Sharing Your Vaccine Status – Privacy Tips

Posted on July 19, 2021 by Meghan in Blog No Comments

Sharing Your Vaccine Status – Risks and Benefits

For the safety of yourself and others, schools, employers, or event organizers may ask you for proof of vaccination against the COVID-19 virus. It is your right to decide if you share your personal information with others.

Your personal health information can be misused to access services, apply for credit cards using your name, or other fraudulent purposes.

Throughout the pandemic, each of us have had to make decisions about our health safety and the risks and benefits of our actions. You can apply a similar risk and benefit approach to decide if, when and how you share your vaccine status.

Why Share?

Consider the purpose of providing your vaccine status.

Are you giving this information to a physician or nurse for your health care?

Before attending a concert or football game?

Is it a pre-requisite before you can attend school or a sports program?

Protect your gold – your personally identifiable information.

If you decide to share your vaccine status:

provide the least amount of information needed.
know and trust the person (or the app) that you are sharing your information with. Remember, read the privacy policy!
understand how your information will be used.

Don't Overshare

Sometimes, answering the question ‘Is your vaccine up-to-date?’ is good enough. You don't always need to share your date of birth, family physician, and health care number, too.

You may be asked to show your proof of vaccine status, but don’t allow the casual requester to make a copy of the vaccination report. (There are some exceptions. Sometimes, you may need to share the information with your healthcare provider or a government official).

Instead, the requester can make a simple notation on their records that you were asked about your vaccine status, and you showed an appropriate proof of vaccination. (See the blog post How To Correctly Identify Patients And Use Photo ID for tips on how to implement this practice in your business).

If You Are Collecting Vaccine Status

If you are a business owner who is collecting personal information like a vaccine status, remember that you must follow the appropriate privacy legislation. In Alberta, private businesses must follow Personal Information Privacy Act (PIPA) legislation.

See the advice document from the Alberta Office of the Information and Privacy Commissioner (OIPC) regarding the reasonable purpose to collect personal information and your responsibilities to keep the information secure.

How Do You Get Your Vaccine Report?

Most often, you will receive a paper confirmation from the healthcare provider at the time that you receive your first and second vaccine dose. In Alberta, you can also download your vaccine record from MyHealth Record, the Personal Health Record for Albertans to access some of their health information, such as lab results, medications, and immunizations drawn from Alberta Netcare.

I shared a short video here to show you how you can register for your own personal account. Some other provinces have a similar provincial electronic health record that individuals can access their own health information.

Keep It Safe

You will probably need to refer to your vaccine status often over the next few years. Keep this information safe and easy to retrieve.

Take reasonable steps to protect your information so that other people can't easily view or take your information without your permission. Will you keep your information in:

paper format?
your wallet or purse?
as a photo on your phone?
- If so, also consider how you will share the photo. If you give your phone to someone to hold and view the photo of your vaccine status or passport, they may also use the access to your phone for other purposes.

Evaluate the Risks and Benefits

Remember to ask yourself why you need to share the information and evaluate the risks and the benefits. It's your information, and you get to decide if, when, and how to share your vaccine status. Take the time that you need to ask the right questions and make an informed choice.

After you share your information, it’s too late to take it back.

Instead, be prepared to respond to a request for your vaccine status with these privacy tips to protect your personal health information.

COVID-19, digital vaccine passport, personal health information, privacy, proof of vaccination, vaccine status

Release Of Information In Your Healthcare Practice

Posted on July 13, 2021 by Meghan in Blog No Comments

Release Of Information In Your Healthcare Practice

Individuals have the right to access information about themselves and to request that their information be shared to others. We have a duty to assist individuals when they make these requests. Custodians have an obligation to receive and process these release of information requests promptly, consistently and correctly.

How we respond to patients request about their personal information is a key opportunity to further develop a relationship with our patients and their family.

Access and disclosure processes are regulated requirements that we must understand and follow.

Release of Information Workshop

In this 45-minute workshop, we will review:

Health privacy legislation as it relates to consent to collect personal information
Procedures for access and disclosure requests
Release of Information models, including centralized and decentralized models
Release of Information tools, including disclosure logs and EMR indexing
What is valid consent?
What are disclosure notations?

We will also go over common Release of Information scenarios that you will likely encounter in your healthcare practice, including:

Patient requests a copy of their own information
Parent requests a copy of their young child’s information
Patient requests a copy of their information to be sent to another physician / healthcare provider
Patient requests a copy of their information to be sent to someone else

Join us on Thursday, July 22

12:00pm Noon Mountain

Release of Information For Your Healthcare Practice

Register for Your FREE LIVE* Workshop

*Even if you can't attend live, register now to get access to the limited time replay and resources!

Yes! I want to attend the workshop

Learning Objectives:

Understand the difference between access and disclosure requests
Describe the difference between access and disclosure requests
Explain the routine steps to process an access request
Explain the routine steps to process a disclosure request

This Workshop Includes:

Live on-line training
Q&A with Jean Eaton, Your Practical Privacy Coach when you join the webinar live
Access to the replay for a limited time
Learning Resources Guide

What's in the Learning Resources Guide?

Collection notices
Access request / consent
Authorization to request information from another physician
Access checklist
Disclosure checklist

Yes! I want to attend the workshop

Who Should Attend?

If you collect health information from your patients you need consistent, efficient, procedures to provide patients access to their own information and disclose it to other people with the patients’ consent.

If you are a release of information clerk, medical office assistant, receptionist, clinic manager, or privacy officer in a community based healthcare practices – medical, dental, pharmacy, optician, chiropractic, physiotherapy, counselling – then you should register for this free live workshop!

When we know better, we can do better…

Jean Eaton is constructively obsessive about privacy, confidentiality, and security especially when it comes to the handling of personal health information. If you would like to discuss how I can help your practice, just send me an email. I am here to help you.

Jean L. Eaton
Your Practical Privacy Coach
INFORMATION MANAGERS

disclosure requests, healthcare, patient access requests, patient release of information, privacy officer, release of information

Mental Health Awareness and COVID-19 Workplace Strategies

Posted on July 12, 2021 by Meghan in Blog No Comments

We may have mastered the physical side of working remotely but what about the emotional side?

A year ago, Canadians were three months into the pandemic. We were through the initial shock of shutdowns and closures, but most of us were still trying to find our groove in navigating the “new normal”. For millions of working Canadians, this included a sudden and drastic transition to working from home or another remote location, physically isolated from coworkers.

While employees were sorting out logistics and the practical side of things, employers were scrambling to find innovative ways to bring employees together virtually, create a sense of camaraderie and keep morale (and productivity) high. Despite best efforts on both sides of the equation, there was an immediate impact on the mental health and well-being of millions of workers. Surely these would only be temporary challenges and set-backs.

With more than a year behind us working under these conditions, it might be natural to assume that employees have come a long way since we started down this path. In some respects, we have. After all, we have learned to adjust and “make do” with our displaced and reconfigured work environments and schedules. We’ve got the physical side of working from home sorted out, even if it’s not perfect.

Thanks to technology, we can connect to our work world from remote places better than ever. Stress and anxiety levels must be lower because it’s certainly not as tough as it was in the beginning.

Or is it?

Be Mindful of Your Own Well-Being

As we plan our new workplace and home environments, Corridor Interactive provides an on-line free resource, Mental Health Awareness & COVID-19 Workplace Strategies to help you.

While working from home has its advantages, and for many may be the preferred way to work in the post-pandemic world, we need to be mindful of aspects that can impact our mental health.

Corridor’s free Mental Health Awareness & COVID-19: Workplace Strategies course includes a module with insights and tips for supporting your mental health while working from home.

If you’re not in the habit of taking time out for yourself in the midst of juggling work and home responsibilities, make this the day you start to carve time out of your workday for your own mental health and well-being.

Read the full article from Corridor Interactive: COVID’s Mental Health Toll in the Workplace 56% of Canadians Stressed & Anxious

Read the article here

Re-printed with permission from Corridor Interactive

Corridor Interactive, COVID-19, mental health, mental health in the workplace, online training, pandemic, remote working, work from home

How To Build a Legal Foundation For Your Healthcare Practice

Posted on July 5, 2021 by Meghan in Blog

How To Build a Legal Foundation For Your Healthcare Practice

Many healthcare providers are excited to open their first independent practice but have many questions about how to build a legal foundation for their practice.

Corrine Boudreau of Online Legal Essentials can help you!

On the most recent episode of Practice Management Nuggets podcast, I interviewed Corinne Boudreau of Online Legal Essentials. Corinne has developed guided legal templates for Canadians doing business online.

Corinne has a knack for making things practical and easy to implement. Being a lawyer since 2002 has given her perspective and experience to boil things down to the essentials.

Corinne’s advice is that the essential business documents you need for a new healthcare practice are based on relationships. Relationships are triggers for business documents to help improve communication and set expectations – get it in writing!

For example:

Relationships with patients or clients

Terms of service and payments documents

Relationships with employees, contractors, associates

Hiring documents

Relationships with other healthcare providers in a group practice

Fee splitting and payment options
Cost sharing agreements

Relationships with landlords

Commercial lease agreements

Relationships with the public

Privacy policies including on your website
Copyright notices when you create and distribute your unique content

Your Big (or Small) Online Presence

Every practice needs an online presence of some kind. Maybe your brick-and-mortar local clinic only needs a simple business card presence to attract new patients and let them know how to find you. Or maybe you will offer virtual visits, online memberships or courses, or online sales of physical products. It is important to project yourself as a business owner by having a professional presence on your website – this includes having a privacy policy, copyright notice, disclaimers, and terms of use statement.

Should You Incorporate?

In the podcast, Corrine discusses corporate structure options for healthcare practices – including the difference between an incorporated business, partnership, or corporation business entities vs professional corporation when you are a member of regulated health profession.

Listen To The Podcast

What Should Healthcare Practices Know About The Legal Foundation For Their Business? | Episode #101.

Expert tips with Corinne Boudreau of Online Legal Essentials. Practice Management Nuggets For Your Healthcare Practice.

Listen To The Podcast Here

Templates Make It Easy!

You know that I love templates – and tips, tools, and training to make it easy!

Corinne delivers guided customizable templates to help you set up your business, operate your brick-and-mortar local business, or your online business!

Get started right away with the free Ultimate Checklist for Running a Business Online in Canada.

Download the free guide from Corinne here

#PracticeManagementNugget, dental, dental business, healthcare, healthcare business, legal, legal foundation, legal templates, podcast

Do Your Patients Know Your Office Holiday Hours?

Posted on June 21, 2021 by Jean Eaton in Blog

Holiday hours templates are great opportunities to easily create social media content for your healthcare practice–let your patients know about changes to your office holiday hours.

The Easy Way to Add Content to Your Social Media

One of the most frequent question that every office receives is – what are your office hours?

It makes sense to share this information in an automated way. This saves time in the telephone queue and makes everyone's day a little smoother. Add the information to your telephone answering system messages, website, posters in your clinic, and in your social media channels.

Common social media channels include Facebook, Twitter, and Instagram.

When the content appears in your social media channel, your patients will expect regular updates from you around each holiday and will return to your social media channel again and again over the year.

Let your patients know about changes to your office holiday hours!

Encourage your patients to visit your social media over and over again!
Easy for you to add content that your patients want to see.
No new technology for you to learn – copy and paste!

There is a simple way to create this content.

Follow these steps:

1. Select Your Images

You can use any related image and size it to print and display in your clinic or your social media channel.

2. Add Your Logo

You could use an image without adding your branding. But, for more impact, I recommend that you take just a few minutes and use a photo editing software to add your clinic name and logo to the image. You want the reader to know which clinic the image is about! This is also a good way to continue branding for your clinic.

There are many free and easy photo editing software systems. I like to use Canva.

Once your images are edited, download them to your computer network system.

3. Prepare Your Social Media Content

Working with your authorized social media manager, confirm your holiday hours and related messages.

Use this sample message that you will type into the new social media post.

Happy Canada Day from all of us at ABC Clinic! Please note we will be closed Thursday July xx to Monday July xx.

We will be back to regular office hours on Monday. For our latest hours of operation, please visit our website [insert website address].

4. Save Your Files

Keep a copy of your images and your social media messages for use next year.

You might store the images and your notes on a shared folder on your computer network. For example,

Social Media >> Holiday Announcements >> Month Holiday

5. Publish Your Holiday Announcements

Add your images and the messages to your website and social media channels.

You can even use the image and print as a poster to display in your practice.

Add text comment to your post. Asking a question encourages comments and engagement. For example, Summer is here! What is your favourite summer holiday tradition?

Bonus Tip!

Create more engagement with your patients and clients when you invite your staff to contribute their favourite summer holiday tradition to your social media post.

Or, create a ‘bulletin board' with your holiday hours announcement and add the quotes from your staff about their holiday traditions or their favourite picnic recipe.

Let Me Make This Easier For You!

I've found images that you can use for your office holiday hours messages.

Download the FREE Holiday Hour Templates

and receive 10 images that you can use all year long!

template

Get the Free Statutory Holidays Images Templates

Would you like more tips like this?

Members of Practice Management Success Membership enjoy access to Tips, tools, templates and training to help you start, grow, fix, or maintain your healthcare practice!

Membership is open to all healthcare practices of any size – physicians, optometrists, audiologists, dentists, chiropractors, physiotherapists, nurse practitioners, and more!

Member access to online resources when you need it along with networking and support from other clinic managers, practice managers, and healthcare providers in independent community practices – just like you!

Learn More About Practice Management Success

clinic management, facebook, healthcare, holiday hours template, medical, practice management, social media images

What Does a Ransomware Attack Look Like to Patients?

Posted on June 14, 2021 by Meghan in Blog

What Does a Ransomware Attack Look Like To Patients?

One of my favourite podcasts is Help Me with HIPAA. This weekend I listened to Episode 304 Ransomware Creates a Social Media Privacy Violation Storm while I was spring-cleaning my yard.

Donna and David discuss in (almost) real time a ransomware attack that was currently occurring at the San Diego California’s main health systems, Scripps Health. The attack resulted in practically all of its technology being taken down. The EHR went down, patient portals were down, appointments had to be rescheduled, patients had to be diverted to other hospitals… even their website was down.

This podcast episode isn’t about the technology about ransomware. Donna and David walk you through the impact on patients – from the inconvenience and frustration to the disastrous consequences of not having health information available when it is most needed.

This gripping story reveals how communication failures, systems failures and a lack of information snowballed to negatively affect patients when they needed help the most.

My Takeaways From This Help Me With HIPAA Episode

Ransomware is nefarious and its impact is far-reaching.

Patient care is compromised – patient information is not accessible, and it is unknown what information can be retrieved and, if it is retrieved, if it is complete and accurate.
Privacy breach – obviously! The hackers have patient, employee and business information and have threatened to release it publicly.
BUT – employees are also continuously breaching privacy while they are responding to patient concerns on social media DURING the ransomware attack.
Employees cannot access their information to do their jobs – work schedules, payroll, portals to perform their jobs. So, alternate, unauthorized workflows are implemented to get the job done which subsequently results in more breaches.
While the press release from Scripps Health indicates that they have trained and prepared personnel, the communication from Scripps to patients, employees, and the public has been disorganized, conflicting, and continuously breaching privacy and confidentiality.

I urge you to listen to this episode (about 30 minutes).

Listen to the Help Me With HIPAA Podcast HERE!

[Start at 18:19 minutes]

What Would You Do?

How would you and your team respond to this type of privacy breach?

Share this episode with the members of your incident response plan. Then, use the scenario to conduct a table-top privacy breach fire drill using your privacy breach management plan.

These table-top privacy breach fire drills are a great demonstration of your commitment as an organization to ensure that you are protecting the privacy confidentiality and security of health information.

Now hop over and listen to the Help Me With HIPAA episode to better understand what a ransomware attack looks like to a patient.

https://helpmewithhipaa.com/privacy-questions-everywhere-ep-304/ [Start at 18:19 minutes]

Communication, healthcare, incident response plan, Patients, privacy, ransomware, ransomware attack

Positively Represent Your Healthcare Practice with a Dress Code Policy

Posted on May 20, 2021 by Meghan in Blog

Professional Appearance Positively Represents Your Healthcare Practice

Do you have a dress code policy in your healthcare practice? You might be in the front office or a healthcare provider. You might wear uniforms, lab coats, or business clothes. Regardless of your interaction with clients, customers, suppliers, contractors, or volunteers, the appearance of employees at your business supports your business image brand.

Patients and their families have reasonable expectations that their healthcare providers and employees at the clinic present themselves in a professional manner both in demeanor and appearance.

Why have a healthcare practice dress code policy?

Dress code policies, procedures and training will help to ensure a professional and consistent appearance of employees while also positively representing and supporting your business brand.

A policy provides guidance in making choices about clothing and appearance, for all staff.
The professional appearance of your staff supports the image and positive reputation of the clinic.
Use of uniforms and name badges creates a greater level of security and recognition for staff and patients.

What are some dress code guidelines?

General Guidelines:

If you do not have direct patient contact (i.e., billing clerk, consulting pharmacist, receptionist) wearing uniforms is optional. If you choose not to wear a uniform or lab coat, consider these guidelines when choosing clothes at the office:

Name Badges:

Help to identify you to our patients and clients.
Are provided by the clinic to each employee.
These are to be worn at all times.
If you are not wearing a name badge, you may be denied entry into restricted areas of the clinic.

Shoes:

Closed toes and closed heels or heel straps.
No high heels or built-up soles such that it could endanger yourself or patients.
Non-slip footwear.

Hair:

Clean and neatly groomed.
Long hair should be tied back during patient treatment or when operating machinery.

Clothing:

Clean, neat and in good repair and allows for full performance of all duties.
T-shirts and tank tops are not permitted. Polo shirts or styled cotton tops with pockets are acceptable. Discrete, non-inflammatory images and logos are permitted.
Sweatshirts are not suitable in direct patient care areas.
Tops need to be long enough and high enough to provide adequate coverage of abdomen, back and chest.
Fragrances should be avoided.
Jewelry, tattoos and body piercings must be discrete and provide no risk to the wearer or patient.

If you have direct patient contact (i.e., physicians, MOA, nursing, physiotherapist):

Clothing must meet infection control standards for the benefit of patients and to you and your family. The type of work that you do may require additional considerations.

No artificial nails are permitted.

In the interest of health and safety of our patients and our employees, no artificial fingernails are permitted. Artificial nails have been demonstrated to interfere with effective hand washing hygiene and has contributed to healthcare acquired infections.

When we know better, we do better

Download the Practice Management Success Tip, ‘Dress Code Policy'.

Discuss with your team the importance of professional attire and overall appearance.

The free Practice Management Success Tip, Dress Code Policy, will help you

Discuss with your team the importance of professional attire and overall appearance.
Review the professional work standards expected of each staff member, regardless of their role.
Guide discussions with your team, get their feedback and input, customize a procedure that you can use right away in your practice.

Show Me The Dress Code Policy

dress code, employee training, healthcare, medical, office dress code policy, policy template, Practice Management Success

Do You Want To Be A Confident Healthcare Privacy Officer?

Posted on May 11, 2021 by Meghan in Blog

What Is a Privacy Officer?

A privacy officer is a key employee in a healthcare organization who is named by the healthcare provider (custodian) and assigned the responsibility to oversee all activities related to the implementation of, and adherence to, the organization’s privacy practices, and to ensure operational procedures are in compliance with relevant privacy laws. The Privacy Officer monitors employees and systems about how information is collected, used, and disclosed and access to identifying information.

A privacy officer may be known by other titles like privacy compliance officer or a security officer.

If your healthcare business involves the collection, use, and disclosure of your clients' and patients’ personal health information, a privacy officer is necessary in order to meet legislated requirements.

If You Don't Have a Privacy Officer

Healthcare practices without a privacy officer often experience confusion about how patients’ personal health information should be collected, used, and disclosed. Patients may complain about lack of access to their personal health information. Without a named privacy officer to assume the responsibility to implement and monitor reasonable administrative, technical, and physical safeguards you are more likely to experience privacy and security incidents, privacy breaches, investigations, fines, and charges under the privacy legislation!

Here are some examples of what can happen if you don’t have a privacy officer:

In 2019, the British Columbia Office of the Information and Privacy Commissioner (OIPC) conducted a privacy audit of 22 medical clinics. OIPC auditors examined 22 clinics and found gaps in privacy management programs at several clinics, including the absence of a designated privacy officer, a lack of funding and resources for privacy and a failure to ensure that privacy practices keep up with technological advances.
A complaint was made against a medical clinic with an employee suspected of accessing health information for an unauthorized purpose. The Alberta OIPC investigated and revealed confusion around the roles and responsibilities of privacy compliance among the custodians and the privacy officer. The OIPC determined that the custodian was in contravention of the regulation which requires custodians to ensure that their affiliates are aware of and adhere to the all of the custodian’s administrative, technical, and physical safeguards with respect to health information. (See Do You Know Where Your Policies and Procedures Are?)
Employees are not aware of privacy requirements and engage in snooping into personal health information. Consequences of employee snooping include firing, charges under the Health Information Act and court ordered fines, jail time, probation, community service and more. (See Snooping Conviction Earns 3 Years Probation )

Roles and Responsibilities

So, what does a privacy officer do? The roles and responsibilities of a privacy officer in a typical healthcare practices include the following:

Identify privacy compliance issues for the business.
Ensure privacy and security policies and procedures are developed and keep them up to date.
Ensure that everyone working at your clinic and your vendors are aware of their privacy obligations.
Monitor your clinic's ongoing compliance with privacy legislation like the Health Information Act (HIA) in Alberta.
Provide advice and interpretation of related legislation for the business.
Respond to requests for access and corrections to personal information.
Ensure the security and protection of personal information in the custody or control of the business.
Act as the primary point of privacy and access contact for staff, patients, vendors, regulators and other stakeholders.

#Policies and procedures must be in writing, available to employees, and monitored to ensure that they are followed. Click to Tweet

Get the Practice Management Success Tip, Privacy Officer Job Description Template.

Who Should Be The Privacy Officer?

The custodian or the healthcare provider is, by default, the privacy officer. Alternatively, the custodian may designate a responsible affiliate for the purposes of the privacy legislation and given the title of Privacy Officer. In some practices, you may have co-privacy officers or, in practices with multiple locations, a privacy officer at each location.

In small practices, the clinic manager or practice manager is often named the privacy officer. In larger practices, an individual may be given the role and responsibilities of a privacy officer on a full-time basis.

The privacy officer should be in communication with both management and planning decision makers and the front-line staff who collect, use, disclose and provide access to personal health information (PHI).

Who Should A Privacy Officer Report To?

The privacy officer must report to the healthcare provider and custodians in the practice. They may also report to the clinic manager, business manager, or other senior management position.

In practices that are heavily dependent on computer network and medical devices technology, there may be both a privacy officer and a security officer. The security officer typically is focused on intrusion protection and detection and related technology safeguards. The privacy officer is more focused n the collection and use of disclosure of PHI.

What Should Privacy Officer Training Include?

The privacy officer role is challenging yet rewarding. Training should include privacy legislation awareness, privacy awareness, privacy management best practices, privacy breach management, risk assessment and mitigation, reasonable safeguards assessment and implementation. In addition, privacy officers may also learn how to complete a privacy impact assessment.

Training for privacy officers can include formal academic programs (U of A), sessional (CHIMA, Practical Privacy Officer Strategies), supported by professional associations (PACC), and/or self-directed learning including review of resources provided by regulators (like the OIPC) and ministry of health.

Many privacy officers in small healthcare practices have other roles – as a clinic manager, healthcare provider, computer network technician, or business owner. It is little wonder that new privacy officers can feel overwhelmed when trying to balance these responsibilities each and every day.

You may be missing the systems to monitor routine tasks that will protect privacy and alert you to potential problems before they become privacy and security incidents.

Bottom Line: If you are spinning your wheels trying to figure out how to get started, it will cost you time, money, and frustration!

Which means you never get around to implementing a robust privacy management program.

If you are a privacy officer in a healthcare practice who needs practical privacy management strategies to protect your patients and your healthcare business but can't figure out how to get started, here's the solution you've been looking for.

Introducing Practical Privacy Officer Strategies!

In this Practical Privacy Officer Strategies course, you will discover the three steps that you can do now to become a confident privacy officer, protect your patients, and your healthcare business.

Register now – and start your journey to become a confident privacy officer!

Online Course with 5 Live Training Sessions

June 3

June 8

June 10

June 14

June 17

Registration Now Open!

Learn more about the course and register HERE!

The online Privacy Officer course includes:

5 Modules each with live 1 hour on-line training with Jean (and the replays, too!)
Health information privacy principles and legislation
Introduction to the purpose of a privacy management program
Introduction to the purpose of a privacy awareness training program
Introduction to the purpose of a privacy breach management program
Roles and Responsibilities of a Privacy Officer
Healthcare privacy officer job description template

healthcare, healthcare privacy officer, HIA, privacy officer, privacy officer training, webinar

What’s New in Cybersecurity in Healthcare

Posted on May 7, 2021 by Meghan in Blog

What's New In Cybersecurity In Healthcare

What has been happening lately in cybersecurity in healthcare?

Anne Genge, CEO of Alexio Corporation is my guest on this episode of Practice Management Nuggets For Your Healthcare Practice!

Anne and Jean discuss recent privacy breach scenarios and cybersecurity trends and steps that you can take now to prevent these events to happen to you!

Virtual care, telehealth, and working from home presents opportunities – and cybersecurity risks. Digital health and digital transformation has grown rapidly in the last year. Take time now to review your practice and defend yourself from dramatic increases in cybersecurity attacks.

Anne shares expert tips on how to prevent cybersecurity attacks in your practice.

Anne Genge's #1 Tip to Healthcare Practices

Invest in a professional cyber security risk assessment for your practice. Click to Tweet

My Favorite Takeaways From The Podcast

Anne shared Top 3 Tips For an Incident Free 2021 for healthcare providers and dentists and protect your practice and your patients including these nuggets.

Secure the network
Secure the people
Disaster recovery plan

Featured Guest: Anne Genge

Anne Genge is a pioneer in protecting health data and those who use it. She is a Certified Information Privacy Professional with a specialization in dentistry. Anne also holds certifications for HIPAA, Credit Card Security, Internet, and Network Security.

Ransomware and data theft have changed the face of dentistry in the past decade meaning dentists need a new toolkit for protecting their practices.

With over 20 years of experience, Anne knows the challenges healthcare providers face with technology. She and her team at Alexio Corporation work with dental and medical professionals to minimize data risk and maximize patient care.

As healthcare grows increasingly dependent on the digital environment, cyber-security becomes increasingly more difficult. Protection of patient data is not only law, it’s imperative for business success and reputation. Anne simplifies cyber-security for dentists and other healthcare providers and gives ‘real world’ strategies to protect patient information and the practice business.

To find more, see https://getalexio.com

Email: anne@getalexio.com

Twitter @alexiocorp	LinkedIn @alexiocorporation
Instagram @alexiocorporation	Facebook @alexiocorporation

Listen To The Podcast Here

You may also be interested in:

Table-Top Privacy Breach Fire Drill

Ransomware – 6 Mistakes Made By Dentists (And Their IT!)

#PracticeManagementNugget, Alexio, Anne Genge, cybersecurity, dental, healthcare, podcast, ransomware, security risk assessment

Why Would a Dentist Want Access to the Alberta Netcare Portal?

Posted on April 27, 2021 by Meghan in Blog

Why Would A Dentist Want Access To The Alberta Netcare Portal?

As a dentist or dental hygienist, if you have concerns about a patient’s health history, you may want to have access to the Alberta Netcare Portal to view the patient's history of health concerns and current medications.

Alberta Netcare provides personal health information that is available through a province-wide electronic record system under the authority of the Health Information Act (HIA).

Whether a dentist uses paper records, electronic dental records (EDR), or electronic medical records (EMR), using the Alberta Netcare Portal will help dentists monitor their patient’s interactions with other parts of the health care system.

What is the Alberta Netcare Portal?

Alberta Netcare Portal is the secure vehicle through which patient health information from a variety of health care providers is shared and accessed electronically, by independent and hospital-based health service providers like dentists, physicians, nurses and pharmacists. The Alberta Netcare Portal is a data collection centre for registries and systems such as laboratories, diagnostic imaging facilities, hospitals and some specialized clinics. Alberta Health and Wellness is the Netcare information manager.

Dentists and Dental Hygienists Are Custodians

Dentists were designated in 2010 as authorized custodians under the Health information Act (HIA). Dentists can now request access to Alberta Netcare by showing that they meet the Netcare requirements.

Dentists who manage patients with complex medical conditions or for the provision of treatment requiring sedation or general anaesthesia may require additional information about the patients’ health history. Dentists can use Alberta Netcare Portal to view medication profiles, laboratory data and tests results.

Ensuring reasonable safeguards to protect the privacy and security of personal health information of your patients and residents of Alberta is critical! We want everyone who has access to these health data repositories to follow the same best privacy and security practices. The HIA has regulated requirements for all custodians to follow.

Everyone needs to follow the rules to play in the sandbox!

How To Get Started

Before you are granted access to Alberta Netcare Portal, you must complete the following steps.

Step 1: Create or update your Health Information Management Privacy and Security Policies and Procedures including the rules governing the access, collection, use, of health information from Alberta Netcare.

Step 2: Complete a Privacy Impact Assessment (PIA) and submit this to the Office of the Information and Privacy Commissioner for review. For more information on how to complete a PIA, click here.

Step 3: Train your team on privacy awareness. I recommend the Privacy Awareness in Health Care Training — Dental Practices.

Step 4: Contact the eHealth Netcare Support Services Team.

Step 5: Complete a Provincial Organizational Readiness Assessment (pORA). See What is a pORA.

Step 6: Sign an Informational Manager Agreement (IMA) and Review Informational Exchange Protocol (IEP) with Alberta Netcare

For more tips on implementing reasonable privacy and security safeguards for your dental practice, see https://informationmanagers.ca/privacy-impact-assessment-pia/.

You can also watch the FAQ video on this topic by clicking the button below!

Watch the FAQ Video HERE!

You May Also Be Interested In:

What is a pORA?

New Health Information Policy and Procedure Manuals

Do You Need An Expedited Netcare Privacy Impact Assessment?

Who Is Doing the Recalls In Your Dental Practice?

Privacy Awareness in Healthcare Training: Dental Practices

Privacy Impact Assessment – Consultation Options Available!

When we know better, we can do better…

Jean Eaton is constructively obsessive about privacy, confidentiality, and security especially when it comes to the handling of personal health information. If you would like to discuss how I can help your practice, just send me an email. I am here to help you.

Jean L. Eaton
Your Practical Privacy Coach
INFORMATION MANAGERS

Alberta Netcare, ANP, dental hygienist, dentist, healthcare, PIA, PIA Consultant, privacy, Privacy Impact Assessment