Privacy, Quality and Electronic Health Information Royal New Zealand College of GPs Quality Forum 14...
-
Upload
abigail-bishop -
Category
Documents
-
view
219 -
download
0
Transcript of Privacy, Quality and Electronic Health Information Royal New Zealand College of GPs Quality Forum 14...
![Page 1: Privacy, Quality and Electronic Health Information Royal New Zealand College of GPs Quality Forum 14 February 2009 Sebastian Morgan-Lynch sml@privacy.org.nz.](https://reader036.fdocuments.in/reader036/viewer/2022062314/56649e9f5503460f94ba157f/html5/thumbnails/1.jpg)
Privacy, Quality and Electronic Privacy, Quality and Electronic Health Information Health Information
Privacy, Quality and Electronic Privacy, Quality and Electronic Health Information Health Information
Royal New Zealand College of GPs Quality Forum
14 February 2009
Sebastian Morgan-Lynch
Policy Adviser (Health)
Office of the Privacy Commissioner
![Page 2: Privacy, Quality and Electronic Health Information Royal New Zealand College of GPs Quality Forum 14 February 2009 Sebastian Morgan-Lynch sml@privacy.org.nz.](https://reader036.fdocuments.in/reader036/viewer/2022062314/56649e9f5503460f94ba157f/html5/thumbnails/2.jpg)
Health Information Privacy Code 1994: Health Information Privacy Code 1994: SummarySummary
1)1)Only collect the information you needOnly collect the information you need
2)2)Get it from the person concernedGet it from the person concerned
3)3)Tell them what you're doingTell them what you're doing
4)4)Be nice when you're doing itBe nice when you're doing it
5)5)Take care of the information once you've got itTake care of the information once you've got it
6)6)They can see it if they want to They can see it if they want to
7)7)They can correct it if it's wrongThey can correct it if it's wrong
8)8)Make sure it's accurate before you use itMake sure it's accurate before you use it
9)9)Get rid of it when you're done with itGet rid of it when you're done with it
10)10)Only use it for the purpose you got it for Only use it for the purpose you got it for
11)11)Only disclose it if that's why you got itOnly disclose it if that's why you got it
12)12)Be careful with unique identifiersBe careful with unique identifiers
![Page 3: Privacy, Quality and Electronic Health Information Royal New Zealand College of GPs Quality Forum 14 February 2009 Sebastian Morgan-Lynch sml@privacy.org.nz.](https://reader036.fdocuments.in/reader036/viewer/2022062314/56649e9f5503460f94ba157f/html5/thumbnails/3.jpg)
Health Information Privacy Code 1994:Health Information Privacy Code 1994:
Summary of the SummarySummary of the Summary
1)1)PurposePurpose
2)2)OpennessOpenness
![Page 4: Privacy, Quality and Electronic Health Information Royal New Zealand College of GPs Quality Forum 14 February 2009 Sebastian Morgan-Lynch sml@privacy.org.nz.](https://reader036.fdocuments.in/reader036/viewer/2022062314/56649e9f5503460f94ba157f/html5/thumbnails/4.jpg)
Paper RecordsPaper RecordsTraditional, convenient and Traditional, convenient and
familiarfamiliarVulnerable to fire, water, theftVulnerable to fire, water, theftLikely to be limited number of Likely to be limited number of
copiescopiesNo way to tell if someone has No way to tell if someone has
looked at (or copied) a recordlooked at (or copied) a recordPhysically bulkyPhysically bulky
![Page 5: Privacy, Quality and Electronic Health Information Royal New Zealand College of GPs Quality Forum 14 February 2009 Sebastian Morgan-Lynch sml@privacy.org.nz.](https://reader036.fdocuments.in/reader036/viewer/2022062314/56649e9f5503460f94ba157f/html5/thumbnails/5.jpg)
Electronic RecordsElectronic Records A lot of information can be stored in a A lot of information can be stored in a
small (=>tiny=>miniscule) unitsmall (=>tiny=>miniscule) unit A lot of information can be lost very quicklyA lot of information can be lost very quickly Complex range of potential access – Complex range of potential access –
anonymised, pseudonymised etcanonymised, pseudonymised etc Much easier to collate and analyse data, Much easier to collate and analyse data,
once collectedonce collected Much, much more accessible over distanceMuch, much more accessible over distance People don't necessarily understand themPeople don't necessarily understand them Easy to track access, if system set up with Easy to track access, if system set up with
appropriate safeguardsappropriate safeguards
![Page 6: Privacy, Quality and Electronic Health Information Royal New Zealand College of GPs Quality Forum 14 February 2009 Sebastian Morgan-Lynch sml@privacy.org.nz.](https://reader036.fdocuments.in/reader036/viewer/2022062314/56649e9f5503460f94ba157f/html5/thumbnails/6.jpg)
The SituationThe Situation Most GPs with computerised practicesMost GPs with computerised practices Public awareness of electronic health Public awareness of electronic health
information low information low Increasing awareness of deaths due to medical Increasing awareness of deaths due to medical
error - DHB serious and sentinel events reports, error - DHB serious and sentinel events reports, ~100,000 per year in US~100,000 per year in US
Multiple regional and national projects to Multiple regional and national projects to develop EHRs or electronic health systemsdevelop EHRs or electronic health systems
Growing concern in sector over risks arising from Growing concern in sector over risks arising from expansion of electronic health recordsexpansion of electronic health records
No compulsory data breach disclosureNo compulsory data breach disclosure Potential for huge data breach – sweeping Potential for huge data breach – sweeping
change in public perception – baby/bathwater change in public perception – baby/bathwater
![Page 7: Privacy, Quality and Electronic Health Information Royal New Zealand College of GPs Quality Forum 14 February 2009 Sebastian Morgan-Lynch sml@privacy.org.nz.](https://reader036.fdocuments.in/reader036/viewer/2022062314/56649e9f5503460f94ba157f/html5/thumbnails/7.jpg)
Privacy Protections for Electronic Privacy Protections for Electronic Health RecordsHealth Records
No legal distinction between No legal distinction between privacy of health information privacy of health information stored on paper and electronicallystored on paper and electronically
Practical issues around purpose Practical issues around purpose and openness with electronic and openness with electronic information – “gatekeepers”information – “gatekeepers”
How many people know how their How many people know how their information is actually going to be information is actually going to be used?used?
Whose job is it to tell them?Whose job is it to tell them?
![Page 8: Privacy, Quality and Electronic Health Information Royal New Zealand College of GPs Quality Forum 14 February 2009 Sebastian Morgan-Lynch sml@privacy.org.nz.](https://reader036.fdocuments.in/reader036/viewer/2022062314/56649e9f5503460f94ba157f/html5/thumbnails/8.jpg)
Rule 3 ParaphraseRule 3 Paraphrase As the ‘front line’, GPs need to As the ‘front line’, GPs need to
make sure their patients know make sure their patients know whywhy their information is being their information is being collected and collected and whowho is going to see is going to see itit
Therefore, GPs need to know Therefore, GPs need to know wherewhere the information they collect the information they collect is going to go, and is going to go, and whywhy
Currently this is not always the Currently this is not always the casecase
![Page 9: Privacy, Quality and Electronic Health Information Royal New Zealand College of GPs Quality Forum 14 February 2009 Sebastian Morgan-Lynch sml@privacy.org.nz.](https://reader036.fdocuments.in/reader036/viewer/2022062314/56649e9f5503460f94ba157f/html5/thumbnails/9.jpg)
TestsafeTestsafe Testsafe created as regional results Testsafe created as regional results
repository in Auckland region (CMDHB, repository in Auckland region (CMDHB, WDHB, ADHB)WDHB, ADHB)
Privacy framework, opt off, ability for Privacy framework, opt off, ability for patients to ‘blank’ date rangespatients to ‘blank’ date ranges
Harbour Health unhappy with various Harbour Health unhappy with various aspects of programme, particularly aspects of programme, particularly privacy, recommended its GPs not privacy, recommended its GPs not participateparticipate
Meeting end 2008, agreed that Testsafe Meeting end 2008, agreed that Testsafe needed to help ensure patients and GPs needed to help ensure patients and GPs knew how, where and why the results knew how, where and why the results were being storedwere being stored
![Page 10: Privacy, Quality and Electronic Health Information Royal New Zealand College of GPs Quality Forum 14 February 2009 Sebastian Morgan-Lynch sml@privacy.org.nz.](https://reader036.fdocuments.in/reader036/viewer/2022062314/56649e9f5503460f94ba157f/html5/thumbnails/10.jpg)
Benefits, Risks, OpportunitiesBenefits, Risks, Opportunities BenefitsBenefits
– National access to health information – servicing increasingly National access to health information – servicing increasingly transient populationtransient population
– Potentially more efficient use of resourcesPotentially more efficient use of resources– Lessen medical errors from transmission, transcription, lost Lessen medical errors from transmission, transcription, lost
referrals, incorrect medication etcreferrals, incorrect medication etc RisksRisks
– More potential for large scale data breachesMore potential for large scale data breaches– Loss of consumer trust if improperly managedLoss of consumer trust if improperly managed– Large collections of identified clinical data very tempting for Large collections of identified clinical data very tempting for
secondary uses – commercial, clinical, employmentsecondary uses – commercial, clinical, employment OpportunitiesOpportunities
– Ensuring good information management practices generally Ensuring good information management practices generally good clinical sensegood clinical sense
– GPs in position to play key role as advocates for their patients’ GPs in position to play key role as advocates for their patients’ interestsinterests
![Page 11: Privacy, Quality and Electronic Health Information Royal New Zealand College of GPs Quality Forum 14 February 2009 Sebastian Morgan-Lynch sml@privacy.org.nz.](https://reader036.fdocuments.in/reader036/viewer/2022062314/56649e9f5503460f94ba157f/html5/thumbnails/11.jpg)
ContactContact
Telephone: Wellington (04) 474 7590Auckland (09) 302 8680
Enquiries hotline: 0800 803 909Email: [email protected] address: http://www.privacy.org.nz