Information Managers
  • Home
  • Services
    • All Services
  • Templates
  • Blog
  • Contact Us
  • Practice Management Success
  • Podcasts

Breakout Session by Jean announced at the ASCA Conference & Annual General Meeting!

Posted on February 7, 2013 by Jean Eaton in Blog

Privacy Risks and Kids

Child identity theft can happen to any child. How does this happen? What can you do to prevent it? In a fun and informative format, Jean will show you some practical tips on how parents can protect their children's valuable information.

Presented at the Alberta School Council's Association (ASCA) Conference and Annual General Meeting 2013.

For more information on the ASCA Conference, click here!

Alberta School Councils of Alberta Conference, child identity theft, privacy, privacy speaker

Alberta Netcare: What are your Patient Rights?

Posted on January 25, 2013 by Jean Eaton in Blog

Primary Care Providers may expect their patients to be asking more questions about Health Information in Netcare. Review this information and your policies and procedures with your staff so that you know how to respond.

In order to mark Data Privacy Day 2013 (January 28, 2013), the Information and Privacy Commissioner of Alberta, Jill Clayton, has announced a new initiative to inform Albertans about their privacy rights.

Under the authority of the Health Information Act (HIA), your health information is available through the province-wide electronic record system named Alberta Netcare. Netcare is a network of information systems that allows authorized users to see prescriptions, lab results, diagnostic images, and hospital reports. It is used throughout Alberta in hospitals, and in medical clinics and pharmacies.

Consent to have your health information in Netcare is not required by law, but you do have rights that allow you to exercise privacy control.

With the provincial electronic health record system, Alberta Netcare, you have the right to:

Know why your health information is collected and whether it is available in Netcare
Know what information about you is in Netcare by asking for a print-out
Limit access to your Netcare record by asking for your information to be masked
Know who has looked at your information in Netcare
Request that errors be corrected
Ask the Information and Privacy Commissioner to review or investigate if you are not satisfied with a decision or response you receive about any of these rights

See the OIPC webpage and contact information, visit: http://www.oipc.ab.ca/pages/HIA/NetcareKnowYourRights.aspx

To view the News Release from the OIPC, visit: http://www.oipc.ab.ca/Content_Files/Files/News/NR_Netcare_Know_Rights_Jan_2013.pdf

access, Alberta, electronic health record, Health Information Act, Netcare, OIPC, patient rights, privacy

What Not To Do – keep your backup device plugged in

Posted on January 25, 2013 by Jean Eaton in Blog

An Australian medical center is facing the possibility that its patients’ electronic medical records may be locked away forever after hackers broke into its computer system in December and encrypted the files. The hackers captured a medical centre's data and demanded A$4000 to decrypt the information.

While this incident is rare it is a good lesson to ensure that you take control of your data. Ensure that it is secure. Ensure that your data is securely backed up and is segregated from your computer servers. Your must be proactive and monitor your computer network. This may be an appropriate task to outsource to a reputable vendor. Are your plans comprehensive? Is it time for you to schedule your Privacy Practice Review?

See  the Technology for Doctors Online story from January 17, 2013, for more information.

backup, best practices, breach, computer network, encryption, external hard drive backup, privacy, privacy breach, privacy practice review, security, security external hard drive devices, segregated backup

Private Event Complimentary for Microquest Clients

Posted on December 21, 2012 by Jean Eaton in Blog

Webinar – Clinic Manager's Privacy and Security Top 10 List

Time to update your Privacy Management Program plan for 2013! This workshop is an essential and effective hour long presentation on the Top 10 Privacy and Security issues facing Clinic Managers and Privacy Officers.

Webinar Series: Clinic Manager's Privacy & Security Top 10 List

Friday, January 18, 2013

11:30am – 12:30pm

Includes: HealthQuest Appointments application, HealthQuest iPad Forms application, Email security, mobile devices, managing vendor agreements, privacy breaches, privacy officer role and responsibility, training, and more.

Facilitated by Jean Eaton, Information Managers Ltd, and Rita Hielema, Microquest.

Email security, HealthQuest Appointments application, HealthQuest iPad Forms application, managing vendor agreements, mobile devices, privacy, privacy breaches, privacy officer role and responsibility, training, webinar

Facebook Privacy Settings

Posted on December 12, 2012 by Jean Eaton in Blog

Canada AM (CTV) has posted a video on their website on how to use privacy settings on Facebook. Follow the link to the video – share the link with your family and friends! Click Here. (make sure to view both clips)

What are the risks when you ‘like' another site? How can third parties make use of your pictures? Maybe you have set your privacy settings once – but, the next time that Facebook has made program changes and includes new settings you (the user) need to go back and trigger the new privacy settings.

facebook, privacy

Charges laid under the Health Information Act

Posted on October 31, 2012 by Jean Eaton in Blog

A self-reported breach by an individual to the Office of the Information and Privacy Commissioner resulted in an offence investigation being opened into suspicious access to health information. The completed investigation, after being referred to Crown prosecutors at Alberta Justice, led to thirty-one charges under the Health Information Act being laid for improperly accessing other individuals’ health information. Another charge was laid for inappropriate use of health information, another for inappropriate disclosure of health information, and one more charge for knowingly falsifying a record. In addition to these thirty-four charges under the Health Information Act, six charges were also laid under the Criminal Code.

The Calgary Herald reports that Brian Hamilton, OIPC Director for the Health Information Act, would only confirm the accused is not a doctor or other medical professional. The matter will be heard in Airdrie Provincial Court on Thursday, October 18, 2012.

The Edmonton Journal also reported that, in addition to the charges under the Health Information Act, the accused may face up to six Criminal Code charges.

Each organization has a responsibility to ensure that their employees (affiliates) receive education and training in their roles and responsibilities under the HIA. Information Managers can help you by providing training on-site and now by webinar. Click here for more information.

For more information, see:
the OIPC Website (http://www.oipc.ab.ca/Content_Files/Files/News/NR_Oct_2012.pdf)

http://www.calgaryherald.com/health/Charges+laid+improper+access+health+files/7400003/story.html

http://www.edmontonjournal.com/health/Alberta+Justice+lays+charges+improperly+accessing+health+information/7399425/story.html

access, Alberta, complaint, disclosure log, Health Information Act, HIA, improperly accessing health information, OIPC, privacy, privacy breach, training

Calgary pharmacy found in violation of patient privacy rules

Posted on October 31, 2012 by Jean Eaton in Blog

Remember the Privacy Principles – least amount of information, on a need to know basis? This recent investigation report from the OIPC reminds us to review our practices to collect information from patients to ensure that we are meeting our best practice standards.

An investigation into a southwest Calgary Co-op pharmacy has found its practice of collecting information on the immune status of an individual when they seek administration of an injection contravenes the Health Information Act.

A patient of the pharmacy contacted the privacy commissioner in April 2012 after he was presented with a form that asked if he had a condition that affects the immune system when he went to the Co-op Shawnessy Centre Pharmacy to receive a vitamin B12 injection.

The patient feared being stigmatized due to an immune disorder that he suffered from, and felt that the amount of information being demanded was excessive. He filed a complaint after being refused treatment without providing the information.

The Health Information Act specifies that custodians must only collect the most limited amount of health information to carry out an intended purpose.

For more information, see:
http://www.calgaryherald.com/health/Calgary+Pharmacy+found+violation+patient+privacy+rules/7346243/story.html

complaint, Health Information Act, HIA, OIPC, privacy, privacy principles

Privacy commissioners call on small- and medium-sized businesses to look before they leap into the cloud

Posted on June 16, 2012 by Jean Eaton in Blog

Privacy commissioners call on small- and medium-sized businesses to look before they leap into the cloud

EDMONTON, June 14, 2012 – Increasingly today, the word cloud is almost as likely to be spoken in a conversation about computing as it would in a discussion about the weather. New guidance issued by the Privacy Commissioner of Canada, and the Information and Privacy Commissioners of Alberta and British Columbia seeks to provide insight for small- and medium-sized enterprises (SMEs) to help their forecasting of potential benefits and risks posed by cloud-based services.

Cloud computing is the delivery of computing services over the Internet. SMEs may be attracted to cloud services as they can significantly reduce the cost and complexity of owning and operating computers and networks. Businesses using a cloud service provider don’t need to spend money on information technology infrastructure, or buy hardware or software licenses. Cloud services can also enable a business to store data offsite with the ability to access it over the Internet from the office, home or virtually anywhere.

In essence, this is a form of outsourcing. Businesses need to remember however that for any information they put in the cloud, the responsibility to safeguard it to the level required by Canada’s private sector privacy laws remains firmly with them.

The guidance includes key precautions and advice, such as:

  • Pay close attention to cloud service contracts. For example, might the fine print allow for third-party disclosures of the information stored?
  • Are your customers aware that their information might be outsourced to the cloud and do you have their consent?
  • Where in the world is the data stored and what law may apply? No matter what, the business outsourcing the data is responsible for ensuring it’s protected to a level expected under Canadian privacy law.

For more information see: OIPC website

cloud computing, cloud service provider, OIPC, privacy

Change your PIN Day March 1 2012

Posted on March 1, 2012 by Jean Eaton in Blog

Edmonton Mayor Stephen Mandel proclaimed March 1 as Change Your PIN Day.

Police are encouraging Edmontonians to change their banking PIN numbers Thursday to help prevent fraud.

In Edmonton last month police issued an arrest warrant for ten men accused of skimming more than half a million dollars from at least 900 bank accounts in Edmonton.

Here are some additional tips from Royal Bank of Canada:  http://www.rbc.com/privacysecurity/ca/alert-fraud-prevention-month.html

  • Keep personal information confidential.
  • Do not give out personal information over the phone, through email or over the Internet unless you initiated the contact and know who you're dealing with.
  • Do not include personal information in regular, unencrypted email or enter it on an unencrypted website as your information will not be secure.
  • Keep your personal information safe. An identity thief will pick through your garbage or recycling bins, so be sure to shred receipts, copies of credit applications, insurance forms, etc.
  • Protect your PIN and passwords. Do not reveal your PIN or passwords to anyone, including employees of RBC, family members and friends. When conducting a transaction at an ATM or retail (point-of-sale) location, keep your Client Card/Credit Card within sight and shield the keypad when entering your PIN.
  • Be aware and be safe! REMEMBER—if something sounds too good to be true, it probably is!

March is Fraud Prevention Month: Recognize it, Report it, Stop it!

Over the next four weeks, the RCMP will be participating in a series of local and national fraud-awareness initiatives. To reduce your chances of being victimized by fraud, check the RCMP's website daily during the month of March for tips aimed at keeping you safe from scammers. Topics covered will include identity theft, phishing, on-line shopping, social networking and credit and debit card fraud.

For more information, see Metro Edmonton March 1, 2012 http://metronews.ca/news/edmonton/9057/a-day-to-change-your-pin/
and CTV Edmonton.  http://edmonton.ctvnews.ca/mayor-mandel-proclaims-march-1st-change-your-pin-day-1.775231

change your PIN, Fraud Prevention Month, privacy

Data Privacy Day Edmonton

Posted on January 16, 2012 by Jean Eaton in Blog

Save the Date! January 28, 2013

The Office of the Information and Privacy Commissioner of Alberta will be hosting a half day Data Privacy Day event on the morning of Monday, January 28, 2013 at the Delta Edmonton Centre Suite Hotel, 10222 – 102 Street, Edmonton. Details regarding the agenda and registration at OIPC.ab.ca.

Data Privacy Day Banner

Data Privacy Day

2013, Data Privacy Day, Data Privacy Day Edmonton, privacy
«‹678

What is the elephant in the room?

The Elephant in the Room Find out here...

 

Privacy Policy

 

"The 15 Day Privacy Challenge has made me aware of the policies that my facility needs to update/create!"

- Rachel Worthing, CHIM, Ontario Shores Centre for Mental Health Sciences

Register for Free On-line Privacy Breach Awareness Training!

Privacy Policy

Copyright 2023 Information Managers Ltd.

Manage Cookie Consent
To provide the best experiences, we use technologies like cookies to store and/or access device information. Consenting to these technologies will allow us to process data such as browsing behavior or unique IDs on this site. Not consenting or withdrawing consent, may adversely affect certain features and functions.
Functional Always active
The technical storage or access is strictly necessary for the legitimate purpose of enabling the use of a specific service explicitly requested by the subscriber or user, or for the sole purpose of carrying out the transmission of a communication over an electronic communications network.
Preferences
The technical storage or access is necessary for the legitimate purpose of storing preferences that are not requested by the subscriber or user.
Statistics
The technical storage or access that is used exclusively for statistical purposes. The technical storage or access that is used exclusively for anonymous statistical purposes. Without a subpoena, voluntary compliance on the part of your Internet Service Provider, or additional records from a third party, information stored or retrieved for this purpose alone cannot usually be used to identify you.
Marketing
The technical storage or access is required to create user profiles to send advertising, or to track the user on a website or across several websites for similar marketing purposes.
Manage options Manage services Manage vendors Read more about these purposes
View preferences
{title} {title} {title}