Tips for Maintaining Privacy with Ehealth

New developments and programs bring the need for new privacy laws and regulations. This is the case with eHealth in Australia.

From the 12th March 2014 the privacy laws and guidelines in Australia will be receiving a sort of make over and upgrade. Bigger changes than have previously been made to the Privacy Act (1988) will be implemented. The changes include the creation of 13 Australian Privacy Principles which will replace the current National Privacy Principles (for the private sector) and Information Privacy Principles (for the public sector).

These new principals include new regulations to encompass eHealth, such as the PCEHR Act 2012.

Information that is important for the public about their privacy and eHealth records can be sourced from the new Office of the Australian information Commissioner (OAIC) Website under Pubications and Resources. Factsheets number 13,14 and 15 are explicitly related to ehealth privacy, two sheets for healthcare professionals and the public. http://www.oaic.gov.au/ is a good place to start!

Tips for maintaining privacy with your Personally Controlled Electronic Health Records include:

• You are in charge of how much influence you have over the information that can be accessed by specific healthcare providers.
• Decide upon what access settings you would like as soon as you sign up, and regularly check and update these. Keep up to date with who is on your ‘access list’.
• You can organise an access code to further restrict access to your record by certain healthcare providers, or even restrict access to particular  documents if  you do not want them to be accessed. This access code would ensure that only healthcare professionals that you approve of can access your eHealth record.
• It is recommended that those who sign up or are thinking of signing up read the eHealth record System Operators privacy notices and policies to further their understanding about how their information will be handled.
• If you do not want certain information or a certain document uploaded to your eHealth record by a particular healthcare professional, you should let them know. If it has already been uploaded and they refuse to take it down you can organise for the documents removal through medicare.
• Always be sure to think it through and decide upon the importance of a document before removing or requesting its removal, as once it is removed from you eHealth record, it will not be available during an emergency.
• Remain vigilant about checking to make sure no unauthorised access to your eHealth record has occurred.
• Check your record frequently to be sure that information held on the record is up to date, correct and complete.
• One of the most important aspects of keeping your health information secure and private is by making sure you protect your record with a strong password.
• The new system is protected by the PCEHR Act (2012) which limits how information may be collected, used and disclosed. If information is not collected within these regulations then this is an interference with privacy.
• You may opt-out at any time.

Important privacy information tips for Healthcare providers include:

• Heathcare providers need to know what is expected of them under the PCEHR Act as there are serious penalties for non-compliance, (information can be collected, used and disclosed to provide healthcare to the patient)
• Develop robust practices for using the PCEHR system and be sure all staff are adequately trained
• Inform patients of any information that you will be adding, do not add information that you have not previously discussed with them.
• Do not collect more information from someone’s Ehealth record than is necessary
• Be professional and practice responsibly when collecting, using and disclosing information from a patients eHealth record.
• Understand how an eHealth record can be used in the case of an emergency

It is important that all parties involved know what their role is in maintaining privacy when it comes to eHealth records. It really is a situation where patients are just as crucial to the maintenance of their private health information as healthcare providers. One of the interesting aspects of the system where the patient seems to have the majority share of power.

Pharmacists need to be sure that they are completely up to date with current privacy laws surrounding eHealth, and understand the new changes coming in to force next year. Maintaining the integrity of our patients privacy is always paramount, and thus this new age of IT and Health collaboration means that Pharmacists need to ensure a complete understanding of their role when it comes to privacy and patient health. Pharmacists remain the middle man between doctors and patients (especially when it comes to medications), therefore they will have to learn to balance their information share between collection for healthcare reasons and collecting/ accessing more than is required.

These are interesting  times in which we do live!