Data Integration and Big Data In Ontario Brian Beamish Information and Privacy Commissioner of Ontario

Similar documents
A PHIPA Update from the IPC

A Deep Dive into the Privacy Landscape

The Personal Health Information Protection Act

Opening the Door Hospitals & FOI. Applying PHIPA and FIPPA to Personal. Information: Guidance for Hospitals.

Mandatory Reporting and Breach Notification Changes to PHIPA and what you need to know

Information Sharing Drivers and Recommendations. Sherry Liang. Assistant Commissioner. Big Picture Issues The Regulators Perspective October 3, 2015

Your Privacy. Ontario s Information and Privacy Commissioner.

What to do When Faced With a Privacy Breach: Guidelines for the Health Sector. ANN CAVOUKIAN, Ph.D. COMMISSIONER

The Impact of New Technology in Health Care on Privacy

PERSONAL HEALTH INFORMATION PROTECTION ACT (PHIPA) Frequently Asked Questions (FAQ s) Office of Access and Privacy

RFID and Privacy in Health Care: Guidance for Health Care Providers

Your Health Information and Your Privacy in Our Office

Your Health Information and Your Privacy in Our Facility

Routine Disclosure Plan

RISK MANAGEMENT BULLETIN

I SBN Crown copyright Astron B31267

Occupational Health Privacy Notice

Privacy Toolkit for Social Workers and Social Service Workers Guide to the Personal Health Information Protection Act, 2004 (PHIPA)

PRIVACY AND ANTI-SPAM CODE FOR OUR ORGANIZATION

REVIEWED BY Leadership & Privacy Officer Medical Staff Board of Trust. Signed Administrative Approval On File

Charting a Course for the Future

Draft Code of Practice FOR PUBLIC CONSULTATION

YORK REGION DISTRICT SCHOOL BOARD. Policy and Procedure #158.0, Information Access and Privacy Protection

JOINT NOTICE OF PRIVACY PRACTICES

NOTICE OF PRIVACY PRACTICES

PROCEDURE-STUDENT RECORDS

PRIVACY AND ANTI-SPAM CODE FOR OUR DENTAL OFFICE Please refer to Appendix A for a glossary of defined terms.

PRIVACY BREACH GUIDELINES

Overview of Privacy Legislation in Ontario

AN OVERVIEW OF FIPPA for FACULTY, INSTRUCTORS & ADMINISTRATORS. Information and tips on how to keep you FIPPA FRIENDLY

NOTICE OF PRIVACY PRACTICES

The Code of Ethics applies to all registrants of the Personal Support Worker ( PSW ) Registry of Ontario ( Registry ).

POPULATION DATA BC. Privacy in Health Research. Caitlin Pencarrick Hertzman Population Data BC University of British Columbia CFRI, April 2012

FREEDOM OF INFORMATION AND PROTECTION OF PRIVACY A. 38

EAST CALDER & RATHO MEDICAL PRACTICE YOUR INFORMATION

White Rose Surgery. How we collect, look after and use your data.

[Enter Organization Logo] CONSENT TO DISCLOSE HEALTH INFORMATION UNDER MINNESOTA LAW. Policy Number: [Enter] Effective Date: [Enter]

June 19, The Honourable Dave Levac Speaker of the Legislative Assembly of Ontario. Dear Speaker,

AUTHORIZATION FOR INDIRECT COLLECTION OF PERSONAL INFORMATION. Ministry of Health & Ministry Responsible for Seniors

This policy has implications for all managers, staff, board members, students, apprentices and trainees, contractors and volunteers.

Report of the Information & Privacy Commissioner/Ontario. Review of the Cardiac Care Network of Ontario (CCN):

Compliance Program Updated August 2017

NEW BRIGHTON CARE CENTER

Compliance with Personal Health Information Protection Act

SUMMARY OF THE CIRCUMSTANCES AND PURPOSES FOR WHICH YOUR HEALTH INFORMATION MAY BE USED AND DISCLOSED

PEDIATRIC HEALTH ASSOCIATES HIPAA NOTICE OF PRIVACY PRACTICES

Privacy Rio Grande Valley HIE Policy: P1. Last date Revised/Updated 02/18/2016

How we use your information. Information for patients and service users

HIPAA Notice of Privacy Practices

HIPAA Privacy Rule and Sharing Information Related to Mental Health

Health Care Reform (Affordable Care Act) Leadership Summit April 26, 2010 Cindy Graunke

INVESTIGATION REPORT

ONE ID Alternative Registry Standard. Version: 1.0 Document ID: 1807 Owner: Senior Director, Integrated Solutions & Services

Infection Prevention and Control Lapse Disclosure Guidance Document

SUMMARY OF NOTICE OF PRIVACY PRACTICES

Report of the Information & Privacy Commissioner/Ontario. Review of Cancer Care Ontario:

Fundamental Standards - Duty of Candour. Shaun Marten Inspector June 2015

NOTICE OF PRIVACY PRACTICES

College of Midwives of Ontario Professional Standards for Midwives

WELCOME. Payment will be expected at the time of service. Please remember our 24 hour cancellation notice.

(PLEASE PRINT) Sex M F Age Birthdate Single Married Widowed Separated Divorced. Business Address Business Phone Cell Phone

USE AND DISCLOSURE OF PROTECTED HEALTH INFORMATION WITHOUT AUTHORIZATION

CIRCLE OF CARE. Ann Cavoukian, Ph.D. Information and Privacy Commissioner, Ontario, Canada

Fair Processing Notice or Privacy Notice

Getting Ready for Ontario s Privacy Legislation GUIDE. Privacy Requirements and Policies for Health Practitioners

ERIE COUNTY MEDICAL CENTER CORPORATION NOTICE OF PRIVACY PRACTICES. Effective Date : April 14, 2003 Revised: August 22, 2016

The National Patient Experience Survey Programme. Statement of information practices

1 LAWS of MINNESOTA 2014 Ch 250, s 3. CHAPTER 250--H.F.No BE IT ENACTED BY THE LEGISLATURE OF THE STATE OF MINNESOTA:

PATIENT BILL OF RIGHTS & NOTICE OF PRIVACY PRACTICES

INFORMATION TO BE GIVEN

Recommendation One. GNWT Response

Privacy Policy - Australian Privacy Principles (APPs)

EXAMINATION OF BRITISH COLUMBIA HEALTH AUTHORITY PRIVACY BREACH MANAGEMENT

West Virginia University School of Dentistry. Policy on Dental Health Care Workers and Patients Infected with Bloodborne Infectious Diseases

Department of Defense INSTRUCTION

Orthopedic Specialty Clinic, Ltd. Updated 05/2014

GPs as data controllers under the General Data Protection Regulation

Addressing ethical dilemmas in our work with persons affected by HIV/AIDS

DATA PROTECTION POLICY

POLICY STATEMENT PRIVACY POLICY

NOTICE OF PRIVACY PRACTICES

Beyond Data Breach Notification: What's new in Privacy for Dr Jodie Siganto October 2017

Application for Recognition or Expansion of Recognition

Advanced Oral & Maxillofacial Surgery, Ltd. NOTICE OF PRIVACY PRACTICES

Freedom of Information and Protection of Privacy

PRIVACY IMPACT ASSESSMENT (PIA) For the

NOTICE OF PRIVACY PRACTICES

Technology Standards of Practice

NOVA SCOTIA DIETETIC ASSOCIATION CODE OF ETHICS FOR PROFESSIONAL DIETITIANS

Principles of Data Sharing for GPs and LMCs

Patient Consent Form

Greenwood Connections Notice of Privacy Practice

Registration and Renewal Policy

The Criminal Justice Information System at the Department of Public Safety and the Texas Department of Criminal Justice. May 2016 Report No.

January 18, CDT Comments on CCTV: Developing Best Practices Docket No. DHS Submitted via

Privacy health check: Diagnosing for law reform

NOTICE OF PRIVACY PRACTICES Mid-Atlantic Women s Care, PLC Effective Date: September 23, 2013 Last Revised: February 15, 2018

HIPAA THE PRIVACY RULE

PATIENT NOTICE OF PRIVACY PRACTICES Effective Date: June 1, 2012 Updated: May 9, 2017

Investigation Report H2017-IR-02 Investigation into multiple alleged unauthorized accesses of health information at South Health Campus

Transcription:

Data Integration and Big Data In Ontario Brian Beamish Information and Privacy Commissioner of Ontario Access, Privacy and Records and Information Management (RIM) Symposium October 17, 2016

Our Office The Information and Privacy Commissioner (IPC) provides an independent review of government decisions and practices concerning access and privacy The Commissioner is appointed by and reports to the Legislative Assembly The Commissioner remains independent of the government of the day to ensure impartiality

The Three Acts The IPC oversees compliance with: Freedom of Information and Protection of Privacy Act (FIPPA) Municipal Freedom of Information and Protection of Privacy Act (MFIPPA) Personal Health Information Protection Act (PHIPA)

Privacy Obligations under FIPPA Collection, use, disclosure rules No collection unless authorized by statute used for law enforcement or necessary to lawfully authorized activity Must have a legitimate reason for collecting personal information, such as requiring a birth certificate to issue a driver s license No use unless purpose collected consistent purpose written consent Cannot use information from the birth registry to send out birthday cards No disclosure unless consent consistent purpose comply with legislation law enforcement health or safety compassionate reasons Video capturing evidence of a crime can be shared with police, even if it contains personal information 4

Data Integration Sometimes known as data linking/linkage or data/computer matching Involves the computerized comparison of databases to allow linkages to be made of information Technology has changed the landscape Where the data integration involves PI, there is a requirement to comply with FIPPA and MFIPPA

Privacy Challenges of Data Integration PI should be collected directly from the individual With some exceptions, it should only be used and disclosed for the purpose for which it was collected or a consistent purpose The individual to whom the PI pertains has a right to notice of the collection The PI used by an institution should not be used unless it is accurate and up to date

The Historical Perspective Concerns about the privacy implications of data integration existed before FIPPA and MFIPPA were proclaimed in force 1980 Williams Commission Report on Freedom of Information and Individual Privacy stated: The prospect of greater integration of databases raises, in turn, a number of privacy issues it is feared that the use of such dossiers may constitute a form of data surveillance which might operate against the legitimate interests of the individual

Privacy and Computer Matching In a 1991 report to the Standing Committee on the Legislative Assembly, the IPC recognized the potential benefits of data integration, including: Detection and deterrence of fraud, waste and abuse Improved efficiency and effectiveness of programs Support for evidence based decision-making However, IPC also recognized the fundamental tension between data integration and certain basic principles of privacy Recommended a task force be created to study appropriate mechanisms to control and monitor data integration within the Ontario government

Big Data Analytics Process of running algorithms on integrated data sets to uncover hidden patterns Use of these analytics may raise significant privacy and other ethical and fairness issues May be used to infer rules that allow for automated decision making (about individuals) and the prediction of future results Process works the same regardless of whether analyzed data sets are de-identified or not, although the patterns extracted may differ

Recent Initiatives Data integration initiatives differ from past ones Purpose is to support policy development, system planning, resource allocation and performance monitoring Goal is sharing information about individuals for the purposes of conducting research Although not tied to direct service delivery, research may inform future collection and use of PI Challenge is to ensure that adequate measures are in place to protect the individuals whose PI is collected, used and disclosed while enabling the initiatives

Privacy Risks of Big Data Generation of new PI not collected directly from the individual Use of poorly selected data sets that: lack information/are incomplete contain incorrect or outdated information disproportionately represent certain populations Incorporation of implicit or explicit biases Generation of pseudo-scientific insights that assume correlation equals causation Lack of knowledge/transparency regarding the inner logic of the system If not designed properly, can result in uses of PI that may be unexpected, invasive and discriminatory

Best Practices Legislative authority to collect, use and disclose PI within and among institutions Independent review process to govern projects including PIAs, TRAs and research ethics Transparency of approved projects Secure process for linking PI Requirement to de-identify PI after linking Delete the linked data once the research is complete

Additional Safeguards Prohibit the use of sensitive categories of PI Verify or ensure the accuracy and non-bias of the results in an independent manner Provide notice to affected individuals Allow affected individuals to challenge or respond to the results

Governance and Oversight Accountability frameworks for data integration and big data analytics should involve senior staff with authority to monitor and provide effective oversight Projects should engage experts in human rights, research ethics, privacy and de-identification

Digital and Big Data Literacy Develop clear policies setting out: The administrative, technical and physical safeguards in place to secure the data The nature of the privacy, human rights and research ethics review to be conducted on projects: Ensure that staff receive training on the policies and systems and permissible collections, uses and disclosure of PI

Reform of FIPPA and MFIPPA Need principled based legislation governing data linking and big data analytics which could include the following safeguards: Creation of a data institute or institutes with expertise in privacy, human rights and ethical issues involved with data integration and analytics Requirements for data minimization Privacy impact assessments and threat risk assessments Mandatory breach notification and reporting to the IPC and the affected individuals Order-making and audit powers for the IPC

PHIPA Offers Model Personal Health Information Protection Act (Section 47) can serve as a model for achieving some of these goals Disclosure for analysis of health system Section 47 sets out important requirements for data sharing: Creation of health data institute Strong oversight by IPC De-identification Secure policies and procedures

Summary Ensure you have the authority to collect and disclose De-identification protects against the disclosure of individuals identities, but not against other big data harms Be aware of data fundamentalism i.e., the belief that correlation always implies causation and numbers always represent objective truth Individuals affected by automated decision-making have important rights

De-identification De-identification - the removal of PI from a record or data set Outlines a risk-based, step-bystep process to assist institutions in de-identifying data sets containing PI

How to Contact Us Information and Privacy Commissioner of Ontario 2 Bloor Street East, Suite 1400 Toronto, Ontario, Canada M4W 1A8 Phone: (416) 326-3333 / 1-800-387-0073 TDD/TTY: 416-325-7539 Web: www.ipc.on.ca E-mail: info@ipc.on.ca

2024 © careersdocbox.com Privacy Policy | Terms of Service | Feedback