Privacy and Encryption Online Tutorial
The move to an eHealth environment provides many benefits to patient care and physician efficiency. Storing Personal Health Information (PHI) electronically introduces different potential risks to privacy which need to be addressed. Transporting Personal Health Information on portable devices poses an even greater risk to privacy as the device can easily be lost or stolen.
OntarioMD has developed an online tutorial that addresses these risks. This interactive web-based tutorial is comprised of two parts, Privacy and Encryption.
Privacy - focuses on the obligations physicians have under Personal Health Information Protection Act (PHIPA).
Encryption - provides an understanding of what encryption is and what options are available to meet the requirements under HO-004 and HO-007 issued by the Information and Privacy Commissioner (IPC).
Online Presentation - click here.
Privacy topics covered are:
- 10 Fair Information Practices
- Consent - Implied, express, assumed implied, and withdrawal/withholding of consent
- Roles under PHIPA
- Collection, Use, Disclosure, Access and Correction
- Privacy Breach
Encryption topics covered are:
- General threats to PHI and mitigation options
- Privacy Commissioner's message from HO-004 and HO-007
- A detailed explanation of encryption, the process of encrypting, and current standards
- Encryption methods (file/folder, whole disk, virtual disk)
- Strong passwords - their importance and how to create multiple strong passwords that are easy to remember