L7 - Privacy and Confidentiality Flashcards
(12 cards)
what makes certain information ethically significant?
- most of us think we should be able to control the communication of certain ‘personal’ information (autonomy, dignity)
- some information can be harmful if mishandled (non-maleficence)
- some information provides opportunity to help to protect someone or something (beneficent, justice)
- responsible use of information is necessary to maintain good relationships (trust, duty of care)
confidentiality vs. privacy
- privacy about restrictions on access to people and information
- confidentiality is about the use of private information that has been communicated within a certain kind of relationship
what is the primary legislation relating to information
- in NZ the use of information is covered under the privacy act 2020
- the use of health information is covered under the health information privacy code 2020. this details the special requirements of healthcare professional in their handling of health information
- we also have a privacy commissioner tasked with overseeing and providing expert opinion on cases relating to the use and misuse of information
summaries the HIPC rules
- Rule 1-4: govern the collection of personal information. this includes the reasons why personal information may be collected, here I may be collected from and how it is collected
- Rule 5: governs the way personal information is stored. it is designed to protect personal information from unauthorised use or disclosure.
- Rule 6: gives individuals the right to access information about themselves
-Rule &: gives individuals th right to correct information about themselves - Rule 8-11: place restriction son how people and organisations can use or disclose personal information. these include ensuring information is accurate and up to date, and that it isn’t improperly disclosed
- Rule 12 - governs how ‘unique identifiers’ - such as IRD numbers, bank client numbers, DL and passport numbers - can be used.
what counts as health information?
information about that individual which is collected before or in the course of and incidental to, the provision of any health service other than disability service to that individual
- any identifiable information that you acquire in your role as a dentist should be regarded as health information, and therefore as confidential. so need to ask yourself how you know that information. if it was during consult, then can’t share it.
what can health information be used for?
the general information is that information may be used for the purposes for which it was given
(relates to rule 1 [purpose of collection of health information] and rule 10 [limits on use of health information] - reasonable grounds)
- people give information with certain expectations
in general, consent is required before information can be used for treatment, teaching and research
- there is debate about whether It should be permissible to use dome kinds of information for certain kinds of research without consent (for eg. when massive database, not practical to get everyones consent)
how should information be stored?
- providers must ensure patient information is kept secure
- keep in mid that this applies to any recording, transferences and utterances of health information
- documents for us on BB
who is permitted to access health information?
- another healthcare worker if access is consistent with the purpose for which it was given
- the patient: yes
- the patients parents: yes, if the patient is a minor or gave consent
- pts spouse, pts friends, dental students, researchers: only if the patient consents
what information should be recorded?
relates to rule 1 and 8
- should be recorded for lawful purposes and information that is necessary for that purpose
however…
rule 4 states that information should not be collected by unlawful means to means that are unfair or intrusive to the personal affairs of that pt
when may information be disclosed to a third party?
rule 10
- the use of that information for that other purpose is authorised by the individual concerned, or the individuals representative if the individual is unable to consent
- the use of information to prevent or lessen serious threat to public health or safety, or the life or health of the individual concerned or another individual
So, information can be disclosed to a third party if:
- the disclosure is related to the reason for collection
- information is unidentifiable
- the individual has given their consent
- the provider believes it it necessary to prevent or lesson a serious threat
- the law requires it (under the Health Act)
- to if you suspect abuse (lots of ppl don’t report though bc they think they are wrong)
how are internet postings and social medial related to this?
- inappropriate use can result in damage to personal integrity, professional-patient, professional-colleague relationships and future employment opportunities
- in maintaining confidentiality you must ensure that any patient or situation cannot be identified by the SUM of information online
- ie. there is a lot you can do to deidentify the patients information
summarise the rules of the code
- only collect health information if you really need it
- get it straight from the people concerned when possible
- tell them what you are doing with it
- be considerate when you are getting it
- take care of ti once you’ve got it
- people can see their health information when they want to
- they can correct it if its wrong
- make sure health information is correct before you use it
- get rid of it when you’re done with it
- use it for the purpose you got it
- only disclose it if you have a good reason
- only assign unique identifiers where permitted
