top of page
Writer's pictureProf. (Dr) Usha

PATIENT PRIVACY AND CONFIDENTIALITY IN HEALTHCARE

Although confidentiality and privacy are often used interchangeably, they are legally different. Privacy is the right to freedom from intrusion into one's personal matters or information. Confidentiality is an ethical duty that prevents certain people from sharing information with third parties. Healthcare professionals (HCPs) therefore have a duty to treat confidential information with utmost care and prevent it from getting into the hands of others. This concept, called patient confidentiality, is strictly abided by everyone in healthcare team including Medical office assistants/administrators (MOAs). Patient privacy and confidentiality in healthcare are very vital since they build trust, helps healthcare team to provide best patient care, preserves HCP’s reputation, and it is also a requirement under the law. No one can share PHI without client’s permission. Privacy concerns people, whereas confidentiality concerns data. The research proposal should outline strategies to protect privacy including how the investigator will access information from or about participants. whereas confidentiality pertains to the researcher's obligation to protect and prevent unauthorized disclosure of this personal information.

 

Privacy Act and personal information (PI)

Privacy is governed by the Privacy Act. The purpose of this Act is to extend the present laws of Canada protecting the privacy of individuals with respect to PI. Privacy includes the right: to be free from interference and intrusion, to associate freely with whom you want and also to be able to control who can see or use information about an individual.


Collection, retention, disposal of PI as per privacy Act

Collection of PI

No PI shall be collected by an institution unless it relates directly to institution’s operating program or activity. An institution can collect PI for an administrative purpose directly from the related individual except where the individual authorizes otherwise. It shall inform any individual from whom it collects PI about the purpose of its collection except-

(a) where compliance might result in collection of inaccurate information; or

(b) defeat the purpose or prejudice the use for which information is collected

Retention of PI used for administrative purpose

Retention of PI for a period of time as prescribed by regulation in order to ensure that the person to whom it relates has a reasonable opportunity to obtain access to PI. A govt institution shall also take all steps to ensure that PI used for administrative purpose is as accurate, up-to-date and complete as possible.

Disposal of PI

An institution shall dispose of PI under its control in accordance with regulations and directives/guidelines issued by designated minister in relation to PI disposal.

 

Confidentiality and Personal health information (PHI)

In general, confidentiality refers to keeping information or knowledge secret, preventing unauthorized access to PI. Personal health information (PHI) includes identifiable information about health or health care history. This includes patient’s medical history, HCP visit details, test results and health card number. Under the Personal Health Information Protection Act (PHIPA), patient has right to request access to his/her PHI held by HCPs, called health information custodians, such as physicians and nurses. People have many HCPs involved in their care, such as physicians, pharmacists and therapists. This is called a circle of care.

Patient confidentiality protects the patient and others. In research, confidentiality refers to the researcher’s agreement with the participant about how the participant’s identifiable PI will be handled, managed, and disseminated. The research proposal should outline strategies to maintain confidentiality of identifiable data, including controls on storage, handling, and sharing of data. The way confidentiality is defined and enforced depends on how it is written into employees' contracts and business policies.

 

Confidentiality and Health Privacy

In Canada, physicians are obligated to keep all patient information confidential. Confidentiality encourages the patient to provide the physician with all relevant information so that they can diagnose and treat the patient. The specific privacy laws vary by province/territory. However, similar confidentiality oaths and ethical expectations apply across Canada.

Ontario’s Personal Health Information Protection Act (PHIPA) gives you the right to:

  • be made aware of the reasons for the use of your PHI;

  • be alerted of unauthorized disclosure of your PHI;

  • refuse or consent to the use of your PHI as well as withdraw your consent;

  • complain to the privacy office about a privacy breach or potential breach; and

  • begin a legal process for damages for harm suffered after an order has been issued or a person has been convicted of an offence under PHIPA.

Privacy and confidentiality

  1. Both are important in today’s highly competitive and constantly advancing environment of healthcare, as any breach not only may affect a person's dignity but can cause harm. For example, when a PHI is disclosed to an employer, insurer, or family member, it can result in stigma, embarrassment, and discrimination.

  2. PI of clients or employee information that managers collect- both are crucial. When confidential information is not protected and secured, it can cause losses to the business and reveal the possibility of fraudulent activity such as identity theft, healthcare fraud, client information data breach etc. There are privacy and confidentiality policies one can implement in their practice.

  3. For a medical team, it is also vital to maintain duty of confidentiality because if you do not, apart from risking your job, you could also face legal action for breach of confidence.

  4. While using an electronic health record (EHR), technical safeguards needed to protect PHI.

  5. Many hospitals and clinics have mandatory confidentiality agreements and training to protect patient’s privacy.

  6. Under the privacy code in Canada, PHI shall not be used or disclosed for purposes other than those for which it was collected, except with consent of the individual or as required by law. PHI shall be retained only as long as necessary for the fulfilment of those purposes.

The protection of privacy and the concomitant duty of confidentiality are essential to foster trust in the patient-physician-relationship, the delivery of good patient care and a positive patient care experience. The Canadian Medical Association (CMA) principles for the protection of patients’ PHI provide guidance on key ethical considerations pertinent to protection of information in a way that considers a physician’s ethical, professional, and legal obligations.

 

References:

 

Diploma in Medical Office Assistant & Medical Office Administration (MOA) Programs at Springfield College provides training to produce knowledgeable and well-informed Healthcare Administrators who are adept at adjusting to new developments in health care regulations, technology and policies. They become creative, flexible, analytical and organized in putting taught knowledge, skills and clinical expertise into their medical practice at workplaces. Our Diploma-MOA program and training make the students perfectionist to function as the “face” of their organization, while exercising professionalism in demeanor and work. They acquire skills and capabilities to effectively communicate with patients/clients and office administration at all professional levels, specialties and roles.


You can also read:



Learn and advance your skills and knowledge of Medical administration in just few months instead of few years. Contact us for customized schedule (weekdays and weekends.  

1- Bartley Bull Parkway, Suite # 19(2nd Floor)

Brampton, ON L6W 3T7

(Across Shoppers World Brampton, Above Food Basics)

Tel: 905-216-1600

59 views0 comments

Comments


bottom of page