Information Managers
  • Home
  • Services
    • All Services
  • Templates
  • Blog
  • Contact Us
  • Practice Management Success
  • Podcasts

Why You Need Privacy Awareness Training

Posted on May 15, 2017 by Jean Eaton in Blog

There are many examples of privacy breaches internal to healthcare organizations–Snooping. Hacking. Unsecure emails with patient information. Faxes sent to the wrong person. Patient records found in garbage cans. Ransomware. Mobile devices without encryption being lost or stolen.

Privacy legislation, professional standards and best practices require healthcare professionals and their employees and business associates to protect against reasonably anticipated threats to the security and confidentiality of health information.

Privacy in healthcare is important.

A Privacy Breach Affects the Individual, the Business, and the Healthcare Industry

After a privacy breach, the individual may now be at a real risk of significant harm (ROSH) from identity theft, stalking, loss of employment, and financial loss if the information is used for fraud.

The individual affected by the privacy breach may be embarrassed, inconvenienced, or angry.

Of importance in healthcare is the risk of medical identity theft where the breached information is used to fraudulently access healthcare services. Because of this, inaccurate information added to the owner’s healthcare records which can cause errors or delays in receiving necessary care and treatment.

without privacy awareness training

Without privacy awareness training

Privacy breaches are expensive –bad publicity, loss of business, loss of goodwill, fines, penalties, and sanctions. Ontario PHIPA legislation, for example, has recently doubled its fines. Personal Health Information Protection Act (PHIPA) including Bill 119, the Health Information Protection Act (HIPA) – Amendments to the Personal Health Information Protection Act (PHIPA) which was proclaimed in 2016. With the introduction of Bill 119, the fines for offences have doubled from $50,000 to $100,000 for individuals and $250,000 to $500,000 for organizations.

Privacy breaches affect all healthcare businesses. The healthcare system is a highly integrated information sharing system designed to provide timely and accurate care and treatment to patients, and to receive financial compensation for those services. A weakness or problem at one business may have down-stream implications to other businesses. When one business has a privacy or security breach, there is a risk that the public (including patients and clients) may think that all healthcare businesses have the same problems.

Privacy Awareness Week #PAW2017

Privacy Awareness Week (May 15-21) is a global effort coordinated by members of the Asia Pacific Privacy Authorities (APPA) to promote awareness of privacy issues and the importance of the protection of personal information. Each year various members of APPA and other supporters across the world develop resources and communications materials to support their activities during Privacy Awareness Week.

 

Pause for Privacy

Pause for Privacy #PAW2017

 

Why Invest in Training?

New technology, regulatory and legislative changes, and new office procedures are common triggers to provide training in any business. Your employees need to learn these skills so that they can be efficient at their jobs. When you provide training, you give employees the tools that they need to succeed and contribute to an efficient practice.

As an employer and healthcare provider, you are responsible to provide training to all your employees about privacy awareness.

There are many examples of privacy breaches that dispel the myth that someone who has worked in healthcare for a long time, or has had advanced university training and professional ethics automatically understand how to properly manage personal health information. We know that errors in judgment and malicious intent can occur at every level of a healthcare organization. A common, comprehensive privacy awareness training provides a foundation for everyone in the organization to confidently and properly handle personal health information. A documented program will help to mitigate the risks to an organization when an individual jeopardizes personal health information even after receiving privacy awareness training.

[clickToTweet tweet=”Myth: Experienced healthcare workers automatically understand how to properly manage personal health information #PHI” quote=”Myth: Experienced healthcare workers automatically understand how to properly manage personal health information.”]

What is the Best Way to Provide Training?

The best privacy awareness training program includes a mix of formal, planned training programs and episodic, just in time, targeted education opportunities. Consider a privacy awareness training program strategy that includes:

  • Privacy awareness foundation – in-person or on-line for everyone in your practice including new employees, healthcare professionals, support team, vendors and business associates.
  • Specific training – when there is new or changes in software, equipment, procedures or practices, employee promotion or change in roles.
  • General reminders throughout the year in fun and multi-media formats; quizzes, posters, articles, training tips at staff meetings, frequently asked questions (FAQ), etc.
  • Demonstrate good privacy and security practices and behaviours throughout the year.
  • Recognize when individuals demonstrate following privacy principles that also add value to your patient satisfaction or business efficiency.

Benefits of Privacy Awareness Training

Privacy awareness training is needed in your healthcare practice to

  • Understand patient and client privacy rights.
  • Respect personal health information and your obligations.
  • Confidently and correctly handle personal health information.
  • Use reasonable safeguards to protect personal health information (PHI).
  • Recognize and respond to a privacy breach
  • Support key policies, procedures and risk management programs in your healthcare practice.
Benefits of Privacy Awareness Training

Benefits of Privacy Awareness Training

Regular privacy awareness training is considered a common reasonable safeguard to protect patient information and the reputation of the healthcare providers.

Many privacy breaches are avoidable. Privacy awareness training can help prevent privacy breaches or help employees to spot and stop the breach quickly.

 

 

Initiatives like Privacy Awareness Week also provide additional tips, templates, tools, and training from supporters of this event. You can follow Privacy Awareness Week on Twitter using the hashtag #PAW2017 and #PrivacyAware.

In conjunction with Privacy Awareness Week, Information Managers www.InformationManagers.ca and Corridor Interactive www.CorridorInteractive.com have announced the release of the newest addition of the “Privacy Awareness in Healthcare: Essentials” series with a focus on Ontario’s Personal Health Information Protection Act (PHIPA) legislation. The first on-line privacy awareness training in this series released in 2016 focused on Alberta’s Health Information Act. Many other provinces have health information legislation as well, and while some of the key terms differ from province to province, this privacy awareness training is applicable to any organization that collects, uses, and discloses personally identifying information.

More information can be found here https://InformationManagers.ca/Privacy-Awareness-Corridor/.

#PAW2017, #PrivacyAware, Corridor Interactive, Health Information Act, healthcare, medical, Personal Health Information Protection Act (PHIPA), Privacy Awareness in Healthcare: Essentials, privacy awareness training, privacy awareness training in healthcare, Privacy Awareness Week

What is the elephant in the room?

The Elephant in the Room Find out here...

 

Privacy Policy

 

I have used Corridor's Privacy Awareness in Healthcare: Essentials online training program. The course has helped satisfy the training requirements of the Health Information Act. Staff go through the course at their own pace while we monitor to ensure completion.

- Luke Brimmage, Executive Director, Aspen Primary Care Network

Register for Free On-line Privacy Breach Awareness Training!

Privacy Policy

Copyright 2023 Information Managers Ltd.

Manage Cookie Consent
To provide the best experiences, we use technologies like cookies to store and/or access device information. Consenting to these technologies will allow us to process data such as browsing behavior or unique IDs on this site. Not consenting or withdrawing consent, may adversely affect certain features and functions.
Functional Always active
The technical storage or access is strictly necessary for the legitimate purpose of enabling the use of a specific service explicitly requested by the subscriber or user, or for the sole purpose of carrying out the transmission of a communication over an electronic communications network.
Preferences
The technical storage or access is necessary for the legitimate purpose of storing preferences that are not requested by the subscriber or user.
Statistics
The technical storage or access that is used exclusively for statistical purposes. The technical storage or access that is used exclusively for anonymous statistical purposes. Without a subpoena, voluntary compliance on the part of your Internet Service Provider, or additional records from a third party, information stored or retrieved for this purpose alone cannot usually be used to identify you.
Marketing
The technical storage or access is required to create user profiles to send advertising, or to track the user on a website or across several websites for similar marketing purposes.
Manage options Manage services Manage vendors Read more about these purposes
View preferences
{title} {title} {title}