View this email in your browser

why privacy?

Privacy is an integral part of the foundation of trust between patients and providers.  If individuals feel their sensitive personal health information will be mishandled in a way that could cause them harm or embarrassment, they may be less forthcoming with details that could assist in their care.  It’s the goal of the NSHA Privacy Office to ensure that does not happen.


What are “privacy” and “confidentiality”?  The two terms are often used interchangeably, and while they definitely go hand-in-hand they have different meanings.  Privacy is the right of the individual to control their own information, including its collection, use and disclosure.  Confidentiality is the obligation of an organization or individual to protect that information from misuse, to maintain its secrecy and to ensure it is not wrongfully disclosed. All NSHA employees have the obligation to ensure patient information is kept confidential.


The Personal Health Information Act (PHIA) is the Nova Scotia Legislation that governs the collection, use, disclosure, retention and destruction of Personal Health Information (PHI) by a custodian like NSHA.  PHIA balances two objectives:  upholding the privacy rights of individuals while meeting the information needs of custodians to provide, support and manage health care.  “Need to know” and “minimum amount” are core tenets of PHIA.  “Need to know” means only those who need to use specific PHI to carry out their role should do so – if it’s not part of your job you shouldn’t look.  “Minimum amount” means even if you have a need to use someone’s PHI to do your job, you should only use the smallest amount possible to complete the task at hand.


When these two principles are contravened, we have a privacy breach, which is an incident where PHI is lost, stolen, or subject to unauthorized access, use disclosure, copying or modification.  Breaches are usually non-intentional and often preventable.  Examples include misdirected faxes, emails and test results; unsecured documents; overheard conversations; inappropriate sharing of PHI with others; and intentional snooping into patient records.

What do you do if faced with a breach?  There are four crucial steps:

  1. Contain the breach – stop the unauthorized practice, retrieve missing or misdirected materials, shut down the affected IT asset, and revoke access to PHI.
  2. Investigate – report the breach to a manager and Privacy Officer.  The Privacy Officer will assess the severity, determine the root cause, and make containment and notification recommendations.
  3. Notify – breaches of PHI require external notification.  Patients must be notified at the first reasonable opportunity if there is potential for harm or embarrassment to the individual.  Otherwise NSHA notifies the Office of the Information and Privacy Commissioner.
  4. Prevention – once the situation is addressed, a review of what happened and why should lead to preventative measures being put into place e.g. training for staff, security audits, moving of printers/faxes, etc.

more from NSHEN


New Fireside Chat


Ethical Issues in Relation to Trans Healthcare

Ethical Issues in Relation to Trans Healthcare
with Gabriel Enxuga, Advocate

Clearing the Haze: Addressing Health Ethics Questions Raised by Legalization of Cannabis

The full video recording of this session is now available for viewing.

Conference program and presentations are also available.


Ethics After Hours


Unrest – The Movie


Unrest Discussion Page

Jennifer Brea is about to marry the love of her life when she’s struck down by a fever that leaves her bedridden. When doctors tell her “it’s all in her head,” she turns her camera on herself and her community as she looks for answers and fights for a cure.


New Fireside Chat


Ethics in Genetic Counselling


Ethics in Genetic Counselling with Erika Aberg, Genetic Counsellor, Maritime Genetics Service, IWK Health Centre

Video discussion regarding perception of ethical issues in genetic testing and the importance of exploring the patient’s values.

Health Ethics Case Database

Recently updated with new cases!

Check it out here

Case Database

Want to change how you receive these emails?
Email the administrator with unsubscribe in the message.


Want to change how you receive these emails?
Email the administrator with unsubscribe in the message. 


This email was sent to <<Email Address>>
why did I get this?    unsubscribe from this list    update subscription preferences
Nova Scotia Health Ethics Network · 5849 University Ave · Rm C313, CRC Bldg, Po Box 15000 · Halifax, NS B3H 4R2 · Canada

Email Marketing Powered by Mailchimp