healthcare Practice, telehealth, telemedicine, template, videoconferencing, virtual care, zoom

Privacy Awareness in Healthcare Training: Dental Practices

Posted on June 15, 2020 by Meghan in Blog, Services

NEW! Privacy Awareness in Healthcare Training – Dental Practices

Privacy Awareness Training for Dental Practices

Is your dental clinic in compliance with the Alberta Dental Association & College, Health Information Act (HIA) and Personal Information Protection Act (PIPA)?

Dentists and dental practices in Alberta are required to have an ongoing privacy program to ensure the protection of private records and patient information. The appropriate collection, use, and disclosure of personal information is critical to maintaining privacy for patients that choose to trust in your practice. Accomplishing this important goal demands an up-to-date training strategy.

Regular privacy awareness training protects patients, employees and your business. The key components of your training strategy must revolve around ensuring HIA compliance to mitigate risk of a privacy breach. Everyone in your clinic – dentists, dental assistants, dental hygienists, office staff, contractors and even practicum students and volunteers must understand how to correctly handle personal information, so it remains confidential and secure. Maintaining high standards that safeguard information privacy and security is an essential aspect of asset management for any health care provider.

Corridor Interactive's training includes a personalized printable certificate of achievement to support compliance and may be used for your continuing education credits, too! Our training delivers industry best practices and is ideal for all levels of staff in any dental organization or clinic that collects, uses or discloses personally identifying information. This includes direct care providers in your practice as well as privacy officers, support staff and any other employees who are not directly involved in patient care.

Corridor’s Privacy Awareness Training for Dental Practices educates dentists, dental assistants, dental hygienists, and all office staff on:

Understanding Privacy
Privacy Principles
Collection, Use & Disclosure
Roles & Responsibilities
Privacy Breaches
Right of Access
Safeguards
What is “Health Information”
Handling Personal Sensitive Health Information

If You Are A

dentist,
dental assistant,
dental hygienist,
or work in a dental practice

You Need Privacy Awareness in Healthcare Training – Dental Practices

You will

Understand patient and client privacy rights.
Respect personal health information and your obligations.
Confidently and correctly handle personal health information.
Use reasonable safeguards to protect personal health information (PHI).
Recognize and respond to a privacy breach
Support key policies, procedures and risk management programs in your healthcare practice.

Interactive Online Learning Experience provided by Corridor Interactive

Corridor Interactive’s Buy Now Training Programs give you access to the most current information available, at your convenience. Complete your course all at once, or in multiple sessions from any location – it’s up to you. All you need is an internet connection and an email address to get started…it’s that easy!

Fits into your schedule – you can start, pause at anytime, and return to the course exactly where you left off.
Easy to use – navigation buttons makes it easy to continue to the next topic or pick and choose the order that you want to see the content.
Get started immediately – the entire course is ready for you!
Work at your own pace – you have access to the course for three (3) months. Most students complete the course in under 2 hours.
You can listen to the narration for each module.
Practical examples, too, to make it easier for you to apply what you have learned in the course to your job.
Links to extra resource material and websites related to your topic of study, to peruse at your convenience.
A printable Certificate of Completion, available as soon as you successfully complete your course.
An audit trail and record of your course activity and training history.
Self-directed learning features including the ability to pause your course at any time and resume later, right from where you left off.
Unlimited access to your course and resources for the duration of your subscription term.
Technical support with a one-business day turnaround for end-user support help and questions.
Automatic emails when you complete your course, or reminders if you have not completed.

Developed by Corridor’s team of seasoned software specialists and instructional designers, this unique online learning application is the optimum vehicle for delivering learning content.

$30 per subscription

Give your staff the knowledge and tools they need to apply policy in their day-to-day work AND prevent a privacy breach with privacy awareness training.

Privacy Awareness in Healthcare Training – Dental Practices

Protect your organization and your patients. Equip your staff with the information they need to confidently and correctly handle personal health information. Learn basic healthcare privacy principles and how to handle personal health information, use safeguards, and recognize and report a privacy breach.

Sounds great! Sign me up!

This self-paced on-line education includes:

9 Modules
6 Quizzes
2 Case Studies
Final Exam

Certificate of Completion

“When we know better, we can we do better.”

As an employer and health care provider, you are responsible to provide training to all of your employees about privacy awareness. Protect your organization and your patients. Equip your staff with the information they need to confidently and correctly handle personal health information.

I am constructively obsessive about privacy and confidentiality in the healthcare sector–and I think you should be, too! I designed this course to assist healthcare providers, clinic managers, practice managers, privacy officers and independent healthcare practice owners provide practical privacy awareness training that was easy to implement, consistent content, cost-effective and meaningful to your day-to-day business.

When each member of your independent healthcare practice completes this privacy awareness course, you will have clearer expectations and confidence that your team will maintain the privacy, confidentiality and security of your patient’s health information. Give your patients the gift of privacy. Improve your healthcare practice with privacy awareness education.

Jean L. Eaton, Your Practical Privacy Coach Information Managers Ltd.

Frequently Asked Questions

How can I access the course?

The course, Privacy Awareness in Healthcare Training – Dental Practices is available on-line from any internet enabled device. You can use your desktop computer, smart phone or tablet to view the slides and even hear the narration.

How long is the course?

Most students complete the course in under 3 hours. You can start and stop the course at any time. Let's say you decide to take 20 minutes each day to work on the course. You can login and start the course right away. When you come back to the course the next day, you can start right from where you left off. You will have all the modules and the post-test done within 6 days. Don't worry about missing a few days – you have access to the course for a full 3-months!

This is my first job in a dental practice. Do I know enough to start the course?

You bet! The course is easy to read and I explain all the terms that you need to know. There are a lot of practical examples, too, to make it easier for you to apply what you have learned to your job.

I've worked in healthcare for a long time. Do I still need to take this course?

You bet! Seasoned professionals like yourself have an extra obligation to share your knowledge with new workers. This course will help you to refresh key principles and suggest wording, examples, and key messages that you can use to train new employees to their specific tasks in the workplace. The course will help you to advocate for the privacy rights of your patients. Unfortunately, we have many examples where trained professionals who “should have known better” make errors in judgement causing privacy breaches that affect our patients, our business, and the reputation of healthcare. Healthcare practitioners and owners have a responsibility to ensure that everyone in the practice receive comprehensive privacy awareness training regularly.

Will I get a certificate of completion that I can give my employer?

Yes – at the end of the course, you will have the opportunity to complete a short on-line quiz to confirm that you understand the key concepts. Then you will have access to a Certificate of Completion that you can download and share with whomever you choose.

Can I get continuing education credits with my professional association?

Maybe! If you are a member of a professional association and you would like to seek credits from for taking this course, please let us know so we can take steps to request pre-approval. Often, professional association and colleges will grant continuing education (CE) credits based on your certificate of completion.

How much is the course?

The course is $30 per individual 3 month subscription. Click here to buy it right away.

I think everyone in my healthcare practice should take this course! Can I buy in a group package?

Yes – Privacy Awareness in Healthcare Training – Dental Practices is available in group packages, or it can be customized to incorporate your organization’s privacy policy and practices. Employers can monitor the employee’s training progress and receive a report of employee’s satisfactory completion of on-line quizzes. Track annual privacy awareness training through our online platform to demonstrate your compliance with legislation. Contact Corridor Interactive for more information.

I agree that privacy awareness training is important - but I don't work in healthcare. Do you have a corporate privacy awareness program?

While these programs have been developed with health care providers in mind, the privacy principles and fundamentals of protecting personal information are appropriate for any organization that collects, uses, and discloses personally identifying information. Contact us for information about our Corporate Privacy Awareness Program!

Interested in Group Training?

Employers can also purchase training for groups of employees; employees can access the internet based training at a time and location convenient to them. Employers can monitor the employee’s training progress and receive a report of employee’s satisfactory completion of on-line quizzes. Track annual privacy awareness training through our online platform to demonstrate your compliance with legislation.

Email Corridor Interactive to Order Group Training

Corridor Interactive, dentists, health care, Health Information Act Training, healthcare, healthcare provider, primary healthcare, privacy, privacy awareness, privacy breach, training

3 Parts to Every Privacy Awareness Training Plan

Posted on June 15, 2020 by Jean Eaton in Blog, Clinic Manager / Privacy Officer, Employee, Established Practice, New Practice, Services

Reasonable Safeguards – the Myth

You may have heard the myth that the Health Information Act (HIA) is a big scary thing that will interrupt your routine, rob you of countless billable hours, impact all of your staff, turn your office inside out, and change the way that you run your entire business!

Myth Buster

The HIA provides structure and framework for reasonable safeguards that apply to any healthcare business.

One of the requirements of reasonable safeguards includes having a privacy awareness training plan.

Click the >> arrow to play the video

Privacy Awareness Training

Your Privacy Awareness Training Plan should include learning objectives throughout the year, including

Orientation – Standardized training curriculum provided to everyone in you healthcare practice at the time of employment. This is often included during a new employee’s orientation period.
Specific – Privacy training that is more detailed and specific to the roles and responsibilities of that individual’s job in your healthcare practice. There may also be specific training when new software, technology, or procedures are introduced anytime throughout the employment.
Reward – Keep privacy awareness top of mind all year long. Recognize and reward when individuals follow privacy principles that also add value to your client satisfaction or business efficiency.

It is reasonable to expect regular privacy awareness training, especially at orientation, and a formal review annually.

What a Privacy Awareness Training Plan Can Do For You

When you implement regular privacy awareness training, you will see:

Privacy and security expectations clearly communicated among your team.
Team members demonstrate their commitment to privacy, confidentiality, security of personal health information.
Efficient practices that protect the privacy and save you time and money
Team members confidently and correctly handle personal health information using reasonable safeguards

Are You a Myth-Buster?

You can be a myth-buster, too, and implement privacy awareness training in your healthcare practice.

You can easily implement reasonable safeguards and meet HIA requirements to ensure privacy, confidentiality, and security of health information that saves you time, frustration and money.

If you need a little help, I have written a practical privacy awareness training course designed for the community health care practice. This is ideal for orientation of new employees and a refresher for the rest of us.

Privacy Awareness in Healthcare: Essentials

Understand basic health care privacy principles and how to handle personal information, use safeguards, and recognize and report a privacy breach.

Ideal for community-based health care professionals and staff, direct care providers, or anyone working with a health care, dental, or social services organization.

An effective privacy compliance program promotes organizational adherence to the Health Information Act (HIA), Personal Information Protection Act (PIPA) Alberta, Personal Health Information Protection Act (PHIPA) Ontario and the Personal Information Protection of Electronic Documents Act (PIPEDA) requirements. A compliance program is your first line of defense to promote the prevention of criminal conduct, and enforce government rules and regulations, while providing quality care to patients. All three training products help protect practices against privacy and security breaches, improper payments, fraud and abuse, and other potential liability areas through education.

Canadian Health Care Privacy Training Solutions

Corridor’s online training makes it easy for health care organizations to comply with provincial and federal legislation that mandates regular privacy training for all health care providers, staff, and vendors.

Select the training that best fits your needs:

NEW! Privacy Awareness in Healthcare Training: Dental Practices – Alberta

Privacy Awareness in Health Care Training – Canada

Includes detailed resources for each province and territory with key terminology and links to applicable privacy legislation. Resources are provided for our ten provinces: Alberta, British Columbia, Manitoba, New Brunswick, Newfoundland & Labrador, Nova Scotia, Ontario, Prince Edward Island, Quebec, Saskatchewan, and three territories: Northwest Territories, Nunavut and Yukon. This new product is ideal for both organizations and vendors who provide health care services or have health care clients in more than one province.

Privacy Awareness in Health Care Training – Alberta

Includes the mandatory privacy breach notification amendments to the Health Information Act (HIA).

Privacy Awareness in Health Care Training – Ontario

Specifically covers all legislation and rules specific to the province of Ontario including the Personal Health Information Protection Act (PHIPA).

Refresher: Privacy Awareness in Health Care – Alberta

A quiz-based review of Corridor’s full Privacy Awareness course. The Refresher starts with an initial quiz to assess knowledge on the topics and information covered in the full course. Based on the quiz results, one or more of eight Refresher topic quizzes must be completed, each focusing on a specific subject area. The Refresher also includes access to the original course content.

Privacy Awareness in Healthcare: Essentials

Grab your on-line course from Information Managers and Corridor Interactive

for just $30 per individual 3 month subscription now!

Click Here to Grab Your On-Line Privacy Awareness Course Now!

Alberta, Canada, Corridor Interactive, dental, Health Information Act, Ontario, Personal Health Information Protection Act (PHIPA), PHIPA, PIPEDA, privacy awareness training, reasonable safeguards

Your Guide to Privacy & Security Measures for the Health Care Industry

Posted on June 11, 2020 by Meghan in Blog

I’m tickled pink to be a guest of Rafiki Technologies' EVOLUTION SERIES

Your Guide to Privacy & Security Measures for the Health Care Industry

Join Rafiki Technologies and Jean Eaton to learn effective ways to keep your patient information safe and secure.

Confidentiality and security of personal health information (PHI) are crucial in the health care industry. It's your job to keep your records safe and your patient's information private, confidential, and secure.

Electronic medical records (EMR) have many advantages but security concerns are attached. Internet hackers are able to access private information in a matter of minutes if the medical practice doesn't have strong security measures in place and well-trained staff.

Learn how to protect your patient data with Rafiki Technologies' President Naheed Shivji. He and his team have worked in the medical industry for many years and they understand how to integrate proper IT and security measures seamlessly into existing infrastructure.

Joining Naheed Shivji is a Certified Health Information Management Professional, Jean L. Eaton. Jean is exceptionally versed in privacy awareness training and tools and works alongside many healthcare providers to ensure they're using the right protocols to keep patient information protected while complying with privacy legislation.

Speakers:

Jean L. Eaton, Your Practical Privacy Coach and Practice Management Mentor with Information Managers Ltd.

I assist healthcare providers, clinic managers, practice managers, privacy officers, and independent healthcare practice owners with practical privacy awareness training and tools that are easy to implement, cost-effective, and meaningful to your day-to-day business.

As a Certified Health Information Management professional (CHIM), and privacy awareness training facilitator, I have had the honour to share my obsession about practical privacy and confidentiality advice with hundreds of medical clinics and healthcare practices and organizations across Canada and the US.

With over twenty years of experience in health information management and healthcare administration and over 15 years in my independent consulting practice, I have made practical recommendations for 1000’s of independent health care providers to help them comply with privacy legislation and create efficient practices.

Naheed Shivji, Founder & President of Rafiki Technologies Inc

Naheed has more than 20 years of experience in IT with expertise in the dental industry. He is a passionate entrepreneur helping companies understand and embrace technology and is always searching for business best-practices while giving back to the community.

Naheed works hands-on with his clients to develop winning IT strategies and smooth implementations. He is constantly learning and adapting to industry trends to maintain Rafiki Technologies’ position as a leading managed IT services company in Canada.

Your Guide to Privacy & Security Measures for the Health Care Industry

Tuesday, June 16th, 2020

6:00pm MDT

RSVP on EventBrite Here!

cybersecurity, datasecurity, healthcare, informationsecurity, medical, privacy, security

Pandemic Incident Response Review

Posted on May 15, 2020 by Meghan in Blog

Each healthcare practice has been impacted by the COVID-19 pandemic.

This is certainly a disruption to our business continuity and a risk to privacy and security of patient, employee, and business information.

In this podcast on Practice Management Nuggets For Your Healthcare Practice, Jean L. Eaton shares a strategy to help you with your pandemic incident response review so that you can respond to a similar incident with confidence.

Jean Eaton's #1 Tip to Healthcare Providers and Vendors

Update your Pandemic Incident Response Plan!Click to Tweet

Each healthcare practice has been impacted by the COVID-19 pandemic.

This is certainly a disruption to our business continuity and a risk to privacy and security of patient, employee, and business information.

Each custodian and healthcare provider must maintain a written record of safeguards that have been implemented during the pandemic, ensure that these are communicated to their affiliates, and monitor to ensure they are followed.

What can we learn about the pandemic incident response so far?
As we prepare to re-open our practices, what can we anticipate?
If we experience a second wave and have to lock down again, are you prepared?

Jean L. Eaton

Information Managers Ltd.

I am constructively obsessive about privacy and confidentiality in the healthcare sector–and I think you should be, too!

I offer tips, templates, and training to assist healthcare providers, clinic managers, practice managers, privacy officers and independent healthcare practice owners on practice management and privacy legislation that are actually fun and practical.

Your Practice Management Mentor and Your Practical Privacy Coach

Be sure to tune in to my podcast for tips on your pandemic incident response,

Pandemic Incident Response Review | Episode #088

Listen To The Podcast Here

#PracticeManagementNugget, COVID-19, healthcare, incident response plan, pandemic, podcast

What Healthcare Providers Need To Know About Computer Security And Standards

Posted on April 28, 2020 by Meghan in Blog

Do you see cyber and privacy incidents in the news – and worry that your computer system is at risk?

Are you overwhelmed with managing your computer network by yourself?

Jon Harmon knows that healthcare providers need to have strong computer security and standards.

Jon shares his tips about computer security and standards that every healthcare provider needs to know.

Jon Harmon is my guest expert on Practice Management Nuggets For Your Healthcare Practice.

Jon Harmon's #1 Tip to Healthcare Providers and Vendors

Keep your systems up-to-date!Click to Tweet

My Favorite Takeaways From The Podcast

When using WiFi connections, always keep devices with confidential information connected to a separate private network – this helps mitigate the risk from outside threats.
Keep you computer systems up-to-date.
Have a regular off-site backup of your data.
Always accept regular updates to all network devices.
Don't let hardware run past it's recommended lifecycle.
Regularly update yourself and your staff on computer security.
Have siloed permissions on data on a need-to-know basis.
Don't rely on one person – great computer security needs a team!

Featured Guest: Jon Harmon

Accounts Manager, TRINUS

Jon joined TRINUS as Accounts Manager in October, 2017.

He likes to challenge himself in new and exciting opportunities in the Technological world. Jon loves being a husband and a dad. He’s passionate about Martial Arts and is also an avid historian of all incarnations of Punk Rock, Classic Rock and Alternative Rock.

Visit the Trinus Technologies website!

Be sure to tune in to my interview with Jon Harmon,

What Healthcare Providers Need to Know About Computer Security and Standards | Episode #087

Listen To The Podcast Here

#PracticeManagementNugget, computer security, cyber aware, cyber security, healthcare, information technology, podcast

Here’s a Common Telehealth Workflow Process

Posted on April 22, 2020 by Meghan in Blog

With so many changes to daily lives and schedules due to COVD-19, healthcare practices are also changing. I think that these experiences have probably advanced telehealth, virtual care, and digital health initiatives ten years in the space of six weeks.

If you have been experiencing a whiplash headache from the speed of the changes to your practice management, you are not alone!

I am committed to help you with policy, procedure, and privacy impact assessment templates and resources to support you as you implement remote working and virtual care for your patients.

Use these policy and procedure and privacy impact assessment templates to help you provide virtual care while remote working and maintain reasonable safeguards to protect the privacy and security of personal health information.

If you are moving into remote working and virtual care or telehealth, it’s important that you have anticipated the risk to privacy, confidentiality, and security of patient information and have planned appropriate safeguards to prevent harm.

Patients don’t always know to ask questions about the risks of using new virtual care technology. Custodians and clinicians have a responsibility under the Health Information Act to inform patients about any additional risks to their privacy and health information while using technology in new ways. You could include this in your workflow when the patient appointment is made and the receptionist provides this information. Immediately prior to the on-line consultation, the clinician may review the collection consent and respond to questions from the patient before beginning the clinical encounter.

You might also have a legal requirement in Alberta to submit a privacy impact assessment to the Office of the Information and Privacy Commissioner.

If your healthcare practice is implementing remote working or virtual care, you need to notify the OIPC.

Health information is sensitive information. Reasonable efforts must be made to ensure that identifying and sensitive information is protected from unauthorized access, loss, or damage during and outside work hours. What a custodian may consider is reasonable efforts during a pandemic may be different than reasonable efforts from normal circumstances.

In Alberta, section 64 of the Health Information Act (HIA) requires custodians to prepare a privacy impact assessment (PIA) and submit it to the Office of the Information and Privacy Commissioner (OIPC) of Alberta prior to implementing a new administrative or technical process in a healthcare practice.

During the pandemic, the OIPC of Alberta requests an email now to outline your implementation plan. Then, promise to follow-up with a Privacy Impact Assessment submission in a few weeks.

Remote Working and Virtual Care Policy, Procedure, and PIA Templates

Templates are a time-saving tool for anyone looking to move into remote working, telehealth or virtual care solutions. Your on-line course includes instant access to checklists and resources to help you select the best virtual care options.

The policies and procedures templates will help every clinician thinking of authorizing some (or all) of your staff to remote work from home and / or provide virtual care while ensuring the privacy and security of health information.

The templates are delivered to you inside the on-line course management platform called Ruzuku. The instructions and the templates are delivered in 6 lessons. The instructions in each lesson will take you less than 5 minutes each to read.

Then, you download the templates from Ruzuku to your computer and modify each template with your clinic-specific information. Editing the MS Word templates will take you about 3 hours. I can’t estimate the amount of time that you will require to read the templates, gather information and making decisions about your remote working and virtual care project.

As you build your policies and procedures and the supporting documents, you will copy and paste them into the key sections of your PIA.

Virtual Care Workflow

There are many ways to implement virtual care or telehealth in your practice. A common workflow process includes:

Schedule the Patient Appointment – Reception

Schedule the patient appointment in the EMR.

Telephone or send a secure email to the patient with the

Appointment confirmation and instructions on how to use the video conference solution;
Collection notice; and
Privacy Officer contact information.

Request the patient to sign or verbally consent to the use electronic communication.

Time of Appointment – MOA

Receptionist / MOA initiates the video conference call with the patient.

Ensure patient can connect and hear the audio / see the video or shared screen.

Verify the patient identity.

Invite the clinician to join the video conference / make host of the call.

Notice of Collection / Consent – Clinician

Introduce yourself.

Review the Notice of Collection and Consent and respond to any questions.

Confirm that the patient is in an appropriately private location.

Document Patient Encounter – Clinician

Confirm the patient’s understanding of the assessment and plan.

Arrange to send any prescriptions to pharmacies and any requisitions or referrals to the patient or the appropriate office/facility.

Complete the clinic note in the patient record.

Is Remote Working and Virtual Care Here To Stay?

Many practices are finding benefits to having flexibility to allow staff to work from home to accommodate illness, child care disruptions, and business continuity planning. Many patients are finding that they appreciate the convenience of accessing health services without parking, time off of work, or child care struggles. Sometimes, both clinicians and patients are discovering that this new modality has inspired a better understanding of the patient's home environment and creates opportunities to improve care and treatment.

I don't think we can put this genie back in the bottle. Remote working and virtual care will become a new normal – for some practices – at least on a part-time basis. Consequently, I recommend that you take the time needed now to get the procedures and safeguards right so that we protect the privacy, confidentiality, and security of health information, allow our clinicians to work to their full scope of practice, and provide the appropriate care and treatment in a way that is convenient for all parties.

I'm here to help you.

Take advantage of this offer to access the templates that will help you implement remote working and virtual care solutions in your practice.

Yes, I Want the Policy, Procedure and PIA Templates!

Not sure if remote working is right for your healthcare practice?

Check out the The Practice Management Success Tip, Remote Worker Privacy and Security Checklist, which will help you:

Determine if remote working is appropriate for your employees.
Identify what clinic / business resources need to be provided to the employee remote worker.
What reasonable safeguards need to be implemented to protect the privacy, confidentiality, and security of personal (health) information.

Did you enjoy this article? If you’d like to look at similar posts, visit these links:

What Should I Do If I Think I Have COVID-19?

Do You Know Where Your Policies and Procedures Are?

Is Remote Working a Good Choice for Your Healthcare Practice?

Notice of Collection for Telemedicine and Virtual Health

healthcare, medical, pandemic, physician, PIA, rehab, remote working, risk assessment, telehealth, virtual care, virtual healthcare, workflow

Do You Need a PIA for Remote Working or Virtual Care?

Posted on March 31, 2020 by Meghan in Blog

If your healthcare practice is implementing remote working or virtual healthcare, you need to notify the OIPC.

The OIPC in Alberta requests in its notice of March 19, 2020, that custodians notify the Commissioner about new administrative practices or information systems.

How Do I Notify The OIPC?

Step 1: If you have implemented, or plan to soon implement remote working, virtual care or other administrative or technical changes in response to the COVID-19 pandemic, send an email to the OIPC to inform them, in general terms, about your plans.

Step 2: As soon as possible, submit a project specific Privacy Impact Assessment to the OIPC.

To help you get started with Step 1, I have prepared a sample email that you can use.

Yes, send me the Sample Email to the OIPC!

Not sure if remote working is right for your healthcare practice?

Check out the The Practice Management Success Tip, Remote Worker Privacy and Security Checklist, will help you:

Determine if remote working is appropriate for your employees.
Identify what clinic / business resources need to be provided to the employee remote worker.
What reasonable safeguards need to be implemented to protect the privacy, confidentiality, and security of personal (health) information.

Did you enjoy this article? If you’d like to look at similar posts, visit these links:

What Should I Do If I Think I Have COVID-19?

Do You Know Where Your Policies and Procedures Are?

Is Remote Working a Good Choice for Your Healthcare Practice?

Notice of Collection for Telemedicine and Virtual Health

healthcare, medical, OIPC, pandemic, physician, PIA, remote working, risk assessment, virtual healthcare, work from home

Notice of Collection for Telemedicine and Virtual Health

Posted on March 26, 2020 by Meghan in Blog

If you are using telemedicine or virtual health, you still need to provide a notice of collection of personal information.

The Advice to the Profession series from the College of Physicians and Surgeons of Alberta (CPSA) offers guidance documents to assist you in assessing the security risks and safeguards of electronic communications, such as telemedicine or virtual health.



From the College of Physicians and Surgeons of Alberta (CPSA):

COVID-19: Virtual Care

Electronic Communications & Security of Mobile Devices

Standard of Practice Telemedicine

Along with helping you the assess the appropriate safeguards you need to take to protect the privacy and confidentiality of personal health information, the CPSA Advice also advises healthcare practices to ensure they have the consent of patients before providing virtual healthcare.

The collection notice is important to ensure the privacy rights of patients. But the notice is rather wordy to say before every virtual health encounter with your patients.

How can I ensure consent?

I've made it easier for you. I've recorded an audio file that you can download and save to your cell phone. Play the audio notice of collection at the start of each telephone or video call to properly inform the patient before the consult.

When you download the Practice Management Success Tip, Remote Working Privacy and Security Checklist, you will receive an email with a link to the audio file.

I hope that the checklist and the audio file will help you to make good business decisions and, if this is the right fit for you, help you to provide virtual health to your patients.

You can use the collection notice below to prompt the clinician to ask the individual for their name and date of birth at the outset of the call.

If you are using a video conference call, you could also consider having the patient display their photo ID to the camera.

Remember – don't use the record feature for the video conference call!

If you are using a video conferencing, patient portal or other third party platform, direct the patient to review the privacy policy of the provider, too.

The clinician then documents in the patient's chart that the patient's identity was verified by having the patient verbally provides their name, date of birth (and/or photo ID).

Script – Notice Of Collection

Unregulated virtual care technologies increase the risk that your personal health information may be intercepted or disclosed to third parties. These tools are being used as an extraordinary measure during the COVID-19 pandemic when regulated technology is not readily available, and the necessity to keep people from congregating or attending health facilities where they may be exposed to the COVID-19 virus is thought to outweigh the risk of personal privacy breaches on both a personal and population health basis.

By providing your information, during this teleconference or video conference call, you agree to let us collect, use, or disclose your personal health information through video or audio communications in order to provide you with care.

You will be asked to state your full name and date of birth will confirm your identity and ensure accurate record keeping.

Continuing with this telephone or video conference call indicates your consent to the collection of your personal information as authorized under the Health Information Act of Alberta.

Download The Remote Worker Privacy and Security Checklist

And get the Collection Notice audio for FREE.

The Practice Management Success Tip, Remote Worker Privacy and Security Checklist, will help you

Determine if remote working is appropriate for your employees.
Identify what clinic / business resources need to be provided to the employee remote worker.
What reasonable safeguards need to be implemented to protect the privacy, confidentiality, and security of personal (health) information.

Did you enjoy this article? If you’d like to look at similar posts, visit these links:

What Should I Do If I Think I Have COVID-19?

Do You Know Where Your Policies and Procedures Are?

Remote Working and Virtual Care Policies Procedures PIA Templates

healthcare, medical, notice of collection, pandemic, physician, remote working, risk assessment, work from home

Is Remote Working A Good Choice For Your Healthcare Practice?

Posted on March 23, 2020 by Jean Eaton in Blog

In our healthcare practices, we have policies and procedures to identify the reasonable safeguards we need to take to protect personal and health information entrusted to us. But when employees complete their roles off-site, due to personal circumstances or to ensure business continuity in unusual situations, we need to take action to ensure reasonable safeguards are in place to protect the privacy, confidentiality, and security of personal health information.

Remote Work May Be Available To Employees

Working from home is at the sole discretion of the custodian and owner of the clinic. Examples when this may be applicable include:

Business continuity – due to technical, physical, or other unusual circumstances.
Work levelling – volumes of work are distributed to another location usually for a short duration.
Illness / personal circumstances – where an employee is unable to report to work at the clinic but can continue to complete their roles off-site.

Some administrative tasks in a healthcare office – for example, incoming phone calls, appointment booking, appointment reminders, billing, and/or transcription – could be done from a home office environment. Sometimes even follow-up and consultations from the healthcare provider can be done remotely, too.

The healthcare provider or custodian is ultimately responsible to ensure the secure collection, use, and disclosure of health information.

For the purposes of this article, the ‘custodian’ may be the healthcare provider defined by the HIA, or the lead healthcare provider or owner in your practice.

In Alberta, a ‘custodian’ is defined under the Health Information Act as a health services provider who is designated in the regulations as a custodian, or who is within a class of health services providers that is designated in the regulations. HIA section 1(1)(f)(ix)

This includes:

Physicians
Pharmacists
Optometrists
Opticians
Chiropractors
Midwives
Podiatrists
Denturists
Dentists and dental hygienists
Registered nurses

Is Remote Working Good for Your Business?

As the custodian, you must decide if remote working is a good option for your business. When you decide that this is a viable option for your business, you then need to:

Determine if remote working is appropriate for your employees.
Identify what clinic / business resources need to be provided to the employee remote worker.
What reasonable safeguards need to be implemented to protect the privacy, confidentiality, and security of personal (health) information.

Likely you will continue to have both on-site and remote workers. The custodian will decide what ratio is appropriate to provide patient care and business goals on both a short term and a long term basis.

Regulations, Standards, Policy

Each healthcare business has multiple sources of sensitive information, including employee, financial, business, and health information. Custodians and owners have a responsibility under a variety of regulations, professional practice standards, and internal policies to protect the privacy, confidentiality, and security of personally identifying information (PII).

During a public health crisis, privacy laws still apply, but they are not a barrier to appropriate information sharing.

Privacy Impact Assessments

In Alberta, section 64 of the Health Information Act (HIA) requires custodians to prepare a privacy impact assessment (PIA) and submit it to the Office of the Information and Privacy Commissioner (OIPC) of Alberta prior to implementing a new administrative or technical process in a healthcare practice.

The OIPC in Alberta requests in its notice of March 19, 2020, that custodians notify the Commissioner about new administrative practices or information systems. Your submission to the OIPC should include a description of what the new program is meant to achieve and any safeguards for health information.

Standards

Your professional college may also have standards of practice and recommendations that impact your decision to implement remote working or virtual healthcare.

The Advice to the Profession series from the College of Physicians and Surgeons of Alberta (CPSA) offers guidance documents to assist you in assessing the security risks and safeguards of electronic communications, including laptops and mobile devices, to further assist you to determine appropriate safeguards.



From the College of Physicians and Surgeons of Alberta (CPSA):

COVID-19: Virtual Care

Electronic Communications & Security of Mobile Devices

Standard of Practice Telemedicine

Review Your Current Policies and Procedures

Don’t cut corners. Instead, build privacy into your decision. Create, review, and update your policies and procedures.

Use the Remote Worker Privacy and Security Checklist to help you document your decisions and expectations with eligible employees.

You may also need to consult your information technology support providers to ensure up-to-date computer and network security has been implemented.

Virtual Healthcare

Healthcare providers may consider providing virtual healthcare services to their patients. The healthcare provider may be at their usual clinic or office location and use all of their existing systems and tools to access patient records in paper or electronic medical records (EMR).

Alternatively, the healthcare provider may be working remotely, too. The same privacy, confidentiality, and security safeguards applies to their home working location.

If you are choosing to implement a new virtual healthcare solution specifically to respond to the current public health emergency, the Office of the Information and Privacy Commissioner (OIPC) of Alberta advises that

“ . . .custodian[s] need to determine what are reasonable safeguards in the circumstances and be prepared to justify their decision. Health custodians should also ensure individuals are aware of any heightened risks to privacy as a result of a new administrative practice or information system being implemented.”

Remember, you can leverage existing technology – like the telephone – to keep in touch with your patients. This likely would not be considered a new administrative or technological practice that would require a PIA. This might also be a great time to fully implement your current patient portal functionality from your EMR vendor, too.

You may decide, based on your evaluation of the potential risks and what reasonable safeguards that you can quickly implement in response to the new public health emergency, that authorizing remote working or a new videoconferencing solution is not the best choice at this time.

Select the process that ensures continuity of care to the patient, including appropriate documentation in the patient record and the protection of the PII.

Reference

Notice: PIAs During Public Health Emergency, March 19, 2020, Office of the Information and Privacy Commissioner (OIPC) of Alberta

The Practice Management Success Tip, Remote Worker Privacy and Security Checklist, will help you

Determine if remote working is appropriate for your employees.
Identify what clinic / business resources need to be provided to the employee remote worker.
What reasonable safeguards need to be implemented to protect the privacy, confidentiality, and security of personal (health) information.

Show Me The Remote Worker Privacy and Security Checklist

Did you enjoy this article? If you’d like to look at similar posts, visit these links:

What Should I Do If I Think I Have COVID-19?

Do You Know Where Your Policies and Procedures Are?

assessment, healthcare, medical, pandemic, physician, remote working, risk assessment, template, work from home

1 2 3 ›»

"I had the pleasure of working alongside Jean to develop a PIA for my Dental Office. I could not have completed this document without her. She was there to help me every step of the way. Her online course made it easy to communicate with her as well as having so many resources to use that were so helpful. Each Module had videos to watch that explained step by step what needed to be done. The PIA document is a lot of information to put together and if it's not enough information on its own, you also need to develop a policy and procedures manual. Jean has developed an amazing resource for this manual that was very user friendly and made a 300 page manual a lot more attainable than creating it on your own. I highly recommend taking Jean's PIA course and having her help throughout the process!"

- Lindsey Cave, Office Manager, Orion Dental Group