Do You Know Where Your Policies And Procedures Are?

Posted on November 15, 2021 by Jean Eaton in Blog

Do You Know Where Your Policies and Procedures Are?

This is a cautionary tale.

And it could save you a lot of embarrassment – even legal issues.

The way a healthcare provider collects, uses and discloses personal health information (PHI) is critical to an efficient healthcare practice.

It’s also required by legislation and professional college regulations and standards.

Policies and procedures must be in writing, available to employees, and monitored to ensure that they are followed. Otherwise, you face all sorts of risks, including privacy breaches and other legal problems.

Policies and procedures must be in writing, available to employees, and monitored to ensure that they are followed. #Policies Click to Tweet

Don't let this happen to you!

Everyone in a healthcare practice — including front office staff, wellness practitioners and physicians and other custodians — must be aware of and follow these policies and procedures.

These policies and procedures also become the foundation of your privacy impact assessment (PIA).

That’s why, in this Privacy Breach Nugget, we’ll review a privacy breach investigation report from Alberta's Office of the Information and Privacy Commissioner (OIPC). Whether you have a new practice, or an existing practice, we have a number of services and resources designed to help you manage your practice in a way that not only meets legal requirements, but is streamlined and efficient, and keep your information secure.

What Happened

This report started with an employee suspected of accessing health information for an unauthorized purpose.

It started with at the clinic with a conflict between the employees and the employer.

An employee (Employee A) was on leave from her position at the clinic. Her access to the electronic medical record (EMR) was suspended during her leave.

Employee A wanted to access patient information to support her dispute with management. Over two months, Employee A used Employee B’s credentials to access patient records.

This action is in contravention of the Health Information Act (HIA) sections 27 and 28.

This is where this case becomes even more convoluted and, in fact, a better case study of what not to do.

Employee Dispute

Understanding the Health Information Act

The Health Information Act (HIA) requires the custodian (the physician, in this case) to take reasonable steps to maintain administrative, technical, and physical safeguards to protect patient privacy as required by sections 60 and 63 of the HIA, and section 8 of the Health Information Regulation.

In November 2013, the clinic submitted a privacy impact assessment (PIA) to the OIPC prior to its implementation of an electronic medical record (EMR).

The PIA included written policies and procedures.

The letter to the OIPC accompanying the PIA was signed by two physicians, as well as Employee A who was the privacy officer at that time.

The physician named in the investigative report is not the current custodian at the clinic. The physician was hired in 2015 and therefore not a member of the clinic in 2013 and not involved in the initial PIA submission.

During the investigation, both employees indicated that the policies and procedures to protect patient privacy were in a binder in the clinic, but it was never used or shared with the staff.

Oaths of confidentiality may have been previously signed by the employees, but the documents could not be produced during the investigation.

Section 8 (6) of the Regulation states the ‘custodian must ensure its affiliates are aware of and adhere to all of the custodians administrative, technical, and physical safeguards in respect of health information.’

It’s common practice for clinics to require employees to sign confidentiality agreements and ensure that they receive patient privacy awareness training with regular updates.

But in this investigation, the employees said they never received privacy awareness training.

Privacy-Breach-Nugget-023-Policies-Procedure-Manual

Show Me Policy and Procedure Checklist

Access To Patient Information

The employees also stated it was common practice at this clinic for individuals to not log off of their EMR account on the computers at the reception desks. It was common practice for other employees to access an open session to quickly perform a task in the EMR.

The investigator concluded that the physician was in contravention of the HIA section 63(1) which requires custodians to establish or adopt policies and procedures that would facilitate the implementation of the Act and regulations.

These specific findings were made:

The custodian failed to ensure the clinic employees were made aware of and adhered to the safeguards put in place to protect health information in contradiction contravention of section 8(6) of the regulation.
The custodian was in contravention of section 8(6) of the regulation which requires custodians to ensure that their affiliates are aware of and adhere to all of the custodian’s administrative, technical, and physical safeguards with respect to health information. It’s important to note any collection use or disclosure of health information by an affiliate of a custodian is considered to be the collection, use, and disclosure by the custodian.
The custodian failed to ensure the employee and the other clinic staff adhered to technical safeguards as required by section 60 of the HIA and section 8(6) of the regulations.

Privacy Breach Nuggets You Need to Know

Privacy breaches are in the news every day. The more you know how breaches can affect you allows you to be more proactive to prevent privacy breach pain.

Get Your Privacy Documents In Order

To protect yourself and your practice from patient privacy breaches (and massive fines, see the conclusion to this article), follow these steps.

Find your policies and procedures and review them with all staff and custodians. Make sure you document that this has been done.
Review and update your privacy awareness training and ensure all staff, including custodians, have completed this recently. Make sure you have this documented, including certificates of attendance if available.
Oath of confidentiality documents should be signed by all of all clinic staff and custodians and maintained in a secure location.
Review your privacy impact assessment and ensure all of your current custodians have read this and understand it. Visit this post for more information to help you determine if you need a PIA amendment.

Monitor

This incident occurred in 2016. The OIPC office did not recommend any additional sanctions against the clinic, physicians, or employees.

To get templates of policies and procedures for your healthcare practice, be sure to sign up for the Practice Management Success Membership

New Amendments To The HIA

This case might have turned out differently today.

New amendments, as of 2018, provide a provision for fines under the HIA ranging from $2,000 to $200,000.

The public — and our patients — expect and trust us to make sure that their personal health information is kept secure and confidential.

It’s our responsibility to make sure we have these administrative, technical, and physical safeguards in place and are maintained in a consistent fashion.

When you've done the hard work to implement your patient privacy policies and procedures and your privacy impact assessment, make sure you continue your journey and keep these documents up-to-date and current. To help you, sign up for the Practice Management Success Membership.

There are many patient privacy breaches in the news each day, and you never know when it could happen to you.

The more you know about the breaches and how they can affect you allows you to be more proactive to prevent privacy breach pain. If you need to prepare your privacy breach management plan, start your on-line training 4-Step Response Plan right away!

If you need templates of policies and procedures for your healthcare practice, be sure to sign up for the Practice Management Success Membership. These tips, tools, templates, and training will help you save time and money to develop and maintain policies and procedures in your healthcare practice.

When we know better, we can do better…

I’ve helped hundreds of healthcare practices prevent privacy breach pain like this. If you would like to discuss how I can help your practice, just send me an email. I am here to help you protect your practice.

PRIVACY BREACH NUGGETS are provided to help you add a ‘nugget' to your privacy education program. Share these with your staff and patients as a newsletter, poster, or staff meeting.

Jean L. Eaton, Your Practical Privacy Coach

Click Here To Register for the FREE Training Video "Can You Spot the Privacy Breach?"

Did you enjoy this article? If you’d like to look at similar posts, visit these links:

Why Do You Need Health Information Policies and Procedures?

Healthcare Policies And Procedures: Essential in EVERY Practice

New! Health Information Policy and Procedure Manuals

When Do You Need a PIA Amendment?

When is a Privacy Breach a Privacy Breach?

References and Resources

Alberta Office of the Information and Privacy Commissioner. Investigation Report H2019-IR-01 Investigation into alleged unauthorized accesses and disclosures of health information at Consort and District Medical Society Clinic. May 21, 2019. https://www.oipc.ab.ca/media/996888/H2019-IR-01.pdf

Alberta, clinic, custodian, health, Health Information Act, healthcare, HIA, medical, Patient privacy, physicians, Policies and procedures, Prevent privacy breaches, privacy, privacy breach, Privacy Impact Assessment, reasonable safeguards, templates

How To Make A Profit In Your Healthcare Business

Posted on September 13, 2021 by Jean Eaton in Blog

How To Make A Profit In Your Healthcare Business

Healthcare providers learn their skills at medical school, but don’t learn how to make their business profitable. One of the best ways you can serve your customers better is by having a more profitable business.

However, healthcare practitioners face unique pitfalls and business challenges. Many health professions naturally lend themselves to self-employment but often don’t receive training on entrepreneurship and how to start a healthcare business and especially the financial side having a profitable business. This can very quickly lead to feelings of stress and overwhelm which can cause otherwise skilled healthcare providers to leave their profession.

Many healthcare providers find that their job is physically demanding and, if their health requires them to work less for a period of time, they worry that they don’t have the financial resiliency to fund a reduced work schedule.

Independent healthcare practices often have small numbers of clinic staff who are expected to fulfill many roles. Clinic managers are often tasked with bookkeeping even when they haven’t received training to help them with that.

Consequently, many healthcare providers and business owners don’t have simple systems to manage the finances of their business and are making business decisions on wishes.

My Takeaways

Tammy Hyska’s personal experiences as the financial manager of her husbands’ chiropractic business and as an accountant to healthcare businesses in Alberta helps her to break things down for non-accounting people to understand without feeling overwhelmed.

On the most recent episode of Practice Management Nuggets podcast, I interviewed Tammy Hyska. Tammy shares practical tips for all practice owners, healthcare providers, and clinic managers who have an active role in managing the billing and the finances in the healthcare practice.

Tammy understands the common problems that healthcare providers experience when they manage their own business. She knows that people don’t train to be healthcare providers to have an excuse to do bookkeeping.

Instead, Tammy provides 5 practical tips to have a healthy business without becoming an accountant.

Have a separate business bank account and a separate personal bank account
Have a spending plan
Read Profit First by Mike Michalowicz
Use an accounting software
Avoid debt

Tammy Hyska's #1 Tip to Healthcare Practices

It's not what you MAKE but what you KEEP that matters! Click to Tweet

Listen To The Podcast

5 Critical Things Healthcare Practitioners Need To Have A Profitable Business | Episode #102. Expert tips with Tammy Hyska on Practice Management Nuggets Podcast For Your Healthcare Practice.

Listen here: Practice Management Nuggets Podcast

Listen To The Podcast Here

Featured Guest: Tammy Hyska

Tammy Hyska Can Help You Enjoy A Profit In Your Healthcare Business From Day #1!

Tammy Hyska will help you avoid money stress with these tips to set up the financial side of your business the right way with a simple strategy that will teach you just enough to have financial success without the overwhelm.

Get started right away with the free 5 Critical Things Healthcare Practitioners Need To Have A Profitable Business.

Download this free guide from Tammy here:

Download the free guide from Tammy here

Financial Confidence Formula

Then, check out the Financial Confidence Formula For Healthcare Practitioners training from Tammy Hyska. This is a complete system for operating a profitable business.

This course is ideal for new business owners and existing business owners and clinic managers who haven’t yet implemented the blueprint to a highly profitable business.

When you receive support to simplify and streamline the accounting side of things in your practice, you will reduce money stress.

Tammy will cover everything you need to get it right and avoid all the unnecessary pitfalls to make a profit in business.

Tammy Hyska, CPA, CA, has been a Chartered Accountant for over 20 years. As the Financial Freedom Coach in her independent consultancy, Tammy helps entrepreneurs have more profitable businesses. Tammy has in-depth understanding of health care businesses as her husband is a health care provider and Tammy helps her husband run the financial side of his practice. Tammy is passionate about helping small business owners have a more profitable business.

#PracticeManagementNugget, dental, dental business, healthcare, healthcare business, podcast

Zoom In Healthcare Is Easy!

Posted on September 12, 2021 by Meghan in Blog

Using Zoom in Healthcare is Here to Stay

In healthcare, it is important that patients trust you before they will share their personal information, listen to you, and before they will carry out your treatment recommendations.

In telemedicine, your patients need to be able to see your face, hear your voice in order to trust you.

When you appear confident on camera during telemedicine call this will build trust with your patient and remove distractions so that your patient better listens to your advice.

This on-line training will help you become more confident using Zoom for meetings, virtual care, and telemedicine.

The Communicate & Meet With Zoom in Your Healthcare Practice course will look at the basics of both joining and hosting a meeting, as well as the difference between the free and pro plan options.

Communicate and Meet with Zoom Training in Healthcare Video Cover

Communicate and Meet Using Zoom In Your Healthcare Practice

Online training

Are you using Zoom for your Telemedicine or Virtual Care Encounters? Build trust with your patients when you confidently use Zoom to Communicate and Meet.

Ideal for physicians, dentists, chiropractic, physio, optometry – every healthcare professional who use Zoom for telehealth, virtual care, or team meetings!

25 step-by-step videos to get started quickly and be successful with Zoom
Bonus downloadable Zoom instructions for patients
Bonus training: Easily Improve Your Video Conference Presence with Lauren Sergy
Bonus: Virtual Care Workflow
Bonus: Virtual Background templates and training

New to Zoom?

If you are new to Zoom, I suggest that you follow the on-screen videos step by step.

If you are familiar with Zoom, and just need to dig a little deeper into the advanced settings or have specific questions, you can select the training that would most help you.

Note: This training is not specific to Zoom Healthcare; however, many of the features are similar between the public and the Healthcare versions of Zoom.

The Practice Management Success Tip, Communicate and Meet Using Zoom In Your Healthcare Practice, will help you

Gain your patients' trust.
Communicate confidently on-camera with your patients and your employees.
Document your new virtual workflow process.
Present yourself professionally.

Show Me Communicate and Meet Using Zoom In Your Healthcare Practice

healthcare, healthcare business, medical, physician, small business, Social Media for the Small Healthcare Practice, telehealth, telemedicine, template, videoconferencing, virtual care, zoom

How to Manage a Privacy Breach with Confidence

Posted on August 31, 2021 by Jean Eaton in Blog, Services, Training, Upcoming events/workshops

How to Manage a Privacy Breach with Confidence

The new mandatory privacy breach notification provisions to the Health Information Act (HIA) effective August 31, 2018. Are YOUR policies and procedures up to date?

Custodians will be required to notify the Office of the Information and Privacy Commissioner (OIPC) and the Minister of Health, privacy breaches with risk of harm.

If you haven’t updated your privacy breach management policy, trained your staff, and prepared your reporting procedures yet, let me help you with done-for you templates and training!

If you're a healthcare practice manager, owner or privacy officer who really needs to know how to respond to a privacy breach but doesn't have a step-by-step plan ready to implement, then here's the answer you've been looking for…

Introducing the “4 Step Response Plan” on-line education with quick and helpful content so that you will properly manage a privacy breach. This is critical to the continued success of your business.

Privacy Incidents Happen!

60% of small and medium business owners go out of business within 6 months after a privacy and security breach. Patients, clients, employees and business partners trust you to keep their private and sensitive information confidential and secure.

Mandatory privacy breach reporting is quickly becoming a legislated requirement – and many businesses are not prepared!

Not recognizing and not notifying a privacy breach quickly and properly could result in fines and even jail time for the business, healthcare provider, employee, or vendor!

Learn NOW how to manage a privacy breach – Don’t get caught scrambling when a privacy breach happens.

The biggest mistake in managing a privacy breach is not recognizing the privacy breach.

The second biggest mistake is not knowing what to do about it.

Many healthcare practice managers, owners and privacy officers can’t get past the idea that simply hoping that you won’t have a privacy breach is not a good business strategy!

But nothing could be further from the truth!

What people are saying about the ‘4 Step Response Plan’

Well it happened! We recently had a privacy breach. It was an ‘oops’ but never the less a privacy breach. I had started the 4 Step Response Plan – Prevent Privacy Breach Pain but thought I had time to go through it. Unfortunately not. Your course has been a godsend with all the information and forms that I need to work through this privacy breach and notifying process. Nancy D

Results Oriented Learning

The 4 Step Response Plan will help you with prevent privacy breach pain and give you the tips, templates, training, and tools that you can use right away to prepare your privacy breach response plan.

Learn to

Recognize a privacy breach.
Understand why a privacy breach is a significant problem.
Understand the cost of a privacy breach and why you need to be prepared now.
Use the 4 Step Response Plan to develop a privacy breach management plan.
Prevent a privacy breach from happening again.

… and much, MUCH more!

When you have a privacy breach you must recognize the breach, contain it, notify the affected individuals, and prevent it from happening again. When you have this plan you will have confidence that you have identified and managed your areas of risk and dramatically reduce the risk of a privacy breach. Your staff will recognize a privacy breach early and respond quickly. You will manage the breach with minimum of risk to your patients, clients, and your practice.

In the world of privacy breaches ‘If’ has become ‘When’. Are you be ready?

The 4 Step Response Plan includes

6 interactive lessons
60 minute training webinar
Video introduction to each lesson
Template policies and procedure including Privacy Breach Management Policy
Scenarios and examples
Downloadable resources, checklists and templates including Internal Privacy Breach Reporting Form to make it easy for you to meet your notification requirements.

BONUS – Discussion Group (not Facebook!)

Exclusive to registered participants – collaboration with others to help you solve problems and Jean will be there to answer your questions and encourage your progress.

BONUS – Open Office Q&A With Jean

Monthly incident response training using recent real-world reported privacy breaches and mentoring with live Q&A with Jean to help you overcome obstacles so that you can get your privacy breach management plan finished!

BONUS – Privacy Breach Awareness Training for YOUR Employee’s Orientation

Video (8 min) – “Can You Spot the Privacy Breach?”
Learning Resources Guide to download
Post Test
Certificates of Completion

This on-line education program may be eligible for Continuing Professional Development credits with your professional association.

Self-paced And Self-learning – All Lessons Are Available Right Away – No Waiting To Get The Content That You Need Most!

Get Started Right Now!

Not having your privacy breach management policies and procedures in place will

make it harder to respond to a privacy breach
mis-steps – opens you up to fines, sanctions, and re-work that will cost you time and money
blind-sided by mandatory privacy breach reporting requirements

So if you’re a privacy officer, practice managers, healthcare providers, or a clinic manager who needs to know how to respond to a privacy breach but doesn't have a step-by-step plan ready to implement you need to act on this right now.

When you have your privacy breach response plan in place you will have confidence that you are prepared to respond to the breach with confidence.

Get the step-by-step help to customize your policies and training and

You will save time and save money.
Your staff will recognize a privacy breach early and respond quickly.
You will respond to the breach with a minimum of risk to your patients, clients, and your practice.

Click the Button Below to Get Started Right Away!

You will be re-directed to Stripe to make your purchase by credit card or debit.
Your receipt will indicate payment has been made to Information Managers Ltd.
Your confirmation and receipt will be provided to the email address that you complete your registration.
Use your best email address – you don't want to miss access to all the resources!

What people are saying about the ‘4 Step Response Plan’

Jean L. Eaton Your Practical Privacy Coach

Jean L. Eaton, BA. Admin (Healthcare) CHIM, CC is constructively obsessive about privacy, confidentiality, and security when it comes to the handling of personal information, particularly in primary health care settings.

Jean provides solutions that are practical and effective for today’s healthcare providers so they can implement privacy by design and best practices to protect privacy, confidentiality, security of personal information.

Jean specializes in making practical recommendations for 1000’s of independent health care providers and comply with privacy legislation while improving efficiency in their practice management. Jean is a consultant and speaker on the topic of privacy breach management, including ‘virtual privacy officer’ on demand.

She is the privacy awareness training facilitator to hundreds of medical clinics and healthcare practices and organizations that support independent healthcare businesses and privacy officers across Canada and the US. With over twenty years of experience, I have the knowledge and tools to help your business improve your information privacy practices.

I’m delighted to share this with you now in this course.

So go ahead, click the order button right now and you're well on your way to privacy breach management plan success!

Here Is My Personal Guarantee

Email Jean with your questions.

Jean L. Eaton is the host of the Privacy, Confidentiality and Security Workshops for Your Healthcare Practice © series.

4 Step Response Plan, incident response, online education, prevent privacy breach pain, privacy breach, privacy officer training, training

Healthcare Privacy Breach Training

Posted on August 11, 2021 by Jean Eaton in Blog

Learn From Someone Else's Privacy Breach!

Using privacy breach examples from other healthcare practices makes realistic privacy breach training content to prevent them from happening in your clinic!

The cost of a data breach continues to rise, and healthcare is the costliest industry, according to IBM’s Cost of Data Breach Report 2021.

This report indicates that the average cost of a data breach including personally identifying information (PII) is

$180 per record containing PII
Assuming that a family practice physician has a panel size of 2,000 patients, the cost of a privacy breach could be $180 x 2,000 = $360,000
If you work in a group practice with 4 physicians and all of your patient records were included in the privacy breach, this could cost your practice up to $1.4 M

Privacy breach notification requirements are changing, and so are the fines if your practice is in violation of privacy legislation in Canada like the Alberta Health Information Act (HIA) and the Ontario Personal Health Information Protection Act (PHIPA).

In this free 60-minute workshop, Jean will share recent privacy breach examples in healthcare and discuss how to prevent them from happening in your clinic.

Who Should Attend the Privacy Breach Training?

Everyone in your medical, dental, chiropractic, podiatry, practice should attend this workshop. This is a great orientation for new employees and a timely refresher for everyone else.

I believe that practical privacy breach training is a reasonable safeguard to protect patient information and the reputation of the healthcare providers and the clinic.

Make this a lunch and learn event!

Confidently Respond to a Privacy Breach…You'll Sleep Better at Night!

Privacy incidents happen!

60% of small and medium business owners go out of business within 6 months after a privacy and security breach.

Patients, clients, employees and business partners trust you to keep their private and sensitive information confidential and secure.

Not recognizing and not notifying a privacy breach quickly and properly could result in fines and even jail time for the business, healthcare provider, employee, or vendor!

The Biggest Mistake In Managing A Privacy Breach

The biggest mistake in managing a privacy breach is not recognizing the privacy breach.

biggest mistake privacy breach training head in sand

Your Practical Privacy Coach has prepared this FREE 60-minute workshop with recent privacy breach examples to help you spot a privacy breach in your healthcare practice!

Use these privacy breach examples to

improve your privacy management program and prevent similar incidents
prepare your privacy incident response plan so that you can quickly spot and stop a similar privacy breach in your practice
reduce privacy breach costs, harm to patients, loss of reputation
train your team and privacy officer

Join us on Thursday, August 19th, 2021

12 Noon MT

Learn From Someone Else’s Privacy Breach Workshop

Register for Your FREE LIVE Workshop

In the world of privacy breaches ‘If' has become ‘When'. Will you be ready?

If you want to confidently and properly manage a privacy breach, start by attending this workshop. If you need to create or update your privacy breach incident response plan, check out the 4 Step Response Plan on-demand training, too.

This Workshop Includes:

Live webinar
Q&A with Jean L. Eaton, Your Practical Privacy Coach when you join the webinar live
Access to the replay for a limited time
PDF cheat sheets
BONUS – Privacy Breach Awareness Training for YOUR employee's orientation. Includes Video – “Can You Spot the Privacy Breach?”, Learning Guide, Post Test, and Certificates of Completion

This webinar may be eligible for Continuing Professional Development credits with your professional association.

Jean L. Eaton, BA Admin (Healthcare), CHIM, CC is constructively obsessive about privacy, confidentiality, and security when it comes to the handling of personal information, particularly in primary health care settings.

Jean provides solutions that are practical and effective for today’s healthcare providers so they can implement privacy by design and best practices to protect privacy, confidentiality, security of personal information.

So go ahead, register right now before it is too late!

Health Information Act, prevent a privacy breach, privacy breach, respond to a privacy breach

Sharing Your Vaccine Status – Privacy Tips

Posted on July 19, 2021 by Meghan in Blog

Sharing Your Vaccine Status – Risks and Benefits

For the safety of yourself and others, schools, employers, or event organizers may ask you for proof of vaccination against the COVID-19 virus. It is your right to decide if you share your personal information with others.

Your personal health information can be misused to access services, apply for credit cards using your name, or other fraudulent purposes.

Throughout the pandemic, each of us have had to make decisions about our health safety and the risks and benefits of our actions. You can apply a similar risk and benefit approach to decide if, when and how you share your vaccine status.

Why Share?

Consider the purpose of providing your vaccine status.

Are you giving this information to a physician or nurse for your health care?

Before attending a concert or football game?

Is it a pre-requisite before you can attend school or a sports program?

You may also need to consider the benefit of sharing your vaccine status. If you want to travel out of country, a vaccine passport may be required for international travel purposes.

Protect your gold – your personally identifiable information.

If you decide to share your vaccine status:

provide the least amount of information needed.
know and trust the person (or the app) that you are sharing your information with. Remember, read the privacy policy!
understand how your information will be used.

Don't Overshare

Sometimes, answering the question ‘Is your vaccine up-to-date?’ is good enough. You don't always need to share your date of birth, family physician, and health care number, too.

You may be asked to show your proof of vaccine status, but don’t allow the casual requester to make a copy of the vaccination report. (There are some exceptions. Sometimes, you may need to share the information with your healthcare provider or a government official).

Instead, the requester can make a simple notation on their records that you were asked about your vaccine status, and you showed an appropriate proof of vaccination. (See the blog post How To Correctly Identify Patients And Use Photo ID for tips on how to implement this practice in your business).

If You Are Collecting Vaccine Status

If you are a business owner who is collecting personal information like a vaccine status, remember that you must follow the appropriate privacy legislation. In Alberta, private businesses must follow Personal Information Privacy Act (PIPA) legislation.

See the advice document from the Alberta Office of the Information and Privacy Commissioner (OIPC) regarding the reasonable purpose to collect personal information and your responsibilities to keep the information secure.

How Do You Get Your Vaccine Report?

Most often, you will receive a paper confirmation from the healthcare provider at the time that you receive your first and second vaccine dose. In Alberta, you can also download your vaccine record from MyHealth Record, the Personal Health Record for Albertans to access some of their health information, such as lab results, medications, and immunizations drawn from Alberta Netcare.

I shared a short video here to show you how you can register for your own personal account. Some other provinces have a similar provincial electronic health record that individuals can access their own health information.

Keep It Safe

You will probably need to refer to your vaccine status often over the next few years. Keep this information safe and easy to retrieve.

Take reasonable steps to protect your information so that other people can't easily view or take your information without your permission. Will you keep your information in:

paper format?
your wallet or purse?
as a photo on your phone?
- If so, also consider how you will share the photo. If you give your phone to someone to hold and view the photo of your vaccine status or passport, they may also use the access to your phone for other purposes.
upload your vaccine status to a digital app?

Evaluate the Risks and Benefits

Remember to ask yourself why you need to share the information and evaluate the risks and the benefits. It's your information, and you get to decide if, when, and how to share your vaccine status. Take the time that you need to ask the right questions and make an informed choice.

After you share your information, it’s too late to take it back.

Instead, be prepared to respond to a request for your vaccine status with these privacy tips to protect your personal health information.

COVID-19, digital vaccine passport, personal health information, privacy, proof of vaccination, vaccine status

Release Of Information In Your Healthcare Practice

Posted on July 13, 2021 by Meghan in Blog

Release Of Information In Your Healthcare Practice

Individuals have the right to access information about themselves and to request that their information be shared to others. We have a duty to assist individuals when they make these requests. Custodians have an obligation to receive and process these release of information requests promptly, consistently and correctly.

How we respond to patients request about their personal information is a key opportunity to further develop a relationship with our patients and their family.

Access and disclosure processes are regulated requirements that we must understand and follow.

Release of Information Workshop

In this 45-minute workshop, we will review:

Health privacy legislation as it relates to consent to collect personal information
Procedures for access and disclosure requests
Release of Information models, including centralized and decentralized models
Release of Information tools, including disclosure logs and EMR indexing
What is valid consent?
What are disclosure notations?

We will also go over common Release of Information scenarios that you will likely encounter in your healthcare practice, including:

Patient requests a copy of their own information
Parent requests a copy of their young child’s information
Patient requests a copy of their information to be sent to another physician / healthcare provider
Patient requests a copy of their information to be sent to someone else

Join us on Thursday, July 22

12:00pm Noon Mountain

Release of Information For Your Healthcare Practice

Register for Your FREE LIVE* Workshop

*Even if you can't attend live, register now to get access to the limited time replay and resources!

Yes! I want to attend the workshop

Learning Objectives:

Understand the difference between access and disclosure requests
Describe the difference between access and disclosure requests
Explain the routine steps to process an access request
Explain the routine steps to process a disclosure request

This Workshop Includes:

Live on-line training
Q&A with Jean Eaton, Your Practical Privacy Coach when you join the webinar live
Access to the replay for a limited time
Learning Resources Guide

What's in the Learning Resources Guide?

Collection notices
Access request / consent
Authorization to request information from another physician
Access checklist
Disclosure checklist

Yes! I want to attend the workshop

Who Should Attend?

If you collect health information from your patients you need consistent, efficient, procedures to provide patients access to their own information and disclose it to other people with the patients’ consent.

If you are a release of information clerk, medical office assistant, receptionist, clinic manager, or privacy officer in a community based healthcare practices – medical, dental, pharmacy, optician, chiropractic, physiotherapy, counselling – then you should register for this free live workshop!

When we know better, we can do better…

Jean Eaton is constructively obsessive about privacy, confidentiality, and security especially when it comes to the handling of personal health information. If you would like to discuss how I can help your practice, just send me an email. I am here to help you.

Jean L. Eaton
Your Practical Privacy Coach
INFORMATION MANAGERS

disclosure requests, healthcare, patient access requests, patient release of information, privacy officer, release of information

Mental Health Awareness and COVID-19 Workplace Strategies

Posted on July 12, 2021 by Meghan in Blog

We may have mastered the physical side of working remotely but what about the emotional side?

A year ago, Canadians were three months into the pandemic. We were through the initial shock of shutdowns and closures, but most of us were still trying to find our groove in navigating the “new normal”. For millions of working Canadians, this included a sudden and drastic transition to working from home or another remote location, physically isolated from coworkers.

While employees were sorting out logistics and the practical side of things, employers were scrambling to find innovative ways to bring employees together virtually, create a sense of camaraderie and keep morale (and productivity) high. Despite best efforts on both sides of the equation, there was an immediate impact on the mental health and well-being of millions of workers. Surely these would only be temporary challenges and set-backs.

With more than a year behind us working under these conditions, it might be natural to assume that employees have come a long way since we started down this path. In some respects, we have. After all, we have learned to adjust and “make do” with our displaced and reconfigured work environments and schedules. We’ve got the physical side of working from home sorted out, even if it’s not perfect.

Thanks to technology, we can connect to our work world from remote places better than ever. Stress and anxiety levels must be lower because it’s certainly not as tough as it was in the beginning.

Or is it?

Be Mindful of Your Own Well-Being

As we plan our new workplace and home environments, Corridor Interactive provides an on-line free resource, Mental Health Awareness & COVID-19 Workplace Strategies to help you.

While working from home has its advantages, and for many may be the preferred way to work in the post-pandemic world, we need to be mindful of aspects that can impact our mental health.

Corridor’s free Mental Health Awareness & COVID-19: Workplace Strategies course includes a module with insights and tips for supporting your mental health while working from home.

If you’re not in the habit of taking time out for yourself in the midst of juggling work and home responsibilities, make this the day you start to carve time out of your workday for your own mental health and well-being.

Read the full article from Corridor Interactive: COVID’s Mental Health Toll in the Workplace 56% of Canadians Stressed & Anxious

Read the article here

Re-printed with permission from Corridor Interactive

Corridor Interactive, COVID-19, mental health, mental health in the workplace, online training, pandemic, remote working, work from home

How To Build a Legal Foundation For Your Healthcare Practice

Posted on July 5, 2021 by Meghan in Blog

How To Build a Legal Foundation For Your Healthcare Practice

Many healthcare providers are excited to open their first independent practice but have many questions about how to build a legal foundation for their practice.

Corrine Boudreau of Online Legal Essentials can help you!

On the most recent episode of Practice Management Nuggets podcast, I interviewed Corinne Boudreau of Online Legal Essentials. Corinne has developed guided legal templates for Canadians doing business online.

Corinne has a knack for making things practical and easy to implement. Being a lawyer since 2002 has given her perspective and experience to boil things down to the essentials.

Corinne’s advice is that the essential business documents you need for a new healthcare practice are based on relationships. Relationships are triggers for business documents to help improve communication and set expectations – get it in writing!

For example:

Relationships with patients or clients

Terms of service and payments documents

Relationships with employees, contractors, associates

Hiring documents

Relationships with other healthcare providers in a group practice

Fee splitting and payment options
Cost sharing agreements

Relationships with landlords

Commercial lease agreements

Relationships with the public

Privacy policies including on your website
Copyright notices when you create and distribute your unique content

Your Big (or Small) Online Presence

Every practice needs an online presence of some kind. Maybe your brick-and-mortar local clinic only needs a simple business card presence to attract new patients and let them know how to find you. Or maybe you will offer virtual visits, online memberships or courses, or online sales of physical products. It is important to project yourself as a business owner by having a professional presence on your website – this includes having a privacy policy, copyright notice, disclaimers, and terms of use statement.

Should You Incorporate?

In the podcast, Corrine discusses corporate structure options for healthcare practices – including the difference between an incorporated business, partnership, or corporation business entities vs professional corporation when you are a member of regulated health profession.

Listen To The Podcast

What Should Healthcare Practices Know About The Legal Foundation For Their Business? | Episode #101.

Expert tips with Corinne Boudreau of Online Legal Essentials. Practice Management Nuggets For Your Healthcare Practice.

Listen To The Podcast Here

Templates Make It Easy!

You know that I love templates – and tips, tools, and training to make it easy!

Corinne delivers guided customizable templates to help you set up your business, operate your brick-and-mortar local business, or your online business!

Get started right away with the free Ultimate Checklist for Running a Business Online in Canada.

Download the free guide from Corinne here

#PracticeManagementNugget, dental, dental business, healthcare, healthcare business, legal, legal foundation, legal templates, podcast

Do Your Patients Know Your Office Holiday Hours?

Posted on June 21, 2021 by Jean Eaton in Blog

Holiday hours templates are great opportunities to easily create social media content for your healthcare practice–let your patients know about changes to your office holiday hours.

The Easy Way to Add Content to Your Social Media

One of the most frequent question that every office receives is – what are your office hours?

It makes sense to share this information in an automated way. This saves time in the telephone queue and makes everyone's day a little smoother. Add the information to your telephone answering system messages, website, posters in your clinic, and in your social media channels.

Common social media channels include Facebook, Twitter, and Instagram.

When the content appears in your social media channel, your patients will expect regular updates from you around each holiday and will return to your social media channel again and again over the year.

Let your patients know about changes to your office holiday hours!

Encourage your patients to visit your social media over and over again!
Easy for you to add content that your patients want to see.
No new technology for you to learn – copy and paste!

There is a simple way to create this content.

Follow these steps:

1. Select Your Images

You can use any related image and size it to print and display in your clinic or your social media channel.

2. Add Your Logo

You could use an image without adding your branding. But, for more impact, I recommend that you take just a few minutes and use a photo editing software to add your clinic name and logo to the image. You want the reader to know which clinic the image is about! This is also a good way to continue branding for your clinic.

There are many free and easy photo editing software systems. I like to use Canva.

Once your images are edited, download them to your computer network system.

3. Prepare Your Social Media Content

Working with your authorized social media manager, confirm your holiday hours and related messages.

Use this sample message that you will type into the new social media post.

Happy Canada Day from all of us at ABC Clinic! Please note we will be closed Thursday July xx to Monday July xx.

We will be back to regular office hours on Monday. For our latest hours of operation, please visit our website [insert website address].

4. Save Your Files

Keep a copy of your images and your social media messages for use next year.

You might store the images and your notes on a shared folder on your computer network. For example,

Social Media >> Holiday Announcements >> Month Holiday

5. Publish Your Holiday Announcements

Add your images and the messages to your website and social media channels.

You can even use the image and print as a poster to display in your practice.

Add text comment to your post. Asking a question encourages comments and engagement. For example, Summer is here! What is your favourite summer holiday tradition?

Bonus Tip!

Create more engagement with your patients and clients when you invite your staff to contribute their favourite summer holiday tradition to your social media post.

Or, create a ‘bulletin board' with your holiday hours announcement and add the quotes from your staff about their holiday traditions or their favourite picnic recipe.

Let Me Make This Easier For You!

I've found images that you can use for your office holiday hours messages.

Download the FREE Holiday Hour Templates

and receive 10 images that you can use all year long!

template

Get the Free Statutory Holidays Images Templates

Would you like more tips like this?

Members of Practice Management Success Membership enjoy access to Tips, tools, templates and training to help you start, grow, fix, or maintain your healthcare practice!

Membership is open to all healthcare practices of any size – physicians, optometrists, audiologists, dentists, chiropractors, physiotherapists, nurse practitioners, and more!

Member access to online resources when you need it along with networking and support from other clinic managers, practice managers, and healthcare providers in independent community practices – just like you!

Learn More About Practice Management Success

clinic management, facebook, healthcare, holiday hours template, medical, practice management, social media images