Recommendation One. GNWT Response

Similar documents
INVESTIGATION REPORT

Position Number(s) Community Division/Region(s) Yellowknife Executive/Yellowknife

Action Plan for Critical Incident Investigation Report Recommendations

A Privacy Compliance Checklist: Organizing for Privacy Management

PRIVACY BREACH MANAGEMENT POLICY

Aurora Research Institute Strategic Plan

Position Number(s) Community Division/Region(s) 07-NEW Yellowknife Health Services/HQ

PRIVACY IMPACT ASSESSMENT (PIA) For the

ACC Privacy Policy. Policy Statement. Objective. Scope. Policy system. Policy standards. Collection

Introduction. Caroline Cochrane Minister of Municipal and Community Affairs. MACA Update Fall 2017 Municipal and Community Affairs 3

Frequently Asked Questions (FAQ) NWT Health Care Card Renewal November 2015

Investigation Report H2017-IR-02 Investigation into multiple alleged unauthorized accesses of health information at South Health Campus

Data Integration and Big Data In Ontario Brian Beamish Information and Privacy Commissioner of Ontario

Report of the Information & Privacy Commissioner/Ontario. Review of the Cardiac Care Network of Ontario (CCN):

A Deep Dive into the Privacy Landscape

DOING OUR PART" PROGRESS REPORT March 1, 2003

DIAMOND POLICY FRAMEWORK

Draft Code of Practice FOR PUBLIC CONSULTATION

NORTHWEST TERRITORIES INFORMATION AND PRIVACY COMMISSIONER Review Recommendation File: July 13, 2015

POPULATION DATA BC. Privacy in Health Research. Caitlin Pencarrick Hertzman Population Data BC University of British Columbia CFRI, April 2012

What to do When Faced With a Privacy Breach: Guidelines for the Health Sector. ANN CAVOUKIAN, Ph.D. COMMISSIONER

Mandatory Reporting and Breach Notification Changes to PHIPA and what you need to know

Impact Assessment Policy. Document author Assured by Review cycle. 1. Introduction Policy Statement Purpose or Aim Scope...

National VET Data Policy

PRIVACY IMPACT ASSESSMENT (PIA) For the

Sample Privacy Impact Assessment Report Project: Outsourcing clinical audit to an external company in St. Anywhere s hospital

Community Tourism Coordinator Program Guidelines

Reporting a Privacy Breach to the Commissioner

PRIVACY BREACH GUIDELINES

Measuring Success and Focusing on Results

Privacy Toolkit for Social Workers and Social Service Workers Guide to the Personal Health Information Protection Act, 2004 (PHIPA)

Date last amended: (refer Version Control Table) Director, Governance and Legal Division

Report of the Information & Privacy Commissioner/Ontario. Review of Cancer Care Ontario:

The Personal Health Information Protection Act

PRIVACY BREACH MANAGEMENT GUIDELINES. Ministry of Justice Access and Privacy Branch

The Arizona HIO Statute

Each completed Linking Learning to Practice exercise earns you two Mainpro-C credits and two bonus Mainpro-M1 credits.

IVAN FRANKO HOME Пансіон Ім. Івана Франка

PRIVACY IMPACT ASSESSMENT (PIA) For the

Overview of Privacy Legislation in Ontario

Position Number(s) Community Division/Region(s) Fort Smith

PRIVACY IMPACT ASSESSMENT (PIA) For the

A PHIPA Update from the IPC

A Guide to Arts Funding

PRIVACY IMPACT ASSESSMENT (PIA) For the

MENTAL IN FRENCH. Understanding the Issues and the Urgent Need for Collaboration in the NWT. reseautnosante.ca

PRIVACY POLICY. 1. Privacy Statement

Information Privacy and Security

Chapter 19 Section 3. Privacy And Security Of Protected Health Information (PHI)

pic National Prescription Drug Utilization Information System Database Privacy Impact Assessment

Caring for Our People

Interim Resource Management Assistance (IRMA) Program. Guidelines. March IRMA Program Proposal Guidelines Page 1 of 13

DOCUMENT CONTROL Title: Use of Mobile Phones and Tablets (by services users & visitors in clinical areas) Policy. Version: Reference Number: CL062

Student Privacy Notice

Health Information Exchange 101. Your Introduction to HIE and It s Relevance to Senior Living

NWT Primary Community Care Framework

Entrepreneurs Programme - Supply Chain Facilitation

Statement of Guidance: Outsourcing Regulated Entities

RQIA Provider Guidance Independent Clinic Private Doctor Service

PRIVACY IMPACT ASSESSMENT (PIA) For the

July 2, Dear Mr. Bordley:

Compliance with Personal Health Information Protection Act

Information Sharing Drivers and Recommendations. Sherry Liang. Assistant Commissioner. Big Picture Issues The Regulators Perspective October 3, 2015

NWT Health Services Patient Experience Report 2016

Beyond Data Breach Notification: What's new in Privacy for Dr Jodie Siganto October 2017

MUNICIPAL AND COMMUNITY AFFAIRS

Integrating Healthcare and e-health in the Territories: The Tasks Ahead for Yukon, the Northwest Territories and Nunavut

Developing a framework for the secondary use of My Health record data WA Primary Health Alliance Submission

PERSONAL HEALTH INFORMATION PROTECTION ACT (PHIPA) Frequently Asked Questions (FAQ s) Office of Access and Privacy

Incubator Support initiative. An element of the Entrepreneurs Programme

Office of the Ombudsman

OSHA & HIPAA Seminar. Northern Texas Facial & Oral Surgery

Position Number(s) Community Division/Region(s) Yellowknife

STEP BY STEP SCHOOL. Data Protection Policy and Privacy Notice

Privacy and Management of Health Information

PRIVACY IMPACT ASSESSMENT (PIA) For the

Newfoundland and Labrador Settlement & Integration Program (NLSIP) Funding Guidelines

PRIVACY IMPACT ASSESSMENT (PIA) For the

FREEDOM OF INFORMATION AND PROTECTION OF PRIVACY A. 38

PRIVACY IMPACT ASSESSMENT (PIA) For the

Crest Healthcare Limited - 10 Oak Tree Lane

Farm Data Code of Practice Version 1.1. For organisations involved in collecting, storing, and sharing primary production data in New Zealand

PRIVACY IMPACT ASSESSMENT (PIA) For the

1-2 Canterbury Close. Voyage 1 Limited. Overall rating for this service. Inspection report. Ratings. Good

This policy has implications for all managers, staff, board members, students, apprentices and trainees, contractors and volunteers.

DEPUTY SECRETARY OF DEFENSE 1010 DEFENSE PENTAGON WASHINGTON, DC

Infection Prevention and Control Lapse Disclosure Guidance Document

Food Hygiene Rating Scheme A Report for the National Assembly of Wales

Opening the Door Hospitals & FOI. Applying PHIPA and FIPPA to Personal. Information: Guidance for Hospitals.

TABLED DOCUMENT (5) TABLED ON OCTOBER 5, 2015

CRCE Exam Study Manual Update for 2017

IRB 101. Rachel Langhofer Joan Rankin Shapiro Research Administration UA College of Medicine - Phoenix

NEW BRIGHTON CARE CENTER

RQIA Provider Guidance Independent Clinic Private Doctor Service

REVIEWED BY Leadership & Privacy Officer Medical Staff Board of Trust. Signed Administrative Approval On File

AUTHORIZATION FOR INDIRECT COLLECTION OF PERSONAL INFORMATION. Ministry of Health & Ministry Responsible for Seniors

Pre-RFP Issuance Document Explanation of Document Status Notes Bid and Proposal Checklist (requires signature during various steps of the process)

PRIVACY IMPACT ASSESSMENT (PIA) For the

Change Healthcare ERA Provider Information Form *This form is to ensure accuracy in updating the appropriate account

UNIVERSITY OF PENNSYLVANIA HEALTH SYSTEM

Transcription:

TABLED DOCUMENT 411-18(2) TABLED ON JUNE 2, 2017 GOVERNMENT OF THE NORTHWEST TERRITORIES RESPONSE TO COMMITTEE REPORT 8-18(2), REPORT ON THE REVIEW OF THE 2014-2015 and 2015-2016 ANNUAL REPORTS OF THE INFORMATION AND PRIVACY COMMISSIONER OF THE NORTHWEST TERRITORIES The NWT Access to Information and Protection of Privacy Act ( the Act or ATIPP Act ) became law in 1996. It was created to promote access to information that the government creates and receives, and to protect individual privacy rights related to that information. The NWT Health Information Act (HIA) came into force in 2015. It was created to protect residents personal health information by setting rules for the collection, use and disclosure of that information. It also allows for the provision of best care to patients by allowing health care providers to easily share information across authorities and jurisdictions. Under the Act, the Information and Privacy Commissioner is an independent officer appointed for a five-year term. The Act requires the Commissioner to file an annual report on her activities. The Commissioner may include in her report recommendations for amending the legislation to improve the Act s efficiency and effectiveness. The Standing Committee on Government Operations (the Standing Committee ) conducted a review of the Information and Privacy Commissioner s 2014-2015 and 2015-2016 annual reports. The report summarizing their review was tabled in the Legislative Assembly on March 2, 2017. It included seven recommendations. The following is the Government of the Northwest Territories (GNWT) response to the recommendations contained in the Committee Report 8-18(2), Report on the Review of the 2014-2015 and 2015-2016 Annual Reports of the Information and Privacy Commissioner of the Northwest Territories. Recommendation One of the Northwest Territories advise the House of specific target dates for the completion of a legislative proposal and the introduction of a bill to modernize and update the Access to Information and Protection of Privacy Act. The GNWT is committed to ensuring that the work related to the comprehensive review of the Access to Information and Protection of Privacy Act must continue to advance within the life of the 18 th Legislative Assembly. The GNWT is targeting June 2017 for the completion of the Legislative Proposal and March 2018 for the introduction of a Bill in the Legislative Assembly. May 2017 Page 1 of 5

Recommendation Two of the Northwest Territories identify all recommendations made by the Information and Privacy Commissioner by this and previous Standing Committees, for improvement to the Access to Information and Protection of Privacy Act. The Standing Committee on Government Operations further recommends that the Government of the Northwest Territories identify, in the legislative proposal to amend the Act, how these recommendations are being addressed. The GNWT s comprehensive review of the Access to Information and Protection of Privacy Act involved extensive consultation with public bodies, the Information and Privacy Commissioner (IPC) and the public. All feedback received during the course of these consultations, including the IPC s extensive submission for legislative changes and recommendations previously brought forward by the Standing Committee on Government Operations, have been thoroughly considered. The GNWT would like to acknowledge the commitment and insight received from the IPC throughout the comprehensive review of the Information and Protection of Privacy Act. The GNWT s Access and Privacy Office undertook a series of meetings with the IPC to discuss the results from each stage of the consultation process and to seek feedback on possible recommendations. The results of this engagement, including how the recommendations will be addressed, will form the basis for the Legislative Proposal. Recommendation Three of the Northwest Territories take the necessary steps to ensure that a modernized ATIPP Act is brought into force before the end of the 18 th Legislative Assembly. As previously stated, the GNWT remains committed to ensuring the work related to the comprehensive review advances within the life of the 18 th Legislative Assembly. As noted in Recommendation One, the GNWT is targeting March 2018 for the introduction of a Bill in the Legislative Assembly and anticipates amendments to the Access to Information and Protection of Privacy Act will come into force by April 2019. May 2017 Page 2 of 5

Recommendation Four The Standing Committee of Government Operations recommends that the Government of the Northwest Territories prepare and table a report on the status of the work it has completed to implement the Health Information Act, including the implementation of a public information campaign and training for health sector employees. The GNWT supports the Standing Committee s recommendation to report on the status of the work completed to implement the Health Information Act. The Department of Health and Social Services will prepare a report detailing the work completed from October 1, 2015, when the Health Information Act came into force, to October 2016. The report will provide statistics on the training for health sector employees and details of the public awareness campaign, among other activities completed. The Department anticipates that the report will be tabled in the Fall 2017 session. Recommendation Five The Standing Committee of Government Operations recommends that the Minister of Health and Social Services table the Health Information Act Guide in the Legislative Assembly and provide a televised public briefing to the Committee on the Health Information Act and its impacts on the rights of those who access health care in the Northwest Territories. The GNWT supports the Standing Committee s recommendation on this matter. The Department of Health and Social Services would be pleased to arrange a public briefing to the Committee on the Health Information Act and the rights of those accessing health care in the Northwest Territories. The Health Information Act Guide is currently publically available on the Department of Health and Social Services website. This website can be accessed as follows: http://www.hss.gov.nt.ca/sites/www.hss.gov.nt.ca/files/hia-guide.pdf. Recommendation Six of the Northwest Territories ensure that Health Authorities undertake the steps necessary to establish or adopt standards, policies and procedures in compliance with Section 8 of the Health Information Act. May 2017 Page 3 of 5

The Standing Committee of Government Operations recommends that the Government of the Northwest Territories keep the Committee advised of progress on this work, with a view to having the appropriate written procedures in place within six months from the date of this report. The GNWT understands the importance of implementing standardized privacy policies in NWT Health Authorities and will continue to advance this work. The Department of Health and Social Services, in consultation with the Department of Justice, is currently finalizing privacy policies that will be applicable across the entire health and social services system. In order to do this, the policies will be under a Ministerial directive that will require the Department of Health and Social Services and all three Health and Social Services Authorities to apply and implement the privacy and security policies. The initial policies being finalized are the following: o Privacy Breach Policy - provides direction on handling privacy breaches including notification, carrying out investigations, mitigating, responding to, and reporting on potential and confirmed privacy breaches; o Electronically Stored and Transferred Information Policy provides a consistent approach, that ensures safe and secure storage and transfer of electronic information; o De-Identification Policy provides common understanding and direction when applying de-identification methods to comply with privacy safeguard requirements to ensure personal health information is protected; o Privacy Impact Assessment (PIA) Policy provides direction when to complete a PIA, as well as use of the approved PIA template; o Mandatory Training Policy provides a framework to identify training obligations within DHSS and HSSAs and sets out mandatory minimum privacy training. Additional policies being developed include policies regarding masking, consent conditions, consent withdrawal, contractor compliance, and portable devices. The Department anticipates the policies will be implemented in the fall of 2017. As further policies are developed, they will also be brought under the Ministerial directive. May 2017 Page 4 of 5

Recommendation Seven The Standing Committee of Government Operations recommends that the Government of the Northwest Territories obtain a legal opinion on whether information system as referenced in s. 89 of the Health Information Act is limited to electronic health systems when the Act is considered as a whole; And further that the Government of the Northwest Territories share that legal opinion with the Standing Committee, in confidence, once it is completed; And furthermore, that the Government of the Northwest Territories conduct a privacy impact assessment on the health system transformation initiative, should the legal opinion find that information system as referenced in s. 89 of the Health Information Act is not limited to electronic health systems when the Act is considered as a whole. Health and Social Services system transformation implemented the new governance structure of the Northwest Territories Health and Social Services Authority on August 1, 2016 to improve delivery of health and social services across the NWT. The Health Information Act relies on industry-recognized interpretations of the term information systems. Currently, the standard definition of the term is a computer system or set of components for collecting, creating, storing, processing and distributing information, typically including hardware and software, system users, and the data itself. There have been no changes to HSS information systems as a result of system transformation. At the time of system transformation, the NWT health system already used one shared electronic medical record (EMR) system. There was not more than one EMR. There were no separate Health and Social Services Authority EMRs. At the time of system transformation, there was already only one shared interoperable Electronic Health Record system used by all Authorities. Before system transformation, there were four separate applications of MediPatient (Stanton, Inuvik, Hay River, and Fort Smith). There are still four separate MediPatient applications. Because there has been no impact on existing information systems as a result of system transformation, the Department has no plans to carry out a privacy impact assessment specifically on system transformation, and does not believe a legal opinion will be of assistance on this issue. May 2017 Page 5 of 5

2024 © careersdocbox.com Privacy Policy | Terms of Service | Feedback