PHIA

PHIA is the Personal Health Information Act of the province of Manitoba. This legislation lays out what we have to do to make sure patient data is not compromised.

As health care workers we all signed the Personal Health Information Act. While paper documentation of personal health information has to be handled respectfully and in accordance with security policies, digital data needs to be treated with even more caution. The reason being is that it is easily reproduced and communicated. With this newer PDA technology it is important that we make an added effort surrounding data security and set the standards for future projects.

There are several security measures in currently in place. First, a strong password on the PDA that uses capitals, numbers and at least 7 digits. To enhance this security users are advised to not communicate this password and to frequently change it. The next layer of security is at the HanDBase program level. Of the data collected on each patient any patient identifiers have been encrypted. This encryption extends to the backup files on the computer used for synchronization.

On the computer, the computer itself is password protected, and the Access application is also password protected. The computer used for this is located in a locked office with limited access. The data on the computer is dumped onto a folder on the regional. Only the data collectors of a specific hospital and the data managers have access to this folder.