Read the confidentiality agreement matrix and frequently asked questions to determine which agreement(s) is right for your situation. Each NCP and/or clinic is unique and it is important that these models are tailored to reflect the type of data use and exchange in each situation. Details relating to the use of the data or the description of the services provided may be incorporated into the contract text or recorded in a separate schedule as part of the agreement. A Data Protection Impact Assessment (PIA) is a legal requirement for custodian banks. They must submit a PIA when considering new administrative practices or information systems that collect, use or disclose health information about identifiable individuals. This applies to changes in practices or systems (section 64 of the Health Information Act [HIA]). ICDO provides guidance on PIA requirements. (a) process, store, retrieve or dispose of health-related information; (b) provide information management or information technology services, in accordance with rules, tapes, coding or other transformations of individually identifiable health information into non-identifiable health information and (c) provision of information management or information technology services. As custodians of health data, physicians are responsible for protecting the privacy, confidentiality, and security of personal health information. Tools and policies have been developed to help custodians meet their data protection obligations and ensure compliance with the Health Information Act and the CPSA`s practical standards.
These include guidelines on the agreements that must be entered into for primary care networks when exchanging, transferring and using other health data on behalf of the custodian. Many doctors enter the office and share patient diagrams regardless of what happens with the recordings when one of their colleagues leaves or if there is a change in the direction/ownership of the clinic. When establishing/joining a clinic, physicians must ensure that they have an ISA, that an Information Sharing Agreement (ISA) in accordance with the standards of the College of Physicists and Surgeons of Alberta (CPSA) is the legal contract defining the rules and procedures for data management approved by the parties. Their personal data, which will be made available to Clay Pigeon Shooting Association Ltd [CPSA], will only be used for the purposes for which it was provided and for all subsequent relevant procedures….