Information Managers
  • Home
  • Services
    • All Services
  • Templates
  • Blog
  • Contact Us
  • Practice Management Success
  • Podcasts

How to Manage a Privacy Breach with Confidence

Posted on August 31, 2021 by Jean Eaton in Blog, Services, Training, Upcoming events/workshops

How to Manage a Privacy Breach with Confidence

The new mandatory privacy breach notification provisions to the Health Information Act (HIA) effective August 31, 2018. Are YOUR policies and procedures up to date?

Custodians will be required to notify the Office of the Information and Privacy Commissioner (OIPC) and the Minister of Health, privacy breaches with risk of harm.

If you haven’t updated your privacy breach management policy, trained your staff, and prepared your reporting procedures yet, let me help you with done-for you templates and training!

If you're a healthcare practice manager, owner or privacy officer who really needs to know how to respond to a privacy breach but doesn't have a step-by-step plan ready to implement, then here's the answer you've been looking for…

Introducing the “4 Step Response Plan” on-line education with quick and helpful content so that you will properly manage a privacy breach. This is critical to the continued success of your business.

Privacy Incidents Happen!

60% of small and medium business owners go out of business within 6 months after a privacy and security breach. Patients, clients, employees and business partners trust you to keep their private and sensitive information confidential and secure.

Mandatory privacy breach reporting is quickly becoming a legislated requirement – and many businesses are not prepared!

Not recognizing and not notifying a privacy breach quickly and properly could result in fines and even jail time for the business, healthcare provider, employee, or vendor!

Learn NOW how to manage a privacy breach – Don’t get caught scrambling when a privacy breach happens.

The biggest mistake in managing a privacy breach is not recognizing the privacy breach.

The second biggest mistake is not knowing what to do about it.

Many healthcare practice managers, owners and privacy officers can’t get past the idea that simply hoping that you won’t have a privacy breach is not a good business strategy!

But nothing could be further from the truth!


What people are saying about the ‘4 Step Response Plan’

Well it happened! We recently had a privacy breach. It was an ‘oops’ but never the less a privacy breach. I had started the 4 Step Response Plan – Prevent Privacy Breach Pain but thought I had time to go through it. Unfortunately not. Your course has been a godsend with all the information and forms that I need to work through this privacy breach and notifying process.  Nancy D


Results Oriented Learning

The 4 Step Response Plan will help you with prevent privacy breach pain and give you the tips, templates, training, and tools that you can use right away to prepare your privacy breach response plan.

Learn to

  • Recognize a privacy breach.
  • Understand why a privacy breach is a significant problem.
  • Understand the cost of a privacy breach and why you need to be prepared now.
  • Use the 4 Step Response Plan to develop a privacy breach management plan.
  • Prevent a privacy breach from happening again.

… and much, MUCH more!

When you have a privacy breach you must recognize the breach, contain it, notify the affected individuals, and prevent it from happening again. When you have this plan you will have confidence that you have identified and managed your areas of risk and dramatically reduce the risk of a privacy breach. Your staff will recognize a privacy breach early and respond quickly. You will manage the breach with minimum of risk to your patients, clients, and your practice.

In the world of privacy breaches ‘If’ has become ‘When’. Are you be ready?

4 Step Response Plan

 

The 4 Step Response Plan includes

  • 6 interactive lessons
  • 60 minute training webinar
  • Video introduction to each lesson
  • Template policies and procedure including Privacy Breach Management Policy
  • Scenarios and examples
  • Downloadable resources, checklists and templates including Internal Privacy Breach Reporting Form to make it easy for you to meet your notification requirements.

 

BONUS – Discussion Group (not Facebook!)

Exclusive to registered participants – collaboration with others to help you solve problems and Jean will be there to answer your questions and encourage your progress.

 

BONUS – Open Office Q&A With Jean 

Monthly incident response training using recent real-world reported privacy breaches and mentoring with live Q&A with Jean to help you overcome obstacles so that you can get your privacy breach management plan finished!

 

BONUS – Privacy Breach Awareness Training for YOUR Employee’s Orientation

  • Video (8 min) – “Can You Spot the Privacy Breach?”
  • Learning Resources Guide to download
  • Post Test
  • Certificates of Completion

This on-line education program may be eligible for Continuing Professional Development credits with your professional association.

 

Self-paced And Self-learning – All Lessons Are Available Right Away – No Waiting To Get The Content That You Need Most! 

Privacy Breach 4 Step Response Plan Purchase

Get Started Right Now!

Not having your privacy breach management policies and procedures in place will

  • make it harder to respond to a privacy breach
  • mis-steps – opens you up to fines, sanctions, and re-work that will cost you time and money
  • blind-sided by mandatory privacy breach reporting requirements

So if you’re a privacy officer, practice managers, healthcare providers, or a clinic manager who needs to know how to respond to a privacy breach but doesn't have a step-by-step plan ready to implement you need to act on this right now.

When you have your privacy breach response plan in place you will have confidence that you are prepared to respond to the breach with confidence.

Get the step-by-step help to customize your policies and training and

  • You will save time and save money.
  • Your staff will recognize a privacy breach early and respond quickly.
  • You will respond to the breach with a minimum of risk to your patients, clients, and your practice.

 

Click the Button Below to Get Started Right Away!

Purchase 4 Step Response Plan

  • You will be re-directed to Stripe to make your purchase by credit card or debit.
  • Your receipt will indicate payment has been made to Information Managers Ltd.
  • Your confirmation and receipt will be provided to the email address that you complete your registration.
  • Use your best email address – you don't want to miss access to all the resources!

 

 

What people are saying about the ‘4 Step Response Plan’


Jean L. Eaton Your Practical Privacy Coach

 

Jean L. Eaton, BA. Admin (Healthcare) CHIM, CC is constructively obsessive about privacy, confidentiality, and security when it comes to the handling of personal information, particularly in primary health care settings.

Jean provides solutions that are practical and effective for today’s healthcare providers so they can implement privacy by design and best practices to protect privacy, confidentiality, security of personal information.

Jean specializes in making practical recommendations for 1000’s of independent health care providers and comply with privacy legislation while improving efficiency in their practice management. Jean is a consultant and speaker on the topic of privacy breach management, including ‘virtual privacy officer’ on demand.

She is the privacy awareness training facilitator to hundreds of medical clinics and healthcare practices and organizations that support independent healthcare businesses and privacy officers across Canada and the US. With over twenty years of experience, I have the knowledge and tools to help your business improve your information privacy practices.

I’m delighted to share this with you now in this course.

So go ahead, click the order button right now and you're well on your way to privacy breach management plan success!

 

Here Is My Personal Guarantee

 

Email Jean with your questions.

 

Jean L. Eaton is the host of the Privacy, Confidentiality and Security Workshops for Your Healthcare Practice © series.

4 Step Response Plan, incident response, online education, prevent privacy breach pain, privacy breach, privacy officer training, training

Pharmacist Convicted and Fined Under the HIA

Posted on February 1, 2021 by Meghan in Blog

Pharmacist Convicted and Fined Under the HIA

What Happened

An Edmonton pharmacist was in a vehicle accident. The pharmacist subsequently accessed and used the health information of the individual involved in the accident in an attempt to persuade the individual from submitting an insurance claim for the vehicle accident.

The individual submitted a complaint to OIPC in April 2018 and an investigation was launched.

Penalties

The pharmacist appeared in court on Friday January 15, 2021. He was convicted of an offence under the Health Information Act (HIA). He was ordered to pay a $5,000 fine, plus a $1,000 victim fine surcharge for using health information in contravention of the HIA.

This Could Happen To You

Are you prepared? If you have a privacy breach like this in your practice, be prepared to implement the 4 Step Response Plan.

pharmacist convicted fined

Understanding the Health Information Act

It is an offence under HIA to knowingly use health information in contravention of the act (section 107(2)(a)).

What Happens When A Privacy Breach Is Reported To The OIPC

When a privacy breach is reported to the OIPC, the OIPC will review the report and consider the custodian’s determination if a reasonable risk to the patient(s) was present. The OIPC will review the report and consider:

  • agree (or not) with the determination of risk of harm
  • was the patient notified appropriately
  • is there an offence under the HIA
  • is an investigation warranted?

If an investigation is indicated, the OIPC will conduct the investigation and report their findings to the Crown prosecutors at Alberta Justice. The Crown will determine if it continues to press charges under the HIA.

Privacy Breaches – What You Need to Know

1. Provide privacy awareness training for each employee and healthcare provider at orientation and regularly throughout the employment.

2. Collect the employee’s oath of confidentiality, including an acknowledgement that the employee understands the principles of only accessing and using the health information necessary to perform their job.

3. Monitor your users’ access to health information to quickly identify when a suspicious privacy incident occurs. The sooner you identify a privacy breach, the sooner you can limit the risk.

4. Implement your sanction policy when needed. Your sanctions policy clearly identifies the sanctions when an employee or healthcare provider is liable of an offence under the HIA.

5. Report a privacy breach to your custodians and healthcare providers, the Office of the Information and Privacy Commissioner, and the Minister of Alberta Health and the individuals affected by the breach.

 

4 Step Response Plan

The more you know about how breaches can affect you allows you to be more proactive to prevent privacy breach pain and protect the privacy, confidentiality, and security of your patients’ information.

This is one of the many training sessions available in the e-course 4 Step Response Plan – Prevent Privacy Breach Pain

In the e-course, I mentor you and provide you with tips, tools, templates and training to help you complete your Privacy Breach Management Plan and respond to a privacy breach with confidence.

Find out more and register for the course using the button below!

Click Here To Register for the 4 Step Response Plan online course

References

AB OIPC, (https://www.oipc.ab.ca/news-and-events/news-releases/2021/pharmacist-fined-for-breaching-health-information.aspx), January  2021.

Edmonton Journal https://edmontonjournal.com/news/local-news/edmonton-pharmacist-fined-after-post-collision-snooping-of-health-info-threatening-other-driver-privacy-commissioner)  January 2021

Did you enjoy this article? If you’d like to look at similar posts, visit these links:

Not sure what is considered a privacy breach? See When is a Privacy Breach a Privacy Breach?

 

Do you have a privacy breach awareness program in place in your healthcare practice?

Spotting a privacy breach is the first step to stopping a privacy breach.

You Can Use This Privacy Breach Example to Review and Improve Your Practice.

Jean EatonWhen we know better, we can do better…

I’ve helped hundreds of healthcare practices prevent privacy breach pain like this. If you would like to discuss how I can help your practice, just send me an email. I am here to help you protect your practice.

PRIVACY BREACH NUGGETS are provided to help you add a ‘nugget' to your privacy education program. Share these with your staff and patients as a newsletter, poster, or staff meeting.

Jean L. Eaton, Your Practical Privacy Coach

4 Step Response Plan, Alberta, clinic, conviction, health, Health Information Act, healthcare, HIA, incident response, pharmacist, privacy breach

Search the site

What is the elephant in the room?

The Elephant in the Room Find out here...

Privacy Policy

“This was my first ever time I had to work on a PIA and I was a little nervous about doing it efficiently - but you really made it as simple and straight forward as possible. Thank you for being available for my questions when I had them. I would easily recommend Privacy Impact Assessments to Protect Your Practice course for anyone to do their own PIA's! Thank you so much!”

- Karen Sarabura, Clinic Manager and Privacy Officer, CGA Medical Imaging, Alberta

Register for Free On-line Privacy Breach Awareness Training!

Privacy Policy

Copyright 2022 Information Managers Ltd.

1 shares
Manage Cookie Consent
To provide the best experiences, we use technologies like cookies to store and/or access device information. Consenting to these technologies will allow us to process data such as browsing behavior or unique IDs on this site. Not consenting or withdrawing consent, may adversely affect certain features and functions.
Functional Always active
The technical storage or access is strictly necessary for the legitimate purpose of enabling the use of a specific service explicitly requested by the subscriber or user, or for the sole purpose of carrying out the transmission of a communication over an electronic communications network.
Preferences
The technical storage or access is necessary for the legitimate purpose of storing preferences that are not requested by the subscriber or user.
Statistics
The technical storage or access that is used exclusively for statistical purposes. The technical storage or access that is used exclusively for anonymous statistical purposes. Without a subpoena, voluntary compliance on the part of your Internet Service Provider, or additional records from a third party, information stored or retrieved for this purpose alone cannot usually be used to identify you.
Marketing
The technical storage or access is required to create user profiles to send advertising, or to track the user on a website or across several websites for similar marketing purposes.
Manage options Manage services Manage vendors Read more about these purposes
View preferences
{title} {title} {title}