Information Managers
  • Home
  • Services
    • All Services
  • Templates
  • Blog
  • Contact Us
  • Practice Management Success
  • Podcasts

Mental Health Awareness and COVID-19 Workplace Strategies

Posted on July 12, 2021 by Meghan in Blog

We may have mastered the physical side of working remotely but what about the emotional side?

A year ago, Canadians were three months into the pandemic. We were through the initial shock of shutdowns and closures, but most of us were still trying to find our groove in navigating the “new normal”. For millions of working Canadians, this included a sudden and drastic transition to working from home or another remote location, physically isolated from coworkers.

While employees were sorting out logistics and the practical side of things, employers were scrambling to find innovative ways to bring employees together virtually, create a sense of camaraderie and keep morale (and productivity) high. Despite best efforts on both sides of the equation, there was an immediate impact on the mental health and well-being of millions of workers. Surely these would only be temporary challenges and set-backs.

With more than a year behind us working under these conditions, it might be natural to assume that employees have come a long way since we started down this path. In some respects, we have. After all, we have learned to adjust and “make do” with our displaced and reconfigured work environments and schedules. We’ve got the physical side of working from home sorted out, even if it’s not perfect.

Thanks to technology, we can connect to our work world from remote places better than ever. Stress and anxiety levels must be lower because it’s certainly not as tough as it was in the beginning.

Or is it?

Mental Health Awareness

Be Mindful of Your Own Well-Being

As we plan our new workplace and home environments, Corridor Interactive provides an on-line free resource, Mental Health Awareness & COVID-19 Workplace Strategies to help you.

While working from home has its advantages, and for many may be the preferred way to work in the post-pandemic world, we need to be mindful of aspects that can impact our mental health.

Corridor Interactive

 

Corridor’s free Mental Health Awareness & COVID-19: Workplace Strategies course includes a module with insights and tips for supporting your mental health while working from home.

If you’re not in the habit of taking time out for yourself in the midst of juggling work and home responsibilities, make this the day you start to carve time out of your workday for your own mental health and well-being.

 

Read the full article from Corridor Interactive: COVID’s Mental Health Toll in the Workplace 56% of Canadians Stressed & Anxious

Read the article here

Re-printed with permission from Corridor Interactive

Corridor Interactive, COVID-19, mental health, mental health in the workplace, online training, pandemic, remote working, work from home

Do You Need a PIA for Remote Working or Virtual Care?

Posted on March 31, 2020 by Meghan in Blog

If your healthcare practice is implementing remote working or virtual healthcare, you need to notify the OIPC.

Health information is sensitive information. Reasonable efforts must be made to ensure that identifying and sensitive information is protected from unauthorized access, loss, or damage during and outside work hours. What a custodian may consider is reasonable efforts during a pandemic may be different than reasonable efforts from normal circumstances.

In Alberta, section 64 of the Health Information Act (HIA) requires custodians to prepare a privacy impact assessment (PIA) and submit it to the Office of the Information and Privacy Commissioner (OIPC) of Alberta prior to implementing a new administrative or technical process in a healthcare practice.

The OIPC in Alberta requests in its notice of March 19, 2020, that custodians notify the Commissioner about new administrative practices or information systems.

How Do I Notify The OIPC?

Step 1: If you have implemented, or plan to soon implement remote working, virtual care or other administrative or technical changes in response to the COVID-19 pandemic, send an email to the OIPC to inform them, in general terms, about your plans.

Step 2: As soon as possible, submit a project specific Privacy Impact Assessment to the OIPC.

To help you get started with Step 1, I have prepared a sample email that you can use.

Yes, send me the Sample Email to the OIPC!

Not sure if remote working is right for your healthcare practice?

Check out the The Practice Management Success Tip, Remote Worker Privacy and Security Checklist, will help you:

  • Determine if remote working is appropriate for your employees.
  • Identify what clinic / business resources need to be provided to the employee remote worker.
  • What reasonable safeguards need to be implemented to protect the privacy, confidentiality, and security of personal (health) information.

Did you enjoy this article? If you’d like to look at similar posts, visit these links:

What Should I Do If I Think I Have COVID-19?

Do You Know Where Your Policies and Procedures Are? 

Is Remote Working a Good Choice for Your Healthcare Practice?

Notice of Collection for Telemedicine and Virtual Health

 

healthcare, medical, OIPC, pandemic, physician, PIA, remote working, risk assessment, virtual healthcare, work from home

Notice of Collection for Telemedicine and Virtual Health

Posted on March 26, 2020 by Meghan in Blog

[s3vpp id=c5f551d2614464a26253c46391c66109]

If you are using telemedicine or virtual health, you still need to provide a notice of collection of personal information.

The Advice to the Profession series from the College of Physicians and Surgeons of Alberta (CPSA) offers guidance documents to assist you in assessing the security risks and safeguards of electronic communications, such as telemedicine or virtual health.



From the College of Physicians and Surgeons of Alberta (CPSA):

COVID-19: Virtual Care

Electronic Communications & Security of Mobile Devices

Standard of Practice Telemedicine

Along with helping you the assess the appropriate safeguards you need to take to protect the privacy and confidentiality of personal health information, the CPSA Advice also advises healthcare practices to ensure they have the consent of patients before providing virtual healthcare. 

The collection notice is important to ensure the privacy rights of patients. But the notice is rather wordy to say before every virtual health encounter with your patients.

How can I ensure consent?

I've made it easier for you. I've recorded an audio file that you can download and save to your cell phone. Play the audio notice of collection at the start of each telephone or video call to properly inform the patient before the consult.

When you download the Practice Management Success Tip, Remote Working Privacy and Security Checklist, you will receive an email with a link to the audio file.

I hope that the checklist and the audio file will help you to make good business decisions and, if this is the right fit for you, help you to provide virtual health to your patients.

You can use the collection notice below to prompt the clinician to ask the individual for their name and date of birth at the outset of the call.

If you are using a video conference call, you could also consider having the patient display their photo ID to the camera.

Remember – don't use the record feature for the video conference call!

If you are using a video conferencing, patient portal or other third party platform, direct the patient to review the privacy policy of the provider, too.

The clinician then documents in the patient's chart that the patient's identity was verified by having the patient verbally provides their name, date of birth (and/or photo ID).

Script – Notice Of Collection

Unregulated virtual care technologies increase the risk that your personal health information may be intercepted or disclosed to third parties. These tools are being used as an extraordinary measure during the COVID-19 pandemic when regulated technology is not readily available, and the necessity to keep people from congregating or attending health facilities where they may be exposed to the COVID-19 virus is thought to outweigh the risk of personal privacy breaches on both a personal and population health basis.

By providing your information, during this teleconference or video conference call, you agree to let us collect, use, or disclose your personal health information through video or audio communications in order to provide you with care.

You will be asked to state your full name and date of birth will confirm your identity and ensure accurate record keeping.

Continuing with this telephone or video conference call indicates your consent to the collection of your personal information as authorized under the Health Information Act of Alberta.

 

Download The Remote Worker Privacy and Security Checklist

And get the Collection Notice audio for FREE.

 

The Practice Management Success Tip, Remote Worker Privacy and Security Checklist, will help you

  • Determine if remote working is appropriate for your employees.
  • Identify what clinic / business resources need to be provided to the employee remote worker.
  • What reasonable safeguards need to be implemented to protect the privacy, confidentiality, and security of personal (health) information.

Did you enjoy this article? If you’d like to look at similar posts, visit these links:

What Should I Do If I Think I Have COVID-19?

Do You Know Where Your Policies and Procedures Are? 

Remote Working and Virtual Care Policies Procedures PIA Templates

healthcare, medical, notice of collection, pandemic, physician, remote working, risk assessment, work from home

Is Remote Working A Good Choice For Your Healthcare Practice?

Posted on March 23, 2020 by Jean Eaton in Blog

In our healthcare practices, we have policies and procedures to identify the reasonable safeguards we need to take to protect personal and health information entrusted to us. But when employees complete their roles off-site, due to personal circumstances or to ensure business continuity in unusual situations, we need to take action to ensure reasonable safeguards are in place to protect the privacy, confidentiality, and security of personal health information.

Remote Work May Be Available To Employees

Working from home is at the sole discretion of the custodian and owner of the clinic. Examples when this may be applicable include:

  • Business continuity – due to technical, physical, or other unusual circumstances.
  • Work levelling – volumes of work are distributed to another location usually for a short duration.
  • Illness / personal circumstances – where an employee is unable to report to work at the clinic but can continue to complete their roles off-site.

Some administrative tasks in a healthcare office – for example, incoming phone calls, appointment booking, appointment reminders, billing, and/or transcription – could be done from a home office environment. Sometimes even follow-up and consultations from the healthcare provider can be done remotely, too.

The healthcare provider or custodian is ultimately responsible to ensure the secure collection, use, and disclosure of health information.

For the purposes of this article, the ‘custodian’ may be the healthcare provider defined by the HIA, or the lead healthcare provider or owner in your practice.

p

In Alberta, a ‘custodian’ is defined under the Health Information Act as a health services provider who is designated in the regulations as a custodian, or who is within a class of health services providers that is designated in the regulations. HIA section 1(1)(f)(ix)

This includes:

  • Physicians
  • Pharmacists
  • Optometrists
  • Opticians
  • Chiropractors
  • Midwives
  • Podiatrists
  • Denturists
  • Dentists and dental hygienists
  • Registered nurses

Is Remote Working Good for Your Business?

As the custodian, you must decide if remote working is a good option for your business. When you decide that this is a viable option for your business, you then need to: 

  • Determine if remote working is appropriate for your employees.
  • Identify what clinic / business resources need to be provided to the employee remote worker.
  • What reasonable safeguards need to be implemented to protect the privacy, confidentiality, and security of personal (health) information.

Likely you will continue to have both on-site and remote workers. The custodian will decide what ratio is appropriate to provide patient care and business goals on both a short term and a long term basis.

Regulations, Standards, Policy

Each healthcare business has multiple sources of sensitive information, including employee, financial, business, and health information. Custodians and owners have a responsibility under a variety of regulations, professional practice standards, and internal policies to protect the privacy, confidentiality, and security of personally identifying information (PII).

Health information is sensitive information. Reasonable efforts must be made to ensure that identifying and sensitive information is protected from unauthorized access, loss, or damage during and outside work hours. What a custodian may consider is reasonable efforts during a pandemic may be different than reasonable efforts from normal circumstances.

During a public health crisis, privacy laws still apply, but they are not a barrier to appropriate information sharing.

Privacy Impact Assessments

In Alberta, section 64 of the Health Information Act (HIA) requires custodians to prepare a privacy impact assessment (PIA) and submit it to the Office of the Information and Privacy Commissioner (OIPC) of Alberta prior to implementing a new administrative or technical process in a healthcare practice.

The OIPC in Alberta requests in its notice of March 19, 2020, that custodians notify the Commissioner about new administrative practices or information systems. Your submission to the OIPC should include a description of what the new program is meant to achieve and any safeguards for health information.

Standards

Your professional college may also have standards of practice and recommendations that impact your decision to implement remote working or virtual healthcare.

The Advice to the Profession series from the College of Physicians and Surgeons of Alberta (CPSA) offers guidance documents to assist you in assessing the security risks and safeguards of electronic communications, including laptops and mobile devices, to further assist you to determine appropriate safeguards.



From the College of Physicians and Surgeons of Alberta (CPSA):

COVID-19: Virtual Care

Electronic Communications & Security of Mobile Devices

Standard of Practice Telemedicine

Review Your Current Policies and Procedures

Don’t cut corners. Instead, build privacy into your decision. Create, review, and update your policies and procedures.

Use the Remote Worker Privacy and Security Checklist to help you document your decisions and expectations with eligible employees.

You may also need to consult your information technology support providers to ensure up-to-date computer and network security has been implemented.

Virtual Healthcare

Healthcare providers may consider providing virtual healthcare services to their patients. The healthcare provider may be at their usual clinic or office location and use all of their existing systems and tools to access patient records in paper or electronic medical records (EMR).

Alternatively, the healthcare provider may be working remotely, too. The same privacy, confidentiality, and security safeguards applies to their home working location.

If you are choosing to implement a new virtual healthcare solution specifically to respond to the current public health emergency, the Office of the Information and Privacy Commissioner (OIPC) of Alberta advises that

“ . . .custodian[s] need to determine what are reasonable safeguards in the circumstances and be prepared to justify their decision. Health custodians should also ensure individuals are aware of any heightened risks to privacy as a result of a new administrative practice or information system being implemented.”

Remember, you can leverage existing technology – like the telephone – to keep in touch with your patients. This likely would not be considered a new administrative or technological practice that would require a PIA. This might also be a great time to fully implement your current patient portal functionality from your EMR vendor, too.

You may decide, based on your evaluation of the potential risks and what reasonable safeguards that you can quickly implement in response to the new public health emergency, that authorizing remote working or a new videoconferencing solution is not the best choice at this time.

Select the process that ensures continuity of care to the patient, including appropriate documentation in the patient record and the protection of the PII.

​Reference

Notice: PIAs During Public Health Emergency, March 19, 2020, Office of the Information and Privacy Commissioner (OIPC) of Alberta

The Practice Management Success Tip, Remote Worker Privacy and Security Checklist, will help you

  • Determine if remote working is appropriate for your employees.
  • Identify what clinic / business resources need to be provided to the employee remote worker.
  • What reasonable safeguards need to be implemented to protect the privacy, confidentiality, and security of personal (health) information.
Show Me The Remote Worker Privacy and Security Checklist

Did you enjoy this article? If you’d like to look at similar posts, visit these links:

What Should I Do If I Think I Have COVID-19?

Do You Know Where Your Policies and Procedures Are? 

 

assessment, healthcare, medical, pandemic, physician, remote working, risk assessment, template, work from home

What is the elephant in the room?

The Elephant in the Room Find out here...

 

Privacy Policy

 

"The 15 Day Privacy Challenge has given me some great resource information and helped me to identify the areas that I need to work on. I found value in almost all of the Privacy Challenges, but I would say Risk Assessment, Social Media, Email Phishing and Spam, and Confidentiality are the top four."

- Sharon

Register for Free On-line Privacy Breach Awareness Training!

Privacy Policy

Copyright 2023 Information Managers Ltd.

0 shares
Manage Cookie Consent
To provide the best experiences, we use technologies like cookies to store and/or access device information. Consenting to these technologies will allow us to process data such as browsing behavior or unique IDs on this site. Not consenting or withdrawing consent, may adversely affect certain features and functions.
Functional Always active
The technical storage or access is strictly necessary for the legitimate purpose of enabling the use of a specific service explicitly requested by the subscriber or user, or for the sole purpose of carrying out the transmission of a communication over an electronic communications network.
Preferences
The technical storage or access is necessary for the legitimate purpose of storing preferences that are not requested by the subscriber or user.
Statistics
The technical storage or access that is used exclusively for statistical purposes. The technical storage or access that is used exclusively for anonymous statistical purposes. Without a subpoena, voluntary compliance on the part of your Internet Service Provider, or additional records from a third party, information stored or retrieved for this purpose alone cannot usually be used to identify you.
Marketing
The technical storage or access is required to create user profiles to send advertising, or to track the user on a website or across several websites for similar marketing purposes.
Manage options Manage services Manage vendors Read more about these purposes
View preferences
{title} {title} {title}