PHIA: Difference between revisions

Line 1:

'''PHIA''' is the ~~Personal Health Information Act of the province of Manitoba. This legislation lays out what we have to do to make sure patient data is not compromised. A helpful summary of the act can be found~~ [http://www.ombudsman.mb.ca/phia-long.htm ~~here~~].

'''PHIA''' is the [http://www.ombudsman.mb.ca/phia-long.htm Personal Health Information Act] of the province of Manitoba lays out how all patient data must be treated. Everyone who works for this program must have received WRHA PHIA training, and must have signed a PHIA declaration.

~~~~

== What PHIA means for this wiki ==

As health care workers we all signed the Personal Health Information Act. While paper documentation of personal health information has to be handled respectfully and in accordance with security policies, digital data ~~needs to~~ be ~~treated with even more caution~~. The ~~reason being is~~ that ~~it is easily reproduced and communicated. With this newer PDA technology it is important~~ that ~~we make an added effort surrounding data security and set~~ the ~~standards for future projects.~~

PHIA states that patient data must be kept private. '''The contents of wiki articles are not private.''' This means that there must never be any information that could identify a patient in either

* wiki articles

* emails sent via the wiki

There are several security measures in place~~. First,~~ a [[PDA password | strong password on the PDA]] that uses capitals, numbers and at least 7 digits~~.  The next layer of security is~~ at the HanDBase program level~~. Of the data collected on each patient any~~ patient identifiers ~~have been encrypted. This encryption extends~~ to the backup files on the computer used for synchronization.

== Measures to ensure patient privacy in our data collection ==

There are several security measures in place:

* a [[PDA password | strong password on the PDA]] that uses capitals, numbers and at least 7 digits

* a password at the HanDBase program level and encryption of all patient identifiers on the PDA, extending to the backup files on the computer used for synchronization.

* network login is required on the computer

* the [[CCMDB.MDB]] used for formatting of data for import into [[ed's program]] is password protected

* computers are located in a locked office with limited access

** Note: at the OAKS hospital due to renovations in progress the PDA itself is in a locked cabinet in an office in the Medical Records department itself.

* PC data is stored on a folder on the [[regional server]] when possible; only the data collectors and the data managers have access to this folder.

On the computer, the computer itself is password protected, and the Access application is also password protected. The computer used for this is located in a locked office with limited access. The data on the computer is sent to onto a folder on the regional. Only the data collectors of a specific hospital and the data managers have access to this folder.

[[Category: IT Instructions]]

[[Category: Wiki usage]]

*NOTE:~~at the OAKS hospital due to renovations in progress the PDA itself is in a locked cabinet in an office in the Medical Records department itself.~~

~~{{stub}}~~

[[Category:~~IT Instructions~~]]

@@ Line 1: / Line 1: @@
-'''PHIA''' is the Personal Health Information Act of the province of Manitoba. This legislation lays out what we have to do to make sure patient data is not compromised. A helpful summary of the act can be found [http://www.ombudsman.mb.ca/phia-long.htm here].
+'''PHIA''' is the [http://www.ombudsman.mb.ca/phia-long.htm Personal Health Information Act] of the province of Manitoba lays out how all patient data must be treated. Everyone who works for this program must have received WRHA PHIA training, and must have signed a PHIA declaration.
-<!-- as off PDA and You, with modifications by Tina -->
+== What PHIA means for this wiki ==
-As health care workers we all signed the Personal Health Information Act. While paper documentation of personal health information has to be handled respectfully and in accordance with security policies, digital data needs to be treated with even more caution.  The reason being is that it is easily reproduced and communicated. With this newer PDA technology it is important that we make an added effort surrounding data security and set the standards for future projects.
+PHIA states that patient data must be kept private. '''The contents of wiki articles are not private.''' This means that there must never be any information that could identify a patient in either
+* wiki articles
+* emails sent via the wiki
-There are several security measures in place. First, a [[PDA password | strong password on the PDA]] that uses capitals, numbers and at least 7 digits.   <!--To enhance this security users are advised to not communicate this password and to frequently change it. --> The next layer of security is at the HanDBase program level.  Of the data collected on each patient any patient identifiers have been encrypted. This encryption extends to the backup files on the computer used for synchronization.
+== Measures to ensure patient privacy in our data collection ==
+There are several security measures in place:
+* a [[PDA password | strong password on the PDA]] that uses capitals, numbers and at least 7 digits
+* a password at the HanDBase program level and encryption of all patient identifiers on the PDA, extending to the backup files on the computer used for synchronization.
+* network login is required on the computer
+* the [[CCMDB.MDB]] used for formatting of data for import into [[ed's program]] is password protected
+* computers are located in a locked office with limited access
+** Note: at the OAKS hospital due to renovations in progress the PDA itself is in a locked cabinet in an office in the Medical Records department itself.
+* PC data is stored on a folder on the [[regional server]] when possible; only the data collectors and the data managers have access to this folder.
-On the computer, the computer itself is password protected, and the Access application is also password protected. The computer used for this is located in a locked office with limited access.     The data on the computer is sent to onto a folder on the regional. Only the data collectors of a specific hospital and the data managers have access to this folder.
+[[Category: IT Instructions]]
+[[Category: Wiki usage]]
-*NOTE:at the OAKS hospital due to renovations in progress the PDA itself is in a locked cabinet in an office in the Medical Records department itself.
-{{stub}}
-[[Category:IT Instructions]]