Information Managers
  • Home
  • Services
    • All Services
  • Templates
  • Blog
  • Contact Us
  • Practice Management Success
  • Podcasts

How to Manage a Privacy Breach with Confidence

Posted on August 31, 2021 by Jean Eaton in Blog, Services, Training, Upcoming events/workshops

How to Manage a Privacy Breach with Confidence

The new mandatory privacy breach notification provisions to the Health Information Act (HIA) effective August 31, 2018. Are YOUR policies and procedures up to date?

Custodians will be required to notify the Office of the Information and Privacy Commissioner (OIPC) and the Minister of Health, privacy breaches with risk of harm.

If you haven’t updated your privacy breach management policy, trained your staff, and prepared your reporting procedures yet, let me help you with done-for you templates and training!

If you're a healthcare practice manager, owner or privacy officer who really needs to know how to respond to a privacy breach but doesn't have a step-by-step plan ready to implement, then here's the answer you've been looking for…

Introducing the “4 Step Response Plan” on-line education with quick and helpful content so that you will properly manage a privacy breach. This is critical to the continued success of your business.

Privacy Incidents Happen!

60% of small and medium business owners go out of business within 6 months after a privacy and security breach. Patients, clients, employees and business partners trust you to keep their private and sensitive information confidential and secure.

Mandatory privacy breach reporting is quickly becoming a legislated requirement – and many businesses are not prepared!

Not recognizing and not notifying a privacy breach quickly and properly could result in fines and even jail time for the business, healthcare provider, employee, or vendor!

Learn NOW how to manage a privacy breach – Don’t get caught scrambling when a privacy breach happens.

The biggest mistake in managing a privacy breach is not recognizing the privacy breach.

The second biggest mistake is not knowing what to do about it.

Many healthcare practice managers, owners and privacy officers can’t get past the idea that simply hoping that you won’t have a privacy breach is not a good business strategy!

But nothing could be further from the truth!

What people are saying about the ‘4 Step Response Plan’

Well it happened! We recently had a privacy breach. It was an ‘oops’ but never the less a privacy breach. I had started the 4 Step Response Plan – Prevent Privacy Breach Pain but thought I had time to go through it. Unfortunately not. Your course has been a godsend with all the information and forms that I need to work through this privacy breach and notifying process.  Nancy D

Results Oriented Learning

The 4 Step Response Plan will help you with prevent privacy breach pain and give you the tips, templates, training, and tools that you can use right away to prepare your privacy breach response plan.

Learn to

  • Recognize a privacy breach.
  • Understand why a privacy breach is a significant problem.
  • Understand the cost of a privacy breach and why you need to be prepared now.
  • Use the 4 Step Response Plan to develop a privacy breach management plan.
  • Prevent a privacy breach from happening again.

… and much, MUCH more!

When you have a privacy breach you must recognize the breach, contain it, notify the affected individuals, and prevent it from happening again. When you have this plan you will have confidence that you have identified and managed your areas of risk and dramatically reduce the risk of a privacy breach. Your staff will recognize a privacy breach early and respond quickly. You will manage the breach with minimum of risk to your patients, clients, and your practice.

In the world of privacy breaches ‘If’ has become ‘When’. Are you be ready?

4 Step Response Plan

 

The 4 Step Response Plan includes

  • 6 interactive lessons
  • 60 minute training webinar
  • Video introduction to each lesson
  • Template policies and procedure including Privacy Breach Management Policy
  • Scenarios and examples
  • Downloadable resources, checklists and templates including Internal Privacy Breach Reporting Form to make it easy for you to meet your notification requirements.

 

BONUS – Discussion Group (not Facebook!)

Exclusive to registered participants – collaboration with others to help you solve problems and Jean will be there to answer your questions and encourage your progress.

 

BONUS – Open Office Q&A With Jean 

Monthly incident response training using recent real-world reported privacy breaches and mentoring with live Q&A with Jean to help you overcome obstacles so that you can get your privacy breach management plan finished!

 

BONUS – Privacy Breach Awareness Training for YOUR Employee’s Orientation

  • Video (8 min) – “Can You Spot the Privacy Breach?”
  • Learning Resources Guide to download
  • Post Test
  • Certificates of Completion

This on-line education program may be eligible for Continuing Professional Development credits with your professional association.

 

Self-paced And Self-learning – All Lessons Are Available Right Away – No Waiting To Get The Content That You Need Most! 

Privacy Breach 4 Step Response Plan Purchase

Get Started Right Now!

Not having your privacy breach management policies and procedures in place will

  • make it harder to respond to a privacy breach
  • mis-steps – opens you up to fines, sanctions, and re-work that will cost you time and money
  • blind-sided by mandatory privacy breach reporting requirements

So if you’re a privacy officer, practice managers, healthcare providers, or a clinic manager who needs to know how to respond to a privacy breach but doesn't have a step-by-step plan ready to implement you need to act on this right now.

When you have your privacy breach response plan in place you will have confidence that you are prepared to respond to the breach with confidence.

Get the step-by-step help to customize your policies and training and

  • You will save time and save money.
  • Your staff will recognize a privacy breach early and respond quickly.
  • You will respond to the breach with a minimum of risk to your patients, clients, and your practice.

 

Click the Button Below to Get Started Right Away!

Purchase 4 Step Response Plan

  • You will be re-directed to Stripe to make your purchase by credit card or debit.
  • Your receipt will indicate payment has been made to Information Managers Ltd.
  • Your confirmation and receipt will be provided to the email address that you complete your registration.
  • Use your best email address – you don't want to miss access to all the resources!

 

 

What people are saying about the ‘4 Step Response Plan’


Jean L. Eaton Your Practical Privacy Coach

 

Jean L. Eaton, BA. Admin (Healthcare) CHIM, CC is constructively obsessive about privacy, confidentiality, and security when it comes to the handling of personal information, particularly in primary health care settings.

Jean provides solutions that are practical and effective for today’s healthcare providers so they can implement privacy by design and best practices to protect privacy, confidentiality, security of personal information.

Jean specializes in making practical recommendations for 1000’s of independent health care providers and comply with privacy legislation while improving efficiency in their practice management. Jean is a consultant and speaker on the topic of privacy breach management, including ‘virtual privacy officer’ on demand.

She is the privacy awareness training facilitator to hundreds of medical clinics and healthcare practices and organizations that support independent healthcare businesses and privacy officers across Canada and the US. With over twenty years of experience, I have the knowledge and tools to help your business improve your information privacy practices.

I’m delighted to share this with you now in this course.

So go ahead, click the order button right now and you're well on your way to privacy breach management plan success!

 

Here Is My Personal Guarantee

 

Email Jean with your questions.

 

Jean L. Eaton is the host of the Privacy, Confidentiality and Security Workshops for Your Healthcare Practice © series.

4 Step Response Plan, incident response, online education, prevent privacy breach pain, privacy breach, privacy officer training, training

Privacy Awareness in Healthcare Training: Dental Practices

Posted on June 15, 2020 by Meghan in Blog, Services

NEW! Privacy Awareness in Healthcare Training – Dental Practices

Privacy Awareness Training for Dental Practices

Is your dental clinic in compliance with the Alberta Dental Association & College, Health Information Act (HIA) and Personal Information Protection Act (PIPA)?

Dentists and dental practices in Alberta are required to have an ongoing privacy program to ensure the protection of private records and patient information. The appropriate collection, use, and disclosure of personal information is critical to maintaining privacy for patients that choose to trust in your practice. Accomplishing this important goal demands an up-to-date training strategy.

Regular privacy awareness training protects patients, employees and your business. The key components of your training strategy must revolve around ensuring HIA compliance to mitigate risk of a privacy breach. Everyone in your clinic – dentists, dental assistants, dental hygienists, office staff, contractors and even practicum students and volunteers must understand how to correctly handle personal information, so it remains confidential and secure. Maintaining high standards that safeguard information privacy and security is an essential aspect of asset management for any health care provider.

Corridor Interactive's training includes a personalized printable certificate of achievement to support compliance and may be used for your continuing education credits, too! Our training delivers industry best practices and is ideal for all levels of staff in any dental organization or clinic that collects, uses or discloses personally identifying information. This includes direct care providers in your practice as well as privacy officers, support staff and any other employees who are not directly involved in patient care.

Corridor’s Privacy Awareness Training for Dental Practices educates dentists, dental assistants, dental hygienists, and all office staff on:

  • Understanding Privacy
  • Privacy Principles
  • Collection, Use & Disclosure
  • Roles & Responsibilities
  • Privacy Breaches
  • Right of Access
  • Safeguards
  • What is “Health Information”
  • Handling Personal Sensitive Health Information
 

If You Are A

  • dentist,
  • dental assistant,
  • dental hygienist,
  • or work in a dental practice

You Need Privacy Awareness in Healthcare Training – Dental Practices

You will 

  • Understand patient and client privacy rights.
  • Respect personal health information and your obligations.
  • Confidently and correctly handle personal health information.
  • Use reasonable safeguards to protect personal health information (PHI).
  • Recognize and respond to a privacy breach
  • Support key policies, procedures and risk management programs in your healthcare practice.

Interactive Online Learning Experience provided by Corridor Interactive

Corridor Interactive’s Buy Now Training Programs give you access to the most current information available, at your convenience. Complete your course all at once, or in multiple sessions from any location – it’s up to you. All you need is an internet connection and an email address to get started…it’s that easy!

  • Fits into your schedule – you can start, pause at anytime, and return to the course exactly where you left off.
  • Easy to use – navigation buttons makes it easy to continue to the next topic or pick and choose the order that you want to see the content.
  • Get started immediately – the entire course is ready for you!
  • Work at your own pace – you have access to the course for three (3) months. Most students complete the course in under 2 hours.
  • You can listen to the narration for each module.
  • Practical examples, too, to make it easier for you to apply what you have learned in the course to your job.
  • Links to extra resource material and websites related to your topic of study, to peruse at your convenience.
  • A printable Certificate of Completion, available as soon as you successfully complete your course.
  • An audit trail and record of your course activity and training history.
  • Self-directed learning features including the ability to pause your course at any time and resume later, right from where you left off.
  • Unlimited access to your course and resources for the duration of your subscription term.
  • Technical support with a one-business day turnaround for end-user support help and questions.
  • Automatic emails when you complete your course, or reminders if you have not completed.

Developed by Corridor’s team of seasoned software specialists and instructional designers, this unique online learning application is the optimum vehicle for delivering learning content.

$30 per subscription

Register Now

 Give your staff the knowledge and tools they need to apply policy in their day-to-day work AND prevent a privacy breach with privacy awareness training.

 

Privacy Awareness in Healthcare Training – Dental Practices

Protect your organization and your patients. Equip your staff with the information they need to confidently and correctly handle personal health information. Learn basic healthcare privacy principles and how to handle personal health information, use safeguards, and recognize and report a privacy breach.

Sounds great! Sign me up!

This self-paced on-line education includes:

  • 9 Modules
  • 6 Quizzes
  • 2 Case Studies
  • Final Exam

Certificate of Completion

“When we know better, we can we do better.”

As an employer and health care provider, you are responsible to provide training to all of your employees about privacy awareness. Protect your organization and your patients. Equip your staff with the information they need to confidently and correctly handle personal health information.

I am constructively obsessive about privacy and confidentiality in the healthcare sector–and I think you should be, too! I designed this course to assist healthcare providers, clinic managers, practice managers, privacy officers and independent healthcare practice owners provide practical privacy awareness training that was easy to implement, consistent content, cost-effective and meaningful to your day-to-day business.

When each member of your independent healthcare practice completes this privacy awareness course, you will have clearer expectations and confidence that your team will maintain the privacy, confidentiality and security of your patient’s health information. Give your patients the gift of privacy. Improve your healthcare practice with privacy awareness education.

Jean L. Eaton, Your Practical Privacy Coach Information Managers Ltd.

Frequently Asked Questions

How can I access the course?

The course, Privacy Awareness in Healthcare Training – Dental Practices  is available on-line from any internet enabled device. You can use your desktop computer, smart phone or tablet to view the slides and even hear the narration.

How long is the course?

Most students complete the course in under 3 hours. You can start and stop the course at any time. Let's say you decide to take 20 minutes each day to work on the course. You can login and start the course right away. When you come back to the course the next day, you can start right from where you left off. You will have all the modules and the post-test done within 6 days. Don't worry about missing a few days – you have access to the course for a full 3-months!

This is my first job in a dental practice. Do I know enough to start the course?

You bet! The course is easy to read and I explain all the terms that you need to know. There are a lot of practical examples, too, to make it easier for you to apply what you have learned to your job.

I've worked in healthcare for a long time. Do I still need to take this course?

You bet! Seasoned professionals like yourself have an extra obligation to share your knowledge with new workers. This course will help you to refresh key principles and suggest wording, examples, and key messages that you can use to train new employees to their specific tasks in the workplace. The course will help you to advocate for the privacy rights of your patients. Unfortunately, we have many examples where trained professionals who “should have known better” make errors in judgement causing privacy breaches that affect our patients, our business, and the reputation of healthcare. Healthcare practitioners and owners have a responsibility to ensure that everyone in the practice receive comprehensive privacy awareness training regularly.

Will I get a certificate of completion that I can give my employer?

Yes –  at the end of the course, you will have the opportunity to complete a short on-line quiz to confirm that you understand the key concepts. Then you will have access to a Certificate of Completion that you can download and share with whomever you choose.

Can I get continuing education credits with my professional association?

Maybe! If you are a member of a professional association and you would like to seek credits from for taking this course, please let us know so we can take steps to request pre-approval. Often, professional association and colleges will grant continuing education (CE) credits based on your certificate of completion.

How much is the course?

The course is $30 per individual 3 month subscription. Click here to buy it right away.

I think everyone in my healthcare practice should take this course! Can I buy in a group package?

Yes – Privacy Awareness in Healthcare Training – Dental Practices is available in group packages, or it can be customized to incorporate your organization’s privacy policy and practices. Employers can monitor the employee’s training progress and receive a report of employee’s satisfactory completion of on-line quizzes. Track annual privacy awareness training through our online platform to demonstrate your compliance with legislation. Contact Corridor Interactive for more information.

I agree that privacy awareness training is important - but I don't work in healthcare. Do you have a corporate privacy awareness program?

While these programs have been developed with health care providers in mind, the privacy principles and fundamentals of protecting personal information are appropriate for any organization that collects, uses, and discloses personally identifying information. Contact us for information about our Corporate Privacy Awareness Program!

Interested in Group Training?

Employers can also purchase training for groups of employees; employees can access the internet based training at a time and location convenient to them. Employers can monitor the employee’s training progress and receive a report of employee’s satisfactory completion of on-line quizzes. Track annual privacy awareness training through our online platform to demonstrate your compliance with legislation.

Email Corridor Interactive to Order Group Training

Corridor Interactive, dentists, health care, Health Information Act Training, healthcare, healthcare provider, primary healthcare, privacy, privacy awareness, privacy breach, training

Cyber Security Awareness Training for You!

Posted on October 1, 2019 by Jean Eaton in Blog

Did you know?

1/3 of all healthcare employees who should receive cyber security training, don’t get cyber security training.

You can do better!

Start here.

October is Cyber Security Awareness Month! #BeCyberSmart

A great no-cost opportunity to provide cyber security awareness training to your team!

     

Register Below!

 

Cyber Security Awareness Training By Email

 

To celebrate Cyber Security Awareness Month, Information Managers is hosting free training tips by email throughout October.

In this training, Jean L. Eaton, Your Practical Privacy Coach will share cyber security tips and resources with you!

You can forward the email  to easily share the tips and resources with your team.

Or, they can sign up to the email training, they will receive emails directly to their in-box.

Discuss the tips and posters to see how they best apply to your work or home cyber security practices.

 

Your Cyber Security Awareness Tips will be delivered to the email address that you enter above.

You'll also benefit from occasional emails about privacy and practice management.

We don't share or sell your information. Ever.

Follow Us On Social Media!

Throughout October, we will cyber security tips and free links to additional resources on our social media accounts  that you can download right away! Follow us!

Twitter

 

Whether you’re at work, at home, or on the go, threats to cybersecurity and sensitive data can follow you. Our uber-connected world makes it more important than ever to know the threats and their potential consequences.

Information Managers Ltd has been a Cyber Security Champion for many years – and now you can, too!

Cyber Security Awareness Month was launched by the National Cyber Security Alliance (NCSA) & the U.S. Department of Homeland Security in October 2004. This US organization sponsors a multi-media resource campaign each October.

https://staysafeonline.org/ncsam/champions/

Please use the social share buttons below to share these Cyber Security Awareness  activities with your friends and colleagues.

#BeCyberSmart, cyber security, cybersecurity, National Cyber Security Awareness Month, training

When Do You Need a PIA Amendment?

Posted on July 23, 2019 by Jean Eaton in Blog

A Privacy Impact Assessment Is Good For Business

A privacy impact assessment (PIA) is part of a regular business process if you collect, use, or disclose personal health information in your healthcare practice. When you have a previous PIA that has been prepared, submitted to the Office of the Information and Privacy Commissioner (OIPC) and it has been accepted for use–well, that is not the end of your PIA journey.

You need to ensure that you are updating and amending your PIA as your practice matures and as you make administrative and technical changes to the procedures in your practice.

You need a PIA Amendment when you have a previously accepted PIA and any one of these common triggers below.

You Have a PIA That Was Written More Than 2 Years Ago

It is time to review and update this!

Under Section 8(3) of Alberta’s Health Information Regulation, custodians must periodically review the safeguards they have in place to protect health information privacy. This means that custodians need to regularly review the privacy risk mitigation plans set out in PIAs to ensure they continue to protect against reasonably foreseeable risks to the privacy of health information. The submission of your PIA to the Office of the Information and Privacy Commissioner (OIPC) is mandatory and must precede implementation of your new system or practice.

Change in Health Information Act (HIA) Legislation and Regulations

The HIA has undergone significant amendments in 2006, 2010, most recently in August 2018. Make sure that you have updated your privacy breach management program and include mandatory privacy breach notification to the (OIPC) and the Minister of Health (MOH). Again, ensure that your team training has been updated so that they know how to spot, stop, and report a privacy breach. (See Mandatory Privacy Breach Notification)

Changes In Your Electronic Medical Record or Computer Network

You have the same EMR database, but maybe the configuration has changed. For example, a change from a local to an application service provider (ASP) or cloud-based data centre or Software as a Service (SAS) model would trigger a PIA amendment.

Another trigger is a change in your computer network vendor or changes in wireless networking, remote access, or implementing mobile devices.

PIA amendment EMR computer network

Change in Participating Physicians / Privacy Officer

Since your original PIA, you may have new custodians, including physicians, registered nurses, chiropractors, and other health professionals named in the HIA that have joined or left your practice. Your Privacy Officer may have changed, too. Your amendment should include an up-to-date listing of custodians and privacy officers.

New Users / Information Sharing

There have been many recent information sharing initiatives in healthcare. You might now plan to participate in evaluation projects, patient panel management, or other community initiatives. Make sure that you have your PIA amendment and information manager agreements completed, too. (See – The Top 3 Agreements Your Healthcare Practice MUST Have (and Why).

A quick word of caution: if your new information sharing project includes data matching–the creation of new information by combining two or more sets of data—requires custodians to prepare a privacy impact assessment before performing data matching involving health information (HIA sections 70, 71). The custodian that carries out the data matching is responsible for preparing the Privacy Impact Assessment.

PIA amendment new users

Communicating With Patients

If you are adding new technology to keep in touch with patients for appointment reminders, on-line appointment booking, secure email or patient portals, these will trigger a PIA amendment or, perhaps, a project specific PIA. Make sure that your policies and procedures are up to date, too. (See – Can You Use Text Message With Your Patients? )

PIA Amendment Communicating with patients

Alberta Netcare Portal (ANP) / Community Integration Initiative (CII) / CPAR

ANP updated their PIA in 2016 and, therefore, you need to make sure that your corresponding policies and procedures and training have been updated, too. Remember – when you agreed to participate in ANP, you promised that you would review your threat risk analysis (TRA) and update your Provincial Organization Readiness Assessment (p-ORA) when changes occur and at least every two years.

If you want to participate in new initiatives like CII and CPAR, you need to review and update both your PIA and your p-ORA, too.

Maturing Practice

You have learned and grown since your original Privacy Impact Assessment submission. Have you implemented everything that you said that you would? Can you demonstrate that your teams have received privacy and security awareness training? Have you reviewed your Health Information Management Privacy and Security policies and procedures in the last two years?

Keeping up to date without any other significant changes to your practice may not trigger a Privacy Impact Assessment amendment. Make sure that you document your careful review so that you are prepared for your next Privacy Impact Assessment submission.

Important Business Decisions

Creating and reviewing your PIA regularly can help you to spot errors or gaps between the way that you do the work in the clinic and the way that you said that you were going to implement in your clinic.

The questions that we ask during the PIA process are important. The time that you take now to identify the potential risks and prevent those incidents from happening may save you time, money, reputation and even jail time in the future.

You Know Your Practice Better Than Anyone Else

When you have a coach to guide you through the PIA amendment process, provide you with templates, and give you feedback on your work in regular live training webinars, join me in the on-line step-by-step course, Protect Your Practice, Your Assets, and Your Patients with Privacy Impact Assessments.

Protect Your Practice, Your Assets, and Your Patients with Privacy Impact Assessments

Find out more here: Protect Your Practice, Your Assets, and Your Patients with Privacy Impact Assessments or send me an email.

Practice Management Nuggets Podcast

This topic is included in our Practice Management Nuggets podcast! Be sure to tune in to the podcast episode

When Do You Need a PIA Amendment? | Episode #078

Listen to the Podcast
#PrivacyImpactAssessment, #ProtectYourPractice, Alberta, clinic, health care, Health Information Act, healthcare, HIA, how to do a pia, medical, Netcare, PIA, Privacy Impact Assessment, privacy impact assessment amendment, training

When is a Privacy Breach a Privacy Breach?

Posted on July 13, 2019 by Jean Eaton in Blog

The biggest mistake in managing a privacy breach is not recognizing the privacy breach.

The second biggest mistake is not knowing what to do about it.

The recent publicity about the privacy breach in Alberta when a laptop with health information was stolen and came to the public's attention several months later is not the first news item of its kind.  In fact, this happens frequently in healthcare, retail, government departments and other industries.  This doesn't make it any easier to swallow and certainly doesn't make it right.  But this is an opportunity for you, healthcare provider or practice manager, and vendor to make sure that you have good practices in place to manage your next privacy breach.

Health information is recognized as being particularly sensitive and important to the person that the information is about.  It is so important, in fact, that a new breed of legislation was developed to set out specific rules to ensure that the health information has robust safeguards (administrative, technical, and physical) to keep the health information confidential and secure.  In Alberta, the Health Information Act (HIA) was proclaimed in 2001 to help custodians (people or organizations who collect, use, and disclose health information) ensure that they have identified the risks to breach of health information and how to prevent those risks.  The legislation also ensures that the people who the health information is about have access to their personal health information.

In August 2018, amendments to the HIA were proclaimed that make it mandatory to report a privacy breach that could result in harm to the Office of the Information and Privacy Commissioner (OIPC).

Privacy breaches come in all types and sizes.  One of the most common forms of a privacy breach is when a clinic or healthcare provider intends to send a report to another healthcare provider for continuing care and treatment but it is sent to the wrong physician.  Or, the referral request went to the correct physician but included extra information about another patient that was not part of the referral.

What Is Considered a Privacy Breach?

A privacy breach is an unauthorized access to or unauthorized collection, use, disclosure , loss, or disposal of personal or health information.

To each of us, our own personal health information is important.  As a healthcare industry, we need to ensure that we recognize this and acknowledge that each privacy breach is important to the person the information is about.  We need to make sure that we minimize the risk of the information being used inappropriately or maliciously.  We need to acknowledge to ourselves and to our patients and clients that we are human and that sometimes we do make mistakes and we will strive to do better.

A ‘small' breach of one person one time might have a big impact to the individuals involved.

A ‘big' breach of a lost laptop might have a bigger magnitude affecting many individuals.

When a breach also meets the requirements of mandatory notification, a custodian must report the breach regardless of how many people's information have been included in the breach.

4 Step Response Plan

When you have a privacy breach, follow these four steps to manage the privacy breach incident.

Step 1 – Spot and Stop the Breach

Each breach is important and needs to be recognized. Contain the breach so that it doesn't get any bigger.

Step 2 – Evaluate the Risks

Your privacy officer will investigate the incident and learn about the size, scope, and details about the breach. Consider if there is a reasonable basis to believe that there is a risk of harm to an individual

Step 3 – Notify

Notify the custodian, the affected individuals and (now, with the 2018 amendments), the Alberta OIPC, Minister of Health, Alberta Health (if the breach includes Netcare) and others.

The individual who's information has been breached needs to be made aware of the problem and the risk that might be experienced so that they can be prepare to limit the risks. The custodian needs to know how to manage the privacy breach and report it – internally and perhaps to other stakeholders.

Step 4 – Prevent the Breach From Happening Again

Correct and monitor the incident(s). Actively take steps so that the breach does not happen again.

Not Sure What To Do?

You never know when a privacy breach will happen! Prepare now with a privacy breach management program and coaching from the Practical Privacy Coach!

Learn what to do if you have a privacy breach.

4 Step Response Plan, Alberta, breach, Health Information Act, HIA, OIPC, privacy, privacy breach, training

Privacy Awareness Week 2019

Posted on May 7, 2019 by Jean Eaton in Blog

Privacy Awareness Week (PAW), an initiative of the Asia Pacific Privacy Authorities forum (APPA), is held every year to promote awareness of privacy issues and the importance of protecting personal information. This year, Privacy Awareness Week is celebrated May 6-10, 2019.

Protect Your Organization and Your Patients

Equip your staff with the information they need to confidently and correctly handle personal health information.

Healthcare businesses need privacy awareness training to support key policies, procedures and risk management programs need a privacy awareness training program.

Reasonable Safeguards

As an employer and health care provider, you are responsible to provide training to all of your employees about privacy awareness.

If you don’t provide the training, or if the employees don’t understand the policies and there is a privacy breach, then the healthcare provider is more likely to be held accountable under the legislation and face penalties including fines and even prison!

Patients value the privacy and security of their information.

Healthcare providers and clinic managers value privacy and security, and they value not having adverse results as a lack of compliance or patient safety issues.

Privacy Awareness Quiz

Patients trust their healthcare providers with their sensitive, personal, and financial information.

If patients don’t feel that the healthcare provider will keep their information confidential and secure, patients may choose not to share their information which may impact their healthcare and treatment.

When we are privacy aware, we can better respond to patients’ questions and build their trust in the quality of services that we provide.

Avoid Fines

On August 31, 2018, amendments to the Health Information Act (HIA) came into force that introduce a fine of not less than $200,000 for a person who fails to take reasonable steps in accordance with HIA regulations to maintain safeguards to protect against reasonably anticipated threats to the security of health information (sections 107(1.1)(a) and 107(7)).

SAY NO TO SNOOPING! If an individual affiliate knowingly breaches the privacy and security of health information, and the custodian can demonstrate that reasonable safeguards (including privacy awareness training) were in place, the individual affiliate can be charged under the Health Information Act. Fines of up to $50,000 per may be applied to the individual in addition to other sanctions from their employers and/or their professional regulatory colleges where applicable. (HIA s.107)

What Will You Do To Be More #PrivacyAware?

Join Information Managers for Privacy Awareness Week! May 6-10, 2019. #PrivacyMatters!

Information Managers would like to spread the message of #PrivacyMatters to raise privacy awareness in healthcare everyday.

Share these resources in your healthcare practice to keep privacy top-of-mind and demonstrate your commitment to privacy awareness!

Privacy Awareness in Healthcare: Essentials

 Improve your healthcare practice with privacy awareness education.
#PrivacyAwareness training in healthcare to support key policies, procedures and risk management programs.

Grab this from Corridor Interactive!

Special Privacy Awareness Week Pricing! EXTENDED!

Hurry! Expires soon!

Grab Your Privacy Awareness Training

Download Your Privacy Awareness Quiz!

Common scenarios in healthcare.

Grab Your Quiz

I Heart Privacy! #PrivacyMatters

Print badges for your team.

Or, use the done-for-you sheet of labels that you can print right away and slip into badge holders or print to stickers or labels.

You can even customize the labels and add your business name!

Instant Download Here

Download Your Monthly Privacy and Security Awareness Audit Template

Grab Your Free Privacy and Security Monthly Audit Template
#PrivacyMatters, health, healthcare, privacy awareness, training

Do you want to enjoy the benefits of the internet without the fear of cyber attacks and privacy breaches?

Posted on September 11, 2017 by Jean Eaton in Archive

Is this you?

Paul clicked on a link in an email that encrypted all his data on his computer and now he has to pay a ransom to get the data back.

Mary used her work email address to register for the course, “Ready to leave your job?” Now her boss thinks that she is looking for a new job.

Alice did not follow your clinic policies and procedures properly and she left a confidential message with the wrong patient.

Bob is a new employee and will start his orientation tomorrow.

They each use the internet for their personal lives and as an employee. You need to know the best practices on the internet and how to protect your personal information. It's easy once you know how!

The 15 Day Privacy Challenge is a fun, FREE online educational opportunity on privacy and security that you can use at home or at work. Enjoy the benefits of the internet without the fear of cyber attacks and privacy breaches when you use these practical tips, tools, and resources.

This free online course is ideal for businesses, healthcare practices, or clubs and their privacy officers, employees, and their families.

The course is free – there is no risk to you and you will see that the 15 Day Privacy Challenge is the perfect way to make small changes easily that can improve the privacy and security of your information right away!

We are official champions of the  National Cyber Security Awareness Month (NCSAM). October is Cyber Security Awareness Month and Information Managers is celebrating by hosting our annual 15 Day Privacy Challenge.

The 15 Day Privacy Challenge starts October 15th, for fifteen days.

The challenge includes tasks centered on a privacy or security best practice. Each challenge includes a short description about why this practice is important, how to get started, and links to additional resources. Each challenge will take approximately 15 minutes to complete.  All activities are  online and accessible from any internet enabled device.

[clickToTweet tweet=”Practical #privacy and security tips for home or office – FREE! #15DayPrivacyChallenge #CyberAware” quote=”15 Day Privacy Challenge – Practical privacy and security tips for the internet enabled home and office – FREE!”]

Businesses and healthcare providers are legally responsible to ensure that every employee, contractor, and vendor receives privacy and security training, including cyber awareness. Prevent malicious errors, omissions or attacks that could result in fines and even jail time for the business, healthcare provider, employee, or vendor by being up to date on privacy and security best practices.

Training is the cornerstone of every privacy and security program.

People love games, challenges, and cyber competitions to create variety and interest in privacy and security best practices. The 15 Day Privacy Challenge uses a variety of multi-media content that everyone in your practice can understand. Privacy awareness training alone won’t guarantee that mistakes or errors in judgement won’t happen, but Privacy Awareness Training is your logical first step.

 15 Day Privacy Challenge Teach Staff

The 15 Day Privacy Challenge starts October 15th, for fifteen days.

The 15 Day Privacy Challenge includes easy to access on-line resources delivered each day. You will have access to all of the resources for one year on the website.
BONUS – access to discussion group with other participants to share your tips.

What People Are Saying 

Don't just take it from us, here is what previous participants are saying:

“The 15 Day Privacy Challenge has given me some additional information on day-to-day responsibilities that I hadn't considered until now. Each Privacy Challenge has been so informative and I've been sharing it with our office staff.”

Vera. Alberta Health Services
“The 15 Day Privacy Challenge has made me aware of the policies that my facility needs to update/create!”
Rachel Worthing, CHIM, Ontario Shores Centre for Mental Health Sciences
“The 15 Day Privacy Challenge has given me some great resource information and helped me to identify the areas that I need to work on. I found value in almost all of the Privacy Challenges, but I would say Risk Assessment, Social Media, Email Phishing and Spam, and Confidentiality are the top four.”
Sharon

  The 15 Day Privacy Challenges includes:

  • Posters
  • Short articles with practical information
  • Videos
  • Infographics
  • Links to additional free resources
  • Certificate of completion

The 15 Day Privacy Challenge includes practical tips on:

  • Confidentiality
  • Privacy Collection
  • Manage USB Sticks and Mobile Devices
  • Computer Backup
  • Computer Security
  • Spam email, Phishing emails, Spear-phishing
  • Privacy Officer Education
  • The Right to Access Your Own Personal Information
  • Change Your Passwords
  • Employee Orientation
  • Social Media
  • Risk Assessment
  • Privacy Breach Reporting

At the end of the challenge, you will receive a printable certificate of completion. Successful challengers might also find that this qualifies for CPE credits, too!

You will also have many more tools to add to your privacy tool box!

You can do this yourself or make it a team event. The finished tasks and poster will contribute to your business' Privacy Management Program. Proudly display your poster to your co-workers and customers to show the steps you have taken to manage privacy and security.

The course is free – there is no risk to you and you will see that the 15 Day Privacy Challenge is the perfect way to make small changes easily that can improve the privacy and security of your information right away!

Register right away while this is fresh in your mind! You won’t want to miss a single one!

Yes, I'm ready to take the Privacy Challenge!

Includes the webinar on October 19 – Do Your Club Volunteers Protect Your Privacy?

Please provide your email address below and you will be re-directed to the Privacy Challenge registration page. Check your email in-box to confirm your registration!

 

Along with your webinar registration, you will also benefit from the occasional Privacy Nugget tips by email of similar privacy resources and articles that you can use right away!

 

#15DayPrivacyChallenge, #CyberAware, #NCSAM, 15 Day Privacy Challenge, healthcare, Practical Privacy Coach, Practice Management Mentor, privacy, privacy awareness, privacy officer, security, security awareness, training

Privacy Awareness in Healthcare: Essentials

Posted on May 15, 2017 by Jean Eaton in Blog, Services

Privacy Awareness Training 

As an employer and health care provider, you are responsible to provide training to all of your employees about privacy awareness. If you don’t provide the training, if the employees don’t understand the policies and there is a privacy breach, then the healthcare provider is more likely to be held accountable under the legislation and face penalties including fines and even prison!

Protect your organization and your patients. Equip your staff with the information they need to confidently and correctly handle personal health information. Healthcare businesses who want employee and supervisor level privacy awareness training to support key policies, procedures and risk management programs need a privacy awareness training program.

“Privacy Awareness in Healthcare: Essentials” training is a 2 part, on-line training program for healthcare providers, support team, and vendors to confidently and correctly handle personal health information and to recognize and report a privacy breach.

If You

  • work in healthcare or social services
  • are a member of a health profession or work with healthcare professionals
  • are a business vendor, contractor, or provide services with a healthcare or social services organization

You Need Privacy Awareness in Healthcare: Essentials

You will 

  • Understand patient and client privacy rights.
  • Respect personal health information and your obligations.
  • Confidently and correctly handle personal health information.
  • Use reasonable safeguards to protect personal health information (PHI).
  • Recognize and respond to a privacy breach
  • Support key policies, procedures and risk management programs in your healthcare practice.

Interactive Online Learning Experience provided by Corridor Interactive

Corridor Interactive’s Buy Now Training Programs give you access to the most current information available, at your convenience. Complete your course all at once, or in multiple sessions from any location – it’s up to you. All you need is an internet connection and an email address to get started…it’s that easy!

  • Fits into your schedule – you can start, pause at anytime, and return to the course exactly where you left off.
  • Easy to use – navigation buttons makes it easy to continue to the next topic or pick and choose the order that you want to see the content.
  • Get started immediately – the entire course is ready for you!
  • Work at your own pace – you have access to the course for three (3) months. Most students complete the course in under 2 hours.
  • You can listen to the narration for each module.
  • Practical examples, too, to make it easier for you to apply what you have learned in the course to your job.
  • Links to extra resource material and websites related to your topic of study, to peruse at your convenience.
  • A printable Certificate of Completion, available as soon as you successfully complete your course.
  • An audit trail and record of your course activity and training history.
  • Self-directed learning features including the ability to pause your course at any time and resume later, right from where you left off.
  • Unlimited access to your course and resources for the duration of your subscription term.
  • Technical support with a one-business day turnaround for end-user support help and questions.
  • Automatic emails when you complete your course, or reminders if you have not completed.
  • This course is pre-approved by the International Association of Privacy Professionals (IAPP) for 2.5 Group A Continuing Professional Education (CPE) credits for CIPP/C, CIPM, and CIPT-certified individuals.

Developed by Corridor’s team of seasoned software specialists and instructional designers, this unique online learning application is the optimum vehicle for delivering learning content.

Select the training that best fits your needs

Privacy Awareness in Health Care Training – Canada includes detailed resources for each province and territory with key terminology and links to applicable privacy legislation. Resources are provided for our ten provinces: Alberta, British Columbia, Manitoba, New Brunswick, Newfoundland & Labrador, Nova Scotia, Ontario, Prince Edward Island, Quebec, Saskatchewan, and three territories: Northwest Territories, Nunavut and Yukon. This new product is ideal for both organizations and vendors who provide health care services or have health care clients in more than one province.

Privacy Awareness in Health Care Training – Alberta includes the mandatory privacy breach notification amendments to the Health Information Act (HIA).

Privacy Awareness in Health Care Training – Ontario specifically covers all legislation and rules specific to the province of Ontario including the Personal Health Information Protection Act (PHIPA).

Refresher: Privacy Awareness in Health Care – Alberta is a quiz-based review of Corridor’s full Privacy Awareness course. The Refresher starts with an initial quiz to assess knowledge on the topics and information covered in the full course. Based on the quiz results, one or more of eight Refresher topic quizzes must be completed, each focusing on a specific subject area. The Refresher also includes access to the original course content.

 

Not sure if the Privacy Awareness in Healthcare: Essentials training is right for you?

Watch this Practice Management Nuggets Webinar interview with Heather Mooney for a detailed look at the online course.

This short video from Corridor Interactive will give you a glimpse into the look and feel of the online course experience.

I'm convinced! Sign me up!

$35 per subscription

Register Now

 Give your staff the knowledge and tools they need to apply policy in their day-to-day work AND prevent a privacy breach with privacy awareness training.

 

Privacy Awareness in Healthcare: Essentials

Protect your organization and your patients. Equip your staff with the information they need to confidently and correctly handle personal health information. Learn basic healthcare privacy principles and how to handle personal health information, use safeguards, and recognize and report a privacy breach.

Along with your registration to the course from Corridor Interactive, you will also benefit from the occasional Privacy Nugget tips from Your Practical Privacy Coach by email of similar privacy resources and articles that you can use right away!

I have used Corridor's Privacy Awareness in Healthcare: Essentials online training program. The course has helped satisfy the training requirements of the Health Information Act. Staff go through the course at their own pace while we monitor to ensure completion.

Luke Brimmage

Executive Director, Aspen Primary Care Network

The online Privacy Training from Corridor Interactive helped EFW in providing consistent and comprehensive privacy training to all of our staff.  The information in the modules was presented in a way that was relevant and easy to understand and offered the added benefit of being able to be completed by staff in smaller time periods using the automatic bookmarks.  One of the best features was the ability to customize the program and add in links and references to specific EFW Radiology processes and policies.  This made the training not just another off the shelf product, but something relatable to our organization as a whole.

Helen Lemieux, CHRP

Director of Human Resources, EFW Radiology

Sounds great! Sign me up!

This self-paced on-line education includes:

Welcome

  • Introduction to the course
  • Privacy legislation introduction

Part 1

  • Understanding Privacy
  • Privacy Principles
  • Collection, Use and Disclosure
  • Roles and Responsibilities
  • Privacy Breaches

Part 2

  • Right of Access
  • Safeguards
  • What is ‘Personal Health Information’?
  • Handling Personal Health Information
  • Post Test to confirm that you understand the key concepts

Certificate of Completion

“When we know better, we can we do better.”

As an employer and health care provider, you are responsible to provide training to all of your employees about privacy awareness. Protect your organization and your patients. Equip your staff with the information they need to confidently and correctly handle personal health information.

I am constructively obsessive about privacy and confidentiality in the healthcare sector–and I think you should be, too! I designed this course to assist healthcare providers, clinic managers, practice managers, privacy officers and independent healthcare practice owners provide practical privacy awareness training that was easy to implement, consistent content, cost-effective and meaningful to your day-to-day business.

When each member of your independent healthcare practice completes this privacy awareness course, you will have clearer expectations and confidence that your team will maintain the privacy, confidentiality and security of your patient’s health information. Give your patients the gift of privacy. Improve your healthcare practice with privacy awareness education.

Jean L. Eaton, Your Practical Privacy Coach Information Managers Ltd.

Frequently Asked Questions

How can I access the course?

The course, Privacy Awareness in Healthcare: Essentials, is available on-line from any internet enabled device. You can use your desktop computer, smart phone or tablet to view the slides and even hear the narration.

How long is the course?

Most students complete the course in under 2 hours. You can start and stop the course at any time. Let's say you decide to take 20 minutes each day to work on the course. You can login and start the course right away. When you come back to the course the next day, you can start right from where you left off. You will have all the modules and the post-test done within 6 days. Don't worry about missing a few days – you have access to the course for a full 3-months!

This is my first job in a healthcare practice. Do I know enough to start the course?

You bet! The course is easy to read and I explain all the terms that you need to know. There are a lot of practical examples, too, to make it easier for you to apply what you have learned to your job.

I've worked in healthcare for a long time. Do I still need to take this course?

You bet! Seasoned professionals like yourself have an extra obligation to share your knowledge with new workers. This course will help you to refresh key principles and suggest wording, examples, and key messages that you can use to train new employees to their specific tasks in the workplace. The course will help you to advocate for the privacy rights of your patients. Unfortunately, we have many examples where trained professionals who “should have known better” make errors in judgement causing privacy breaches that affect our patients, our business, and the reputation of healthcare. Healthcare practitioners and owners have a responsibility to ensure that everyone in the practice receive comprehensive privacy awareness training regularly.

Will I get a certificate of completion that I can give my employer?

Yes –  at the end of the course, you will have the opportunity to complete a short on-line quiz to confirm that you understand the key concepts. Then you will have access to a Certificate of Completion that you can download and share with whomever you choose.

Can I get continuing education credits with my professional association?

Maybe! This course is pre-approved by the International Association of Privacy Professionals (IAPP) for 2.5 Group A Continuing Professional Education (CPE) credits for CIPP/C, CIPM, and CIPT-certified individuals. If you are a member of another association and you would like to seek credits from for taking this course, please let us know so we can take steps to request pre-approval.

How much is the course?

The course is $30 per individual 3 month subscription. Click here to buy it right away.

I think everyone in my healthcare practice should take this course! Can I buy in a group package?

Yes – Privacy Awareness in Healthcare: Essentials is available in group packages, or it can be customized to incorporate your organization’s privacy policy and practices. Employers can monitor the employee’s training progress and receive a report of employee’s satisfactory completion of on-line quizzes. Track annual privacy awareness training through our online platform to demonstrate your compliance with legislation. Contact Corridor Interactive for more information.

I agree that privacy awareness training is important - but I don't work in healthcare. Do you have a corporate privacy awareness program?

While these programs have been developed with health care providers in mind, the privacy principles and fundamentals of protecting personal information are appropriate for any organization that collects, uses, and discloses personally identifying information. Contact us for information about our Corporate Privacy Awareness Program!

Interested in Group Training?

Employers can also purchase training for groups of employees; employees can access the internet based training at a time and location convenient to them. Employers can monitor the employee’s training progress and receive a report of employee’s satisfactory completion of on-line quizzes. Track annual privacy awareness training through our online platform to demonstrate your compliance with legislation.

Email Corridor Interactive to Order Group Training

Corridor Interactive, health care, Health Information Act Training, healthcare, healthcare provider, primary healthcare, privacy, privacy awareness, Privacy Awareness in Healthcare: Essentials, privacy breach, training

Privacy Breach Awareness Training

Posted on February 28, 2017 by Jean Eaton in Training

The biggest mistake in managing a privacy breach is not recognizing the privacy breach!

Join the FREE 15-minute Privacy Breach Awareness On-line Training to discover how you can avoid this mistake and what to do instead.

You can start the on-line education right away from your desktop or mobile internet enabled device.

All you need is a headphone or speakers to listen to the video.

Dealing with a privacy breach in your clinic can be stressful and confusing. What should you do? Who should you contact?

80% of all privacy breaches are caused inside the business

Most of these breaches are an ‘oops’ or honest mistakes. Some breaches are malicious or intentional. Sometimes business have security breaches from outside the business that cause privacy breaches.

If you don’t know how to recognize a privacy breach, you will not be able to manage the breach and prevent it from happening again and again.

This FREE 15-minute Privacy Breach Awareness On-line Training will help your employees to spot a Privacy Breach and know what to do next.

We use MailChimp as our marketing automation platform. By clicking below to submit this form, you acknowledge that the information that you provide will be transferred to MailChimp for processing in accordance with their Privacy Policy and Terms.



You will also benefit from the occasional Privacy and Practice Management tips by email of similar resources that you can use right away!

Privacy Breach Awareness Training for YOUR Employees

Includes:

  • Video – “Can You Spot the Privacy Breach?” (7 minutes)
  • Learning Resources Guide you can download
  • Post Test and
  • Certificate of Attendance

Ideal for front line staff, privacy officers, clinic managers, practice managers, healthcare providers, owners.

Learn the 3 common mistakes made when managing a privacy breach.

Learn from someone else’s mistakes!

Practical tips that you can use right away to protect the privacy of your clients and patients!

With Jean L. Eaton, Your Practical Privacy Coach!

It is easy for you to access the on-line Privacy Breach Awareness Training.  Just register for the FREE on-line course.

Remember to check your email for the confirmation message and instructions.

Along with your webinar registration, you will also benefit from the occasional Privacy Nugget tips by email of similar privacy resources and articles that you can use right away!

 

Yes, you can share this!

Can You Spot the Privacy Breach?, privacy breach, privacy breach awareness, training

Why Does Data Privacy Matter So Much?

Posted on January 23, 2017 by Jean Eaton in Blog

Data privacy is important. But the real question is, why does data privacy matter so much?

“Our personal information is built with our data that enriches, defines, educates and connects us. Data tells our story.” M. Dennedy, VP & CPO at Cisco.

Celebrate Data Privacy Day with Information Managers!

Tweet This!

Concerned about your privacy online? The FREE Data Privacy Day E-course makes it easy for you to enjoy the benefits of the internet while protecting your privacy.
It's easy, fun and filled with practical tips, tools, and resources! Get it before it's gone.

Follow Data Privacy Day around the world using Twitter and #PrivacyAware.

We are proud to be a Data Privacy Day Champ!

#PrivacyAware, best practice, Data Privacy Day, Practical Privacy Coach, Practice Management Mentor, privacy awareness, training
12

Search the site

What is the elephant in the room?

The Elephant in the Room Find out here...

Privacy Policy

"I attended the Privacy Impact Assessment Walkthrough workshop (for ARMA members). Jean shared resources and on-going networking opportunities. The biggest benefit to me is to know that there is help out there in moving forward with our Privacy Impact Assessment responsibilities."

- Ellen Sauvé, Parkland County

Register for Free On-line Privacy Breach Awareness Training!

Privacy Policy

Copyright 2022 Information Managers Ltd.

Manage Cookie Consent
To provide the best experiences, we use technologies like cookies to store and/or access device information. Consenting to these technologies will allow us to process data such as browsing behavior or unique IDs on this site. Not consenting or withdrawing consent, may adversely affect certain features and functions.
Functional Always active
The technical storage or access is strictly necessary for the legitimate purpose of enabling the use of a specific service explicitly requested by the subscriber or user, or for the sole purpose of carrying out the transmission of a communication over an electronic communications network.
Preferences
The technical storage or access is necessary for the legitimate purpose of storing preferences that are not requested by the subscriber or user.
Statistics
The technical storage or access that is used exclusively for statistical purposes. The technical storage or access that is used exclusively for anonymous statistical purposes. Without a subpoena, voluntary compliance on the part of your Internet Service Provider, or additional records from a third party, information stored or retrieved for this purpose alone cannot usually be used to identify you.
Marketing
The technical storage or access is required to create user profiles to send advertising, or to track the user on a website or across several websites for similar marketing purposes.
Manage options Manage services Manage vendors Read more about these purposes
View preferences
{title} {title} {title}