Who will see what in the new, shared clinical information system?

Setting privacy policy in the digital age is not an easy task. Health professionals need to access detailed patient information to provide high-quality care, and patient privacy must be respected.

It’s been the CST Privacy Working Group’s job to define the general principles and rules governing who should have access to what information in the new, shared clinical information system. The end product is called the access model.

“The access model sets out all the privacy controls that are in place for safeguarding patient information,” explains Steven Tam, General Counsel and Chief Privacy Officer for VCH and chair of CST’s Privacy Working Group. “These include auditing and restricting access to certain programs that are considered more highly sensitive.”

To develop the access model, the Privacy Working Group, whose members include clinicians, patient safety and quality representatives, privacy and IT professionals, researchers and a patient representative, have been consulting with people from different operational areas, from the Emergency Department to community care.

Who will see what

With a few specific exceptions (explained below), clinicians and clinical support staff will have access to all health information pertaining to a particular patient to whom they are providing care, including information that came from different facilities and programs. Users who clearly do not require access to certain information will only be provisioned with access to the information they require to perform their duties.

“The focus is on preventing inappropriate access to a patient’s record in the first place,” explains Steven. “An incomplete view of the record with missing information would significantly increase the risk of care decisions being made without the necessary information. We expect that having a robust auditing program in place will help to both catch and prevent privacy breaches.”

Preventing inappropriate access

Before staff and physicians can access patient information they will see a Relationship Declaration screen, prompting them to confirm that they have a legitimate reason for accessing that patient’s record. The Declaration will take only a few seconds to complete. Depending on the purpose specified (e.g. patient care, research, quality improvement, etc.) the system will remember the answer for a defined period of time.

An audit program will use the clinical information system’s audit log to detect suspicious access. Actual privacy breaches will be followed up with strict consequences, as they are now; and standard policies will be in place across VCH, PHSA and PHC.

“There will be many more users with access to more comprehensive health records, so our auditing capabilities need to be very robust,” affirms Steven. “Patients can gain access to the audit logs, too, so there will be transparency around who has accessed their information.”

Health authority and medical staff will receive the same training on their strict duty of confidentiality with respect to patient information as they do now. However, since they will now have access to a more complete patient record, they have received supplementary training to ensure that they know how to use all the information appropriately.

Access privileges need to be quick and easy

The Privacy Working Group has focused on making sure that legitimate users of the clinical information system will have an easy process for getting the right access privileges. “We’re working to ensure that the access model gets into operational use very quickly, and doesn’t impede access to the information people need to do their jobs,” confirms Steven.

Protecting sensitive data

“We met separately with programs whose patient data may be considered more sensitive, including mental health, forensics, addictions, HIV status and other communicable diseases, youth health, abortions and sexual health,” says Steven.

“We looked in-depth at what specific information was sensitive and not relevant to care outside a particular program and established restrictions on that basis.  Where we agreed that patient information should be made available even if it was considered sensitive – as in the case of mental health – it was because of the importance of having that information available to all care providers of the patient.”

For more information, email Steven Tam, General Counsel & Chief Privacy Officer VCH via Steven.Tam@vch.ca or info@CSTproject.ca.