Call Girls Shimla Just Call 8617370543 Top Class Call Girl Service Available
Electronic Health Record Privacy - CIO's Perspective
1. Data Security and
Privacy in Health IT
HINZ Seminar Series
18 March 2005, Crowne Plaza
Hotel, Auckland
2. A Well Known Quotation
We trained hard but it seemed that every
time we were beginning to form up into
teams, we would be re-organised.
I was to learn later in life that we tend to
meet any new situation by re-organising; and
a wonderful method it can be for creating the
illusion of progress while producing
confusion, inefficiency and demoralization."
3. Variously Attributed To
1. Petronius Arbiter, (200 BC)
2. Caius Petronius Arbiter (50 BC)
3. Petronius Satyricon, (50 AD)
4. Gaius Petronius. (66 AD)
• Gaius Petronius Arbiter (1st Century AD)
4. But....
• The quote first appeared in Robert
Townsend’s Up the Organization (1970)
• Believed to have been originated by
“some disgruntled soldier who pinned
this quotation to a bulletin board in one
of the camps of the armies occupying
Germany sometime after 1945”
5. A Correct Quotation
We trained hard but it seemed that every
time we were beginning to form up into
teams, we would be re-organised.
I was to learn later in life that we tend to
meet any new situation by re-organising; and
a wonderful method it can be for creating the
illusion of progress while producing
confusion, inefficiency and demoralization."
Gaius Petronius Arbiter (Not!)
6. • Most Black and White Documents
could benefit from colour. research
has shown that colour helps us to
understand, retain and recall
information. It also increases our
willingness to read a document.
In these ways colour helps to
promote ideals, sell products
and increase profits.
7. • Most Black and White Documents
could benefit from colour. research
has shown that colour helps us to
understand, retain and recall
information. It also increases our
willingness to read a document.
In these ways colour helps to
promote ideals, sell products
and increase profits.
8. • Most Black and White Documents
could benefit from colour. research
has shown that colour helps us to
understand, retain and recall
information. It also increases our
willingness to read a document.
In these ways colour helps to
promote ideals, sell products
and increase profits.
9.
10.
11. THE Facts about Privacy
• Many people know the facts about
privacy and security – regardless of
whether the facts are right or wrong
• The facts always support and justify a
particular position or action
• It’s a wonderful subject for lengthy
debate and thus can be used to avoid
action and responsibility
12. For Today’s Discussion...
• Privacy means an individual' interest in
s
(limiting) who has access to personal
health care information (HIPAA Privacy Rule)
• Privacy is a legal issue
– Not an IS/IT issue
13. For Today’s Discussion...
• Security means the protection of data
against unauthorized access
• Security is an IS issue
– In the sense of information created and
stored in computers
14. Are Privacy & Security Issues?
An emphatic YES!
• The privacy issues have not changed significantly
from ‘pre PC’ Days
But
• The ability to breach
privacy is significantly
higher
– Unlike the good old days
information can be accessed
from anywhere in the world
– And be sent around the world
in seconds
– And in three years time 50%
of all “information” will be
accessed from offsite.
15. As a Starting Principle
• Auckland Regional IS Strategic Plan notes that
– "Reasonable measures will be put in place to
ensure that people’s information is managed in
accordance with the Health Information Privacy
Code, the NZ Privacy Act, and health information
policies developed by the DHBs"
• The RISSP defines Reasonable as
– "finding an appropriate balance between the
interests of the individual, the practicality
of the use of the system and the cost of
implementing the measures"
16. Health Information Privacy Rules
• Rule 1: Purpose of collection of health information
• Rule 2: Source of health information
• Rule 3: Collection of health information from individual
• Rule 4: Manner of collection of health information
• Rule 5: Storage and security of health information
• Rule 6: Access to personal health information
• Rule 7: Correction of health information
• Rule 8: Accuracy etc of health information to be checked before use
• Rule 9: Retention of health information
• Rule 10: Limits on use of health information
• Rule 11: Limits on disclosure of health information
• Rule 12: Unique identifiers
18. (un) Reasonable Measures
• “It is people who must taken on the
responsibility for ensuring privacy”
• Trust Us..
19. Reasonable
• You must have processes, procedures
and security in place to prevent
breaches
• All parties must be aware of their
responsibilities and obligations
• Balanced by practicality and cost
22. News CIO’s don’t want to hear
• The system is down
• The data is lost, corrupted, false, can’t
be recovered etc etc
• We’ve been hit with a worm, virus or
Trojan
• The Board would like....
• The Commissioner has a couple of
queries