Week 2 - privacy and security

Question 1

ON RPh Code of ethics 2.9

Answer 1

Members respect the patient’s right to privacy and confidentiality and take every reasonable precaution to protect patient confidentiality by preventing unauthorized or accidental disclosure of confidential patient information.

-this includes technicians and assistants and cashiers

Question 2

ON RPh Code of ethics 3.6

Answer 2

Members respect patients right to privacy and do not disclose confidential information without the consent of the patient unless authorized by law or by the need to protect the welfare of the patient or the public

Question 3

PHI - what abbreviate

Answer 3

personal health information

Question 4

what is PHI

Answer 4

oral or written info about an individual

Question 5

what is considered PHI

Answer 5

individuals physical or mental health including family history

provision of health care, including the ID of persons providing care

a plan of service for individuals requiring LTC

info relating to payment or eligibility for HC

info relating to donation of body parts/substances or that is derived from the testing or examination of such parts or substances

an individuals health number

info that IDs and individuals substitute decision maker

Question 6

PHIPA - what abbreviate

Answer 6

Personal health information protection act

Question 7

PHIPA
-safeguarding PHI
+(3)

Answer 7

you must take reasonable steps to safegurad PHI

• locking filing systems, alarm systems
• passwords, firewalls, virus scanners
• staff training, confidentiality agreements

Question 8

Passwords - how manage

Answer 8

SHOULD NOT BE UNIVERSAL

-different passwords allow you to track who went into PHI

Question 9

PHIPA

-requirements of electronic records (3)

Answer 9

electronic records should

• have passwords
• file backups to protect against loss/theft
• records with date/time, note changes, keep OG content if anything changed

Question 10

written notes with patient name

Answer 10

considered PHI

Question 11

PHIPA - when there is a breach

Answer 11

notify individuals about a privacy breech

Question 12

PHIPA - records retention

Answer 12

retain records for as long as needed for legal purposes

Question 13

PHIPA - record transfers

Answer 13

safely transfer records to another location

Question 14

PHIPA - record destruction

Answer 14

safely destroy records

• shed/burn hard copies
• physically destroying electronic media

Question 15

Principles of circle of care: who are considered health information custodians

Answer 15

all healthcare professionals are health information custodians

Question 16

Principles of circle of care: where must PHI be received from

Answer 16

PHI must be received from the patient, patients agent or another custodian

Question 17

Principles of circle of care: consent

Answer 17

need consent to share information with a non-custodian

Question 18

Principles of circle of care: custodian to custodian sharing

Answer 18

for custodian to custodian sharing, patient can withold consent

Question 19

Principles of circle of care: sharing between disciplines

Answer 19

can only share info that applies to what they do
-dentist ask for PHI
+only share stuff about teetth

Question 20

Principles of circle of care: sharing within same practice

doc to doc, RPh to RPh

Answer 20

okay - just dont ID patient

-no name, gender, location etc

Question 21

privacy

Answer 21

right to keep your information to yourself and private

Question 22

security

Answer 22

systems or processes to ensure information remains protected

Question 23

confidentiality

Answer 23

principles that information is not made available unless authorized

Question 24

patient record

Answer 24

piece of PHI

ex. (list of Rx’s, list of patient names on pharmacy paper with pharmacists name on it)

Question 25

PHI

Answer 25

information pertaining to an individual and their healthcare with their name and information tying it to HC

Question 26

health information custodian

Answer 26

someone/grps who ensure health information remains secure (bound by low PHIPA)

Question 27

circle of care

Answer 27

other HCPs involved in providing care to specific patient

Question 28

implied consent

Answer 28

voluntary agreement through action/inaction of patient

Question 29

Which types of privacy laws apply to you as a pharmacy student in a community pharmacy in Ontario?

Answer 29

PHIPA

Question 30

Which types of privacy laws apply to you as a pharmacy student in a hospital setting in Ontario?

Answer 30

PHIPA

Question 31

When can you access a record or divulge info?

Answer 31

when necessary for care and when youre in the CoC (gives implied consent)

Question 32

what is a privacy violation

Answer 32

when PHI, intentional or unintentional, divulged to ppl outside CoC without patient consent

Question 33

How can you safeguard personal health info?

Answer 33

no sharing of passwords

use server

encrypted emails

etc

Question 34

You are working in a pharmacy and your friend’s boyfriend comes in. You are not filling prescriptions at that moment and he doesn’t see you. After he leaves, are you allowed to go into his file to see what was prescribed?

Answer 34

No

Question 35

You are working in a hospital and your friend tells you she’s coming to the hospital to visit her girlfriend but doesn’t say why she’s been admitted. You go into her file to see what’s going on. Is this allowed?

Answer 35

no

Question 36

You are working at a hospital that you went to as a younger person. Are you allowed to look up your own record?

Answer 36

no - need to ask for it

Question 37

Your parent asks you to bring home a printout of their pharmacy records for their taxes. They fill all prescriptions at your pharmacy. Are you allowed to do this?

Answer 37

No

Question 38

A patient tries to fill a prescription for Valium. You notice that all prior Valium prescriptions are from different doctors. You worry they are being forged. Can you call other pharmacies to ask if this patient has filled any Valium prescriptions lately and to alert them?

Answer 38

yes

-protecting health and safety of patient/others so can breach

Question 39

You are working at a store and a physician asks you to send a full drug list for a patient that you both share. Is this allowed?

Answer 39

yes