ADMINISTRATIVE MANUAL Policy and Procedure
|
|
- Margaret Ward
- 8 years ago
- Views:
Transcription
1 ADMINISTRATIVE MANUAL Policy and Procedure TITLE: Privacy NUMBER: CH Date Issued: April 2010 Page 1 of 7 Applies To: Holders of CDHA Administrative Manual POLICY 1. In managing personal information, Capital Health recognizes the importance of privacy and the sensitivity of personal information and has a responsibility: 1.1. To protect the privacy of each individual whose personal information it holds; 1.2. To afford the individual an opportunity to access that personal information; 1.3. To use and share personal information effectively to support the provision of health care, research and planning. 2. The right of individuals to privacy and to control use of their personal information, within the limits of the law, is essential to client care and the service provider relationship. 3. SCOPE 3.1. This policy applies, along with other relevant Capital Health policies, to any access to personal information in the custody of Capital Health including, but not necessarily limited to: All programs and services of the Capital Health, and all employees of those programs and services; All medical, dental and scientific staff with privileges at Capital Health; Researchers, research assistants, fellowships and all other employees, learners and contractors conducting research on the premises of Capital Health or using personal health information related to individual of Capital Health that is collected or in the custody of Capital Health; All learners completing internships, practicums, or work terms at Capital Health; All volunteers of Capital Health including but not limited to all persons appointed or invited to fulfill advisory, consultation or decision-making roles on Capital Health committees, panels, etc All agents and contractors of the Capital Health;
2 Privacy Page 2 of All consultants hired or engaged by the Capital Health; The members of the Board of Directors of Capital Health and of Capital Health Community Health Boards. 4. Capital Health only collects personal information from and about an individual: 4.1. To provide care and treatment; 4.2. For any purposes associated with the administration and management of Capital Health; 4.3. To plan, administer and manage quality of care provided by Capital Health; 4.4. To meet any legislative and regulatory requirements (e.g. Vital Statistics); 4.5. To support and promote research and education. 5. COMPLIANCE 5.1. Any breach of this Policy may result in significant disciplinary action up to and including termination or revocation of privileges, and termination of access to information Personal information may only be used as permitted by Capital Health and under the same legislation legal limitations that apply to Capital Health The Capital Health Privacy Officer is to be notified at the first reasonable opportunity if personal information is lost, stolen or accessed without authorization. DEFINITIONS Personal Information: Information in any form, including personal health information, that identifies an individual or could enable the individual to be identified, including but not necessarily limited to information about an individual, including: The individual s name, address or telephone number; The individual s race, national or ethnic origin, colour, or religious or political beliefs or associations The individual s age, sex, sexual orientation, marital status or family status; An identifying number, symbol or other particular assigned to the individual; The individual s fingerprints, blood type or inheritable characteristics; Information about the individual s physical or mental health which may include family history as reflected in the individual s health record; Information about the individual s educational, financial, criminal or employment history; Anyone else s opinions about the individual; and The individual s personal views or opinions, except if they are about someone else and the person who generated the opinion did so in the course of employment with Capital Health.
3 Privacy Confidentiality Security Privacy Page 3 of 7 Includes an individual s right to determine when, how, and to what extent they share information about themselves with others. The right of privacy and consent are essential to the trust of the client care or service provider relationship. Means the obligation of an individual, organization or custodian to protect the information entrusted to it and not misuse or wrongfully disclose it. [Source: Preliminary Draft of the Pan-Canadian Health Information Privacy and Confidentiality Framework]. Includes the measures taken to protect personal health information from unauthorized or unintentional loss, theft, access, use, modification or disclosure. GUIDING PRINCIPLES 1. This Privacy Policy outlines how Capital Health manages personal information and safeguards privacy. 2. Management and protection of health information at Capital Health is governed by the Hospitals Act, Section 71, all other personal information is governed by the Freedom of Information and Protection of Privacy Act (the FOIPOP Act). The Personal Information International Disclosure Protection Act (PIIDPA) governs the access, storage, disclosure and transportation of personal information outside of Canada. Capital District Health Authority is responsible to comply with this and any other relevant legislation PROCEDURE 1. Accountability for Personal Information 1.1. All Capital District Health Authority staff and individuals outlined in the policy Scope are accountable to protect the privacy of personal information under the control of Capital District Health Authority The Chief Executive Officer of Capital Health delegates responsibility for the management of privacy issues to the Privacy Officer including, but not limited to: Privacy policy and guideline development; Privacy education and training; Privacy inquires and complaints; 1.3. The Privacy Officer, on an on-going basis, monitors the Privacy policy and makes recommendations related to the protection of personal information. 2. Identifying Purposes for the Collection of Personal Information 2.1. All persons collecting personal information on behalf of Capital Health explains, to the extent necessary and as requested by the individual, the purpose for which the information is being collected or direct the individual to a person who can provide that information Explain verbally or by using an admission or appointment form, poster or brochure Capital Health makes available to individuals written information on the general uses and disclosures of personal information.
4 Privacy Page 4 of This information may be contained in posters, brochures or forms available to all individuals and should make reference to administration of health care services, research and statistics, legal and regulatory requirements, and education of health care providers At the request of the individual, Capital Health provides as much information as is available on the specific uses and disclosures of their personal information. 3. Limiting Collection of Personal Information 3.1. Capital Health: limits the collection of personal information to that which is necessary to fulfill the purposes identified collects the information by fair and lawful means. 4. CONSENT for the Use and Disclosure of Personal Health Information As per Section 71 of the Hospitals Act, individual consent is not required for the use or disclosure of personal health information for care and treatment of the individual if the use or disclosure is by a person on staff at the hospital, or by the qualified medical practitioner of the person concerned designated by the person as his physician. Consent to use and disclose personal health information is not required for the following purposes: Payment by the individual for any non-insured hospital services; Administration and management of Capital Health (e.g. wait list management); Compliance with any legislative/legal and regulatory requirements (e.g. providing birth and death information to NS Vital Statistics; compliance with Ministerial Authorizations compliance with a valid search warrant or subpoena) Ensure that the individual knows of and consents to the use and disclosure of the individual s personal information for all purposes, except as required or authorized by law. (See Capital Health s Release of Information from the Health Record, CH , for further information.) Note: Disclosures required by law include but are not necessarily limited to communicable diseases, child and adult protection matters and compliance with court orders. Disclosures authorized by law include disclosures pursuant to a Ministerial Authorization. As per Section 71(5) (e) of the Hospitals Act, the Minister of Health may authorize access to individuals records without the individuals consent. Only the information specified in the Ministerial Authorization may be provided to the individuals named in the Authorization. 5. Limiting Use and Disclosure and Retention of Personal Information 5.1. Capital Health limits the use and disclosure of personal information to the identified purposes, except with the consent of the individual or as required or authorized by law. (Refer to Capital Health s Interacting With Law Enforcement Agencies CH and Capital Health Release of Information from the Health Record CH )
5 Privacy Page 5 of If a person or agent is in doubt as to whether or not to disclose personal information, consult with the immediate supervisor, and/or contact the Privacy Officer Retain individual records as per the Capital Health s record retention schedule. (Refer to Capital Health Retention of Records CH ) 5.4. Prior to the use of personal information in the course of research, obtain approval, in advance, by the Capital Health Ethics Review Board and in accordance Capital Health Research Ethics policies and Capital Health Release of Information from the Health Record Policy. 6. Accuracy of Personal Information 6.1. Ensure that personal information is as accurate, complete, and up-to-date as is necessary for the purpose of which it is to be used As per Section 25 of the FOIPOP Act, an individual who believes there is an error or omission in his/her personal information may make a request to Capital Health to correct the information Direct requests for changes of personal information in writing to the Privacy Officer Direct any concerns with regards to the individual s ability to place their request in writing to the Privacy Officer as well Capital Health is not required to correct the information if the Privacy Officer determines that a correction is not appropriate. Include the request for correction with the individual s record. 7. Safeguards for Personal Health Information 7.1. Capital Health protects personal information in its custody or control regardless of the format in which it is held The nature of safeguards varies depending on the sensitivity of the information These security safeguards are in keeping with industry standards and are designed to protect personal information against loss or theft as well as unauthorized access, disclosure, copying, use or modification The safeguards include, but are not limited to, the following: Appropriate storage of hospital records in secure cabinets and/or rooms; Password protection and restricted access for any information held electronically; Appropriate location of personal information, including placement of terminal screens, printers and paper records; Access to personal information permitted on a need-to-know basis; that is, if the information is required for an authorized person to perform his/her functions within Capital Health; Confidentiality Agreements for all employees and any other persons who may access personal information; and Technological safeguards such as security software and firewalls to prevent hacking or unauthorized computer access.
6 Privacy Page 6 of Capital Health provides all new staff and volunteers with appropriate training on the importance of maintaining the privacy and confidentiality of personal information. This may include: staff training orientation information signing and discussion of Capital Health s Confidentiality Agreement at time of hire or placement periodic re-signing of the Confidentiality Agreement. 8. Openness about Personal Information Policies and Practices 8.1. Capital Health provides copies of its Privacy Policy and associated policies/guidelines to any person who requests them Information made available includes: The name or title, and the contact information of the Privacy Officer; The process of gaining access to personal information held by Capital Health; A copy of the Privacy Policy and/or brochures or other information explaining the Privacy Policy. 9. Individual Access to One s Own Personal Information 9.1. Any individual can request a copy or to view his/her own personal information As per Section 71 of the Hospitals Act, if requested, any individual may receive or view personal health information (see Capital Health s Release of Information from the Health Record, #CH , for further information.) Advise the individual that fees for access may be charged as per the Hospitals Act Fees Regulations Any individual may receive personal information held by Capital Health by making an application to the Privacy Officer under the Nova Scotia Freedom of Information & Protection of Privacy Act If unable to provide access to all of the information held about an individual, explain the reason for denying the access. Note: Exceptions to the access requirement will be limited and specific and may include information that cannot be disclosed for legal, security, or commercial proprietary reasons, information that is deemed to be a physician s private office record, and information that is subject to solicitor-client privilege or other litigation purposes. 10. Challenging Compliance with the Privacy Policy The individual may challenge Capital Health s compliance with the principles set out in this Policy by submitting their concerns in writing to the Privacy Officer: Privacy Officer Capital District Health Authority Phone: Capital Health s Privacy Officer oversees the procedures taken to receive and respond to complaints or inquires about its handling of personal health information.
7 Privacy Page 7 of Capital Health investigates all complaints and takes appropriate measures to ensure compliance with this Policy. RELATED CDHA DOCUMENTS: Policies Release of Information from the Health Record CH Retention of Records CH Release of Information Restriction-Verbal (Communications Blackout) CH Release of Information: Fee Schedule CH Restricted Areas, Access to CH Interacting with Law Enforcement Agencies CH Web Policy - Internet and Intranet CH Computer end-user acceptable use CH Electronic Service CH Virtual Private Network CH Remote Access CH Password CH Internet Access/Use CH Information Technology Audit Ch Departmental and Enterprise Applications CH REFERENCES Nova Scotia Department of Health: Best Practices Privacy Committee The Ottawa Hospital Privacy Policy Nova Scotia Freedom of Information & Protection of Privacy Act Nova Scotia Hospitals Act Personal Information International Disclosure Protection Act (PIIDPA) Timmins and District Privacy Policy Vancouver Island Health Authority Privacy Policy The Hospital for Sick Children, Privacy of Personal Information University Health Network Privacy Policy CAN/CSA-Q Model Code for the Protection of Personal Information, CSA * * *
PRIVACY BREACH MANAGEMENT POLICY
PRIVACY BREACH MANAGEMENT POLICY DM Approval: Effective Date: October 1, 2014 GENERAL INFORMATION Under the Access to Information and Protection of Privacy Act (ATIPP Act) public bodies such as the Department
More informationPublic School Network Access and Use Policy
Public School Network Access and Use Policy Nova Scotia Department of Education October 7, 2011 1 Public School Network Access and Use Policy Nova Scotia Department of Education October 7, 2011 This policy
More informationGuide to Identifying Personal Information Banks
Guide to Identifying Personal Information Banks Revised April 2004 ISBN 0-7785-2089-7 Produced by: Access and Privacy Service Alberta 3rd Floor, 10155-102 Street Edmonton, Alberta, Canada T5J 4L4 Office
More information4.7 Website Privacy Policy
Policy Statement The is committed to ensuring that its departments, offices, agencies, boards, and commissions adhere to the privacy protection provisions of the Freedom of Information and Protection of
More informationCredit Union Board of Directors Introduction, Resolution and Code for the Protection of Personal Information
Credit Union Board of Directors Introduction, Resolution and Code for the Protection of Personal Information INTRODUCTION Privacy legislation establishes legal privacy rights for individuals and sets enforceable
More informationPACIFIC EXPLORATION & PRODUCTION CORPORATION (the Corporation )
PRIVACY POLICY (Initially adopted by the Board of Directors on November 16, 2007) PACIFIC EXPLORATION & PRODUCTION CORPORATION (the Corporation ) The Corporation is committed to controlling the collection,
More informationPERSONAL HEALTH INFORMATION PROTECTION ACT, 2004: AN OVERVIEW FOR HEALTH INFORMATION CUSTODIANS
PERSONAL HEALTH INFORMATION PROTECTION ACT, 2004: AN OVERVIEW FOR HEALTH INFORMATION CUSTODIANS Note: This document provides a general overview of the Personal Health Information Protection Act, 2004,
More informationInformation Management and Protection Policy
Document Title: Information Management and Protection Policy Document Type: Policy No. Of Pages (11) Scope: Government of Newfoundland and Labrador and Public Bodies supported by the Office of the Chief
More informationThe Manitoba Child Care Association PRIVACY POLICY
The Manitoba Child Care Association PRIVACY POLICY BACKGROUND The Manitoba Child Care Association is committed to comply with the legal obligations imposed by the federal government's Personal Information
More informationPrivacy Policy on the Responsibilities of Third Party Service Providers
Privacy Policy on the Responsibilities of Third Party Service Providers Privacy Office Document ID: 2489 Version: 3.1 Owner: Chief Privacy Officer Sensitivity Level: Low Copyright Notice Copyright 2014,
More informationCOMPLYING WITH THE PERSONAL HEALTH INFORMATION ACT
COMPLYING WITH THE PERSONAL HEALTH INFORMATION ACT The Personal Health Information Act, S.N.S. 2010, c.41 (referred to as PHIA or the Act ) was passed by the Nova Scotia government on December 10, 2010.
More informationCredit Union Code for the Protection of Personal Information
Introduction Canada is part of a global economy based on the creation, processing, and exchange of information. The technology underlying the information economy provides a number of benefits that improve
More information3. Consent for the Collection, Use or Disclosure of Personal Information
PRIVACY POLICY FOR RENNIE MARKETING SYSTEMS Our privacy policy includes provisions of the Personal Information Protection Act (BC) and the Personal Information Protection and Electronic Documents Act (Canada),
More informationSUBJECT: VOYAGEUR TRANSPORTATION CORPORATE POLICIES/PROCEDURES TITLE: PRIVACY OF PERSONAL HEALTH INFORMATION
SUBJECT: VOYAGEUR PAGE 1 1.0 PURPOSE: 1.1 To establish and document a policy which defines Voyageur s commitment to the protection of an individual s personal health information in the course of providing
More informationThe Northern Lakes CMH Recipient Rights Officer is designated as the Substance Abuse Program Recipient Rights Advisor.
Page 1 of 5 Title Northern Lakes CMH Policies Part 106 Supports and Services NLCMH Provided and Contract Subpart I Substance Abuse Services Policy No. 106.901 Subject Rights of Substance Abuse Applicability
More informationNORTHWESTEL CODE OF FAIR INFORMATION PRACTICES. Effective January 1, 2001
NORTHWESTEL CODE OF FAIR INFORMATION PRACTICES Effective January 1, 2001 The Northwestel Code of Fair Practices complies fully with the Personal Protection and Electronic Documents Act and incorporates
More informationPrivacy Incident and Breach Management Policy
Privacy Incident and Breach Management Policy Privacy Office Document ID: 2480 Version: 2.1 Owner: Chief Privacy Officer Sensitivity Level: Low Copyright Notice Copyright 2014, ehealth Ontario All rights
More informationQuestions and answers for custodians about the Personal Health Information Privacy and Access Act (PHIPAA)
Questions and answers for custodians about the Personal Health Information Privacy and Access Act (PHIPAA) This document provides answers to some frequently asked questions about the The Personal Health
More informationProtection for Persons in Care Act
DEPARTMENT OF COMMUNITY SERVICES Protection for Persons in Care Act Policy Manual 8/16/2013 Table of Contents Terms Used in this Manual Section 1: Introduction and Authority 2 4 Policy 1.1: Authorization
More informationTaking care of what s important to you
A v i v a C a n a d a I n c. P r i v a c y P o l i c y Taking care of what s important to you Table of Contents Introduction Privacy in Canada Definition of Personal Information Privacy Policy: the ten
More informationReport of the Information & Privacy Commissioner/Ontario. Review of the Canadian Institute for Health Information:
Information and Privacy Commissioner of Ontario Report of the Information & Privacy Commissioner/Ontario Review of the Canadian Institute for Health Information: A Prescribed Entity under the Personal
More informationPrivacy and Security Resource Materials for Saskatchewan EMR Physicians: Guidelines, Samples and Templates. Reference Manual
Privacy and Security Resource Materials for Saskatchewan EMR Physicians: Guidelines, Samples and Templates Guidelines on Requirements and Good Practices For Protecting Personal Health Information Disclaimer
More informationInformation Governance Policy
Information Governance Policy 1 Introduction Healthwatch Rutland (HWR) needs to collect and use certain types of information about the Data Subjects who come into contact with it in order to carry on its
More informationInformation Security Policy. Document ID: 3809 Version: 1.0 Owner: Chief Security Officer, Security Services
Information Security Policy Document ID: 3809 Version: 1.0 Owner: Chief Security Officer, Security Services Contents 1 Purpose / Objective... 1 1.1 Information Security... 1 1.2 Purpose... 1 1.3 Objectives...
More informationCOLLECTION, USE AND DISCLOSURE
COLLECTION, USE AND DISCLOSURE The full title of the Personal Health Information Act is An Act Respecting the Collection, Use, Disclosure and Retention of Personal Health Information. The title underscores
More informationLaw Firm Compliance: Key Privacy Considerations for Lawyers and Law Firms in Ontario
PRIVACY COMPLIANCE ISSUES FOR LAW FIRMS IN ONTARIO By Sara A. Levine 1 Presented at Law Firm Compliance: Key Privacy Considerations for Lawyers and Law Firms in Ontario Ontario Bar Association, May 6,
More informationCORK INSTITUTE OF TECHNOLOGY
CORK INSTITUTE OF TECHNOLOGY DATA PROTECTION POLICY APPROVED BY GOVERNING BODY ON 30 APRIL 2009 INTRODUCTION Cork Institute of Technology is committed to a policy of protecting the rights and privacy of
More informationPERSONAL INFORMATION PRIVACY POLICY FOR EMPLOYEES AND VOLUNTEERS [ABC SCHOOL]
[Insert Date of Policy] PERSONAL INFORMATION PRIVACY POLICY FOR EMPLOYEES AND VOLUNTEERS of [ABC SCHOOL] Address Independent schools in British Columbia are invited to adopt or adapt some or all of this
More informationHow To Ensure Health Information Is Protected
pic pic CIHI Submission: 2011 Prescribed Entity Review October 2011 Who We Are Established in 1994, CIHI is an independent, not-for-profit corporation that provides essential information on Canada s health
More informationSAFE HARBOR PRIVACY NOTICE EFFECTIVE: July 1, 2005 AMENDED: July 15, 2014
SAFE HARBOR PRIVACY NOTICE EFFECTIVE: July 1, 2005 AMENDED: July 15, 2014 This Notice sets forth the principles followed by United Technologies Corporation and its operating companies, subsidiaries, divisions
More informationSECTION ti -LIABILITY, INSURANCE AND RISK MANAGEMENT
SECTION ti -LIABILITY, INSURANCE AND RISK MANAGEMENT 12A. Insurance &Liability Coverage Good Earth Charter School will obtain all necessary insurance either through a broker or through direct placement
More informationALL PARENTS HAVE THE FOLLOWING RIGHTS: THE RIGHT TO A FREE PUBLIC SCHOOL EDUCATION.
Martine Guerrier Chief Family Engagement Officer askmartine@schools.nyc.gov Each child s maximum potential can best be achieved through an active engagement between parents 1 and the education community.
More informationPolicy on the Security of Informational Assets
Policy on the Security of Informational Assets Policy on the Security of Informational Assets 1 1. Context Canam Group Inc. recognizes that it depends on a certain number of strategic information resources
More informationMerthyr Tydfil County Borough Council. Data Protection Policy
Merthyr Tydfil County Borough Council Data Protection Policy 2014 Cyfarthfa High School is a Rights Respecting School, we recognise the importance of ensuring that the United Nations Convention of the
More informationPersonal Information Protection Act. Information Sheet 5: 1. Personal Employee Information
Personal Information Protection Act Information Sheet 5 Introduction The Personal Information Protection Act (PIPA) governs the collection, use, disclosure, retention and protection of personal information
More informationNotice of Privacy Practices
Notice of Privacy Practices This notice describes how medical information about you may be used and disclosed and how you can get access to this information. Please review it carefully. This practice uses
More informationPHIA GENERAL INFORMATION
To: From: Researchers Legal Services and Research Services Date: May 21, 2013 Subject: Research and the New Personal Health Information Act On June 1, 2013, the Personal Health Information Act ( PHIA )
More informationSCHEDULE "C" to the MEMORANDUM OF UNDERSTANDING BETWEEN ALBERTA HEALTH SERVICES AND THE ALBERTA MEDICAL ASSOCIATION (CMA ALBERTA DIVISION)
SCHEDULE "C" to the MEMORANDUM OF UNDERSTANDING BETWEEN ALBERTA HEALTH SERVICES AND THE ALBERTA MEDICAL ASSOCIATION (CMA ALBERTA DIVISION) ELECTRONIC MEDICAL RECORD INFORMATION EXCHANGE PROTOCOL (AHS AND
More informationPersonal Information Protection Policy for Small and Medium-Size Businesses
Personal Information Protection Policy for Small and Medium-Size Businesses Why does a small business need a policy? Alberta s Personal Information Protection Act, which came into force on January 1, 2004,
More informationWyoming School Boards Association Insurance Trust ( The Plan ) HEALTH CARE PLAN PRIVACY NOTICE
Wyoming School Boards Association Insurance Trust ( The Plan ) HEALTH CARE PLAN PRIVACY NOTICE THIS NOTICE DESCRIBES HOW MEDICAL INFORMATION ABOUT YOU MAY BE USED AND DISCLOSED AND HOW YOU CAN GET ACCESS
More informationNOTICE OF PRIVACY PRACTICES
NOTICE OF PRIVACY PRACTICES Health Insurance Portability and Accountability Act of 1996 (HIPAA) and Drug Abuse Prevention, Treatment, and Rehabilitation ACT THE CENTER FOR HEALTH CARE SERVICES 3031 IH
More informationDEALERSHIP IDENTITY THEFT RED FLAGS AND NOTICES OF ADDRESS DISCREPANCY POLICY
DEALERSHIP IDENTITY THEFT RED FLAGS AND NOTICES OF ADDRESS DISCREPANCY POLICY This Plan we adopted by member, partner, etc.) on Our Program Coordinator (date). (Board of Directors, owner, We have appointed
More informationPRIVACY BREACH! WHAT NEXT?
PRIVACY BREACH! WHAT NEXT? A four step plan to help you in the event of a privacy breach or possible breach situation A privacy breach is an incident involving the unauthorized disclosure of personal information
More informationDublin City University
Dublin City University Data Protection Policy Data Protection Policy Contents Purpose... 1 Scope... 1 Data Protection Principles... 1 Disclosure of Personal Data... 2 Summary of Responsibilities... 3 Rights
More informationPROTECTION OF PERSONAL INFORMATION
PROTECTION OF PERSONAL INFORMATION Definitions Privacy Officer - The person within the Goderich Community Credit Union Limited (GCCU) who is responsible for ensuring compliance with privacy obligations,
More informationInformation Security Policy
Information Security Policy Policy Title Responsible Executive Responsible Office Information Security Policy Vice President for Information Technology and CIO, Jay Dominick Office of Information Technology,
More informationQUEENSLAND COUNTRY HEALTH FUND. privacy policy. Queensland Country Health Fund Ltd ABN 18 085 048 237. better health cover shouldn t hurt
QUEENSLAND COUNTRY HEALTH FUND privacy policy Queensland Country Health Fund Ltd ABN 18 085 048 237 better health cover shouldn t hurt 1 2 contents 1. Introduction 4 2. National Privacy Principles 5 3.
More informationDepartmental Directive on the Management of Information in the Student Record and Other Records Pertaining to Students
Departmental Directive on the Management of Information in the Student Record and Other Records Pertaining to Students 1998 Minister's Message The development of this Directive coincides with the requirement
More informationHIPAA PRIVACY NOTICE PLEASE REVIEW IT CAREFULLY
HIPAA PRIVACY NOTICE THIS NOTICE DESCRIBES HOW MEDICAL INFORMATION ABOUT YOU MAY BE USED AND DISCLOSED AND HOW YOU CAN OBTAIN ACCESS TO THIS INFORMATION. INTRODUCTION PLEASE REVIEW IT CAREFULLY Moriarty
More informationData Compliance. And. Your Obligations
Information Booklet Data Compliance And Your Obligations What is Data Protection? It is the safeguarding of the privacy rights of individuals in relation to the processing of personal data. The Data Protection
More informationPINAL COUNTY POLICY AND PROCEDURE 2.50 ELECTRONIC MAIL AND SCHEDULING SYSTEM
PINAL COUNTY POLICY AND PROCEDURE 2.50 Subject: ELECTRONIC MAIL AND SCHEDULING SYSTEM Date: November 18, 2009 Pages: 1 of 5 Replaces Policy Dated: April 10, 2007 PURPOSE: The purpose of this policy is
More informationPRIVACY BREACH POLICY
Approved By Last Reviewed Responsible Role Responsible Department Executive Management Team March 20, 2014 (next review to be done within two years) Chief Privacy Officer Quality & Customer Service SECTION
More informationDATA PROTECTION AND DATA STORAGE POLICY
DATA PROTECTION AND DATA STORAGE POLICY 1. Purpose and Scope 1.1 This Data Protection and Data Storage Policy (the Policy ) applies to all personal data collected and dealt with by Centre 404, whether
More informationThe Health Information Protection Act
1 The Health Information Protection Act being Chapter H-0.021* of the Statutes of Saskatchewan, 1999 (effective September 1, 2003, except for subsections 17(1), 18(2) and (4) and section 69) as amended
More informationDATA PROTECTION POLICY
Reference number Approved by Information Management and Technology Board Date approved 14 th May 2012 Version 1.1 Last revised N/A Review date May 2015 Category Information Assurance Owner Data Protection
More informationBirkam Health Center Ferris State University NOTICE OF PRIVACY PRACTICES
Birkam Health Center Ferris State University NOTICE OF PRIVACY PRACTICES Effective Date of Notice: October 1, 2013 THIS NOTICE DESCRIBES HOW MEDICAL INFORMATION ABOUT YOU MAY BE USED AND DISCLOSED AND
More informationApplicability: All Employees Effective Date: December 6, 2005; revised January 27, 2009 Source(s):
Title: Category: Administration Information Management Policy No.: B5010 Replaces: B5010 Applicability: All Employees Effective Date: December 6, 2005; revised January 27, 2009 Source(s): Approval: (President
More informationBoys and Girls Clubs of Kawartha Lakes B: Administration B4: Information Management & Policy: Privacy & Consent Technology
Effective: Feb 18, 2015 Executive Director Replaces: 2010 Policy Page 1 of 5 REFERENCE: HIGH FIVE 1.4.3, 2.2.4, 2.5.3, PIDEDA POLICY: Our Commitment Boys and Girls Clubs of Kawartha Lakes (BGCKL) and the
More informationNational Association of Pharmacy Regulatory Authority s Privacy Policy for Pharmacists' Gateway Canada
Introduction National Association of Pharmacy Regulatory Authority s Privacy Policy for Pharmacists' Gateway Canada This Privacy Policy describes the manner in which the National Association of Pharmacy
More informationHealth Insurance Portability and Accountability Act (HIPAA)
Health Insurance Portability and Accountability Act (HIPAA) General Education Presented by: Bureau of Personnel Department of Health Department of Human Services Department of Social Services Bureau of
More informationHow To Protect Mental Health Information In Upb
UNIVERSITY PHYSICIANS OF BROOKLYN, INC. POLICY AND PROCEDURE Subject: MENTAL HEALTH INFORMATION Page 1 of 6 No: Prepared by: Shoshana Milstein Original Issue Date: NEW Reviewed by: HIPAA Policy & Procedure
More informationData Protection Policy
Data Protection Policy Responsible Officer Author Date effective from July 2009 Ben Bennett, Business Planning & Resources Director Julian Lewis, Governance Manager Date last amended December 2012 Review
More informationThe Health and Benefit Trust Fund of the International Union of Operating Engineers Local Union No. 94-94A-94B, AFL-CIO. Notice of Privacy Practices
The Health and Benefit Trust Fund of the International Union of Operating Section 1: Purpose of This Notice Notice of Privacy Practices Effective as of September 23, 2013 THIS NOTICE DESCRIBES HOW MEDICAL
More information1. Each employee is responsible for managing college records in a responsible and professional manner.
Policy O-6.2 Approved By: College Executive Team Approval Date: February 26, 2003 Amendment Date: November 25, 2009 Policy Holder: VP Administration & CFO Purpose / Rationale RECORD MANAGEMENT The purpose
More informationCollege of DuPage Information Technology. Information Security Plan
College of DuPage Information Technology Information Security Plan April, 2015 TABLE OF CONTENTS Purpose... 3 Information Security Plan (ISP) Coordinator(s)... 4 Identify and assess risks to covered data
More informationPersonal Health Information Privacy Policy
Personal Health Information Privacy Policy Privacy Office Document ID: 2478 Version: 6.2 Owner: Chief Privacy Officer Sensitivity Level: Low Copyright Notice Copyright 2014, ehealth Ontario All rights
More informationWhat to do When Faced With a Privacy Breach: Guidelines for the Health Sector ANN CAVOUKIAN, PH.D. COMMISSIONER
What to do When Faced With a Privacy Breach: Guidelines for the Health Sector ANN CAVOUKIAN, PH.D. COMMISSIONER INFORMATION AND PRIVACY COMMISSIONER/ONTARIO Table of Contents What is a privacy breach?...1
More informationCareer Connection, Inc. Data Privacy. Bringing Talent Together With Opportunity
Career Connection, Inc. Data Privacy Objectives This course is intended for CCI employees. The course gives guidance on data privacy concepts and describes how data privacy is relevant when delivering
More informationKingsway Financial Services Inc. Privacy Policy
Kingsway Financial Services Inc. Privacy Policy Table of Contents Notice... i 1. Introduction... 1 2. Responsibility... 1 3. Personal Information... 2 4. Why Kingsway Collects & Discloses Personal Information...
More informationProtection of Privacy
Protection of Privacy Privacy Breach Protocol March 2015 TABLE OF CONTENTS 1. Introduction... 3 2. Privacy Breach Defined... 3 3. Responding to a Privacy Breach... 3 Step 1: Contain the Breach... 3 Step
More informationSASKATCHEWAN OFFICE OF THE INFORMATION AND PRIVACY COMMISSIONER INVESTIGATION REPORT F-2012 003. Saskatchewan Workers Compensation Board
Date: August 29, 2012 File No.: 2008/101 SASKATCHEWAN OFFICE OF THE INFORMATION AND PRIVACY COMMISSIONER INVESTIGATION REPORT F-2012 003 Saskatchewan Workers Compensation Board Summary: The Commissioner
More informationTHE PERSONAL INFORMATION PROTECTION AND ELECTRONIC DOCUMENTS ACT (PIPEDA) PERSONAL INFORMATION POLICY & PROCEDURE HANDBOOK
THE PERSONAL INFORMATION PROTECTION AND ELECTRONIC DOCUMENTS ACT (PIPEDA) PERSONAL INFORMATION POLICY & PROCEDURE HANDBOOK REVISED August 2004 PERSONAL INFORMATION POLICY & PROCEDURE HANDBOOK Introduction
More informationPersonal Information Protection Act (PIPA) Privacy & Landlord - Tenant Matters Frequently Asked Questions
Personal Information Protection Act (PIPA) Privacy & Landlord - Tenant Matters Frequently Asked Questions Are landlords in Alberta bound by privacy law? Yes. The Personal Information Protection Act (PIPA)
More informationNova Scotia Guidelines for School Counselling Records and Standards of Practice (Draft) Department of Education and Early Childhood Development
Nova Scotia Guidelines for School Counselling Records and Standards of Practice (Draft) Department of Education and Early Childhood Development 2013 Contents Introduction... 2 Definitions... 3 Referral
More information9/11 Heroes Stamp Act of 2001 File System
for the 9/11 Heroes Stamp Act of 2001 File System Contact Point Elizabeth Edge US Fire Administration Federal Emergency Management Agency (202) 646-3675 Reviewing Official Nuala O Connor Kelly Chief Privacy
More informationCorporate Policy. Data Protection for Data of Customers & Partners.
Corporate Policy. Data Protection for Data of Customers & Partners. 02 Preamble Ladies and gentlemen, Dear employees, The electronic processing of virtually all sales procedures, globalization and growing
More informationCITY UNIVERSITY OF HONG KONG
PUBLIC Version: 1.1 CITY UNIVERSITY OF HONG KONG (Approved by the Information Strategy and Governance Committee in December 2013; revision 1.1 approved by Chief Information Officer in September 2015) PUBLIC
More informationJOB APPLICANT PRIVACY NOTICE
JOB APPLICANT PRIVACY NOTICE Table of Contents 1. Purpose... 3 2. What Personal Information ADM Collects... 3 3. How ADM Uses Your Personal Information... 4 4. How ADM Protects Your Personal Information...
More informationPersonal Information - Protecting And Balancing It At Hulse QM
Hulse/QM Healthcare Advocacy Program Notice of Privacy Practices THIS NOTICE DESCRIBES HOW PERSONAL INFORMATION ABOUT YOU MAY BE USED AND DISCLOSED AND HOW YOU CAN GET ACCESS TO THIS INFORMATION. PLEASE
More informationHIPAA Notice of Privacy Practices
HIPAA Notice of Privacy Practices Date of Last Revision: 09/20/2013 Effective Date: Immediately THIS NOTICE DESCRIBES HOW MEDICAL INFORMATION ABOUT YOU MAY BE USED AND DISCLOSED AND HOW YOU CAN GET ACCESS
More informationM&T BANK CANADIAN PRIVACY POLICY
M&T BANK CANADIAN PRIVACY POLICY At M&T Bank, we are committed to safeguarding your personal information and maintaining your privacy. This has always been a priority for us and this is why M&T Bank (
More informationDisclosure is the action of making new or secret information known.
/PURPOSE OF POLICY Pty Limited (Momentum) is required and committed to comply with the Australian Privacy Principles (APPs) in the Privacy Act 1998 (Cth) (Privacy Act). The APPs regulate the manner in
More informationInformation Handling Policy
Information Handling Policy 10 December 2015 Information Handling Policy 1. Who We Are 1.1 In this Information Handling Policy, references to we, our, us and ClearView are to ClearView Wealth Limited and
More informationPrivacy Policy. Approved by: College Board, 01/12/2005 Principal from 14/02/2014
Privacy Policy Approved by: College Board, 01/12/2005 Principal from 14/02/2014 Revised Date: 11/01/2008 26/08/2011 19/03/2013 14/02/2014 Review Date: 14/02/2016 PLEASE NOTE: Version control for this document
More informationNotice of Privacy Practices
Notice of Privacy Practices Pueblo Radiology Medical Group, Inc. Pueblo Radiology Associates, Inc. Central Coast Radiology Associates, Inc. Santa Barbara Women s Imaging Center Effective Date: September
More informationUNIVERSITY OF ROCHESTER INFORMATION TECHNOLOGY POLICY
PURPOSE The University of Rochester recognizes the vital role information technology plays in the University s missions and related administrative activities as well as the importance in an academic environment
More informationSCHEDULE "C" ELECTRONIC MEDICAL RECORD INFORMATION EXCHANGE PROTOCOL
SCHEDULE "C" to the MEMORANDUM OF UNDERSTANDING AMONG ALBERTA HEALTH SERVICES, PARTICIPATING OTHER CUSTODIAN(S) AND THE ALBERTA MEDICAL ASSOCIATION (CMA ALBERTA DIVISION) ELECTRONIC MEDICAL RECORD INFORMATION
More informationRiver Valley Therapy & Sports Medicine, Inc. Notice of Privacy Practices
River Valley Therapy & Sports Medicine, Inc. Notice of Privacy Practices This notice describes how medical information about you may be used and disclosed and how you can get access to this information.
More informationFINAL May 2005. Guideline on Security Systems for Safeguarding Customer Information
FINAL May 2005 Guideline on Security Systems for Safeguarding Customer Information Table of Contents 1 Introduction 1 1.1 Purpose of Guideline 1 2 Definitions 2 3 Internal Controls and Procedures 2 3.1
More informationGreater Dallas Orthopaedics, PLLC. Notice of Privacy Practices
Notice of Privacy Practices This notice describes how medical information about you may be used and disclosed and how you can get access to this information. Please review it carefully. Uses and Disclosures
More informationHIPAA and Privacy Policy Training
HIPAA and Privacy Policy Training July 2015 1 This training addresses the requirements for maintaining the privacy of confidential information received from HFS and DHS (the Agencies). During this training
More informationOverview of. Health Professions Act Nurses (Registered) and Nurse Practitioners Regulation CRNBC Bylaws
Overview of Health Professions Act Nurses (Registered) and Nurse Practitioners Regulation CRNBC Bylaws College of Registered Nurses of British Columbia 2855 Arbutus Street Vancouver, BC Canada V6J 3Y8
More informationPrivacy Policy. Board for Lutheran Education Australia. Policy. Purpose. Exclusion
Policy Relevant to Responsible officer Contact officer Authorisation Date introduced March 2014 Effective date of latest version March 2014 Next review date March 2017 Relevant legislation or source Board
More informationInformation with a person who is involved in your medical care or payment for your care, such as your family or a
Notice of Privacy Practices Effective Date: September 23, 2013 THIS NOTICE DESCRIBES HOW MEDICAL INFORMATION ABOUT YOU MAY BE USED AND DISCLOSED AND HOW YOU CAN GET ACCESS TO THIS INFORMATION. PLEASE REVIEW
More informationAlixPartners, LLP. General Data Protection Statement
AlixPartners, LLP General Data Protection Statement GENERAL DATA PROTECTION STATEMENT 1. INTRODUCTION 1.1 AlixPartners, LLP ( AlixPartners ) is committed to fulfilling its obligations under the data protection
More informationAVE MARIA UNIVERSITY HIPAA PRIVACY NOTICE
AVE MARIA UNIVERSITY HIPAA PRIVACY NOTICE This Notice of Privacy Practices describes the legal obligations of Ave Maria University, Inc. (the plan ) and your legal rights regarding your protected health
More informationHIPAA Privacy Policy & Notice of Privacy Practices
HIPAA Privacy Policy & Notice of Privacy Practices 1. PURPOSE 1 The purpose of this policy is to comply with patient personal health information security rights and privacy regulations as outlined in the
More informationClevertar Privacy Policy
Clevertar Privacy Policy At Clevertar, we take privacy very seriously. We encourage you to read this Privacy Policy Policy carefully. The defined terms in this Policy have the same meaning as in our Terms
More informationPrivacy and Management of Health Information: Standards for CARNA s Regulated Members
Privacy and Management of Health Information: Standards for CARNA s Regulated Members September 2011 Permission to reproduce this document is granted; please recognize CARNA. College and Association of
More informationPolicy & Procedure. This policy applies to all records in the custody and control of SMGH.
Policy & Procedure Subject: Management of Records 1) Purpose: The purpose of this policy is to establish a corporate record management plan, including the development of a directory of records and a personal
More information