Canadian healthcare providers have often asked, do health applications advertised as “HIPAA-compliant” offer some legal assurance? Often, the answer is no. The Health Insurance Portability and Accountability Act, the main US law governing privacy and information security in healthcare, does […]
Many Canadian healthcare organizations are asking questions about using U.S.-based cloud service providers to manage services such as email and databases. Cloud service providers in the U.S. and public organizations in Canada often ask whether compliance with the Health Insurance […]
Recent Canadian initiatives suggest that mobile health applications can help integrate healthcare into individuals’ daily lives, by enabling remote communication between healthcare providers and patients. These first initiatives have revealed significant opportunities for healthcare, as well as important challenges to […]
Mobile health devices have extended the reach of healthcare by making it possible for clinicians to monitor patients’ health on a day-to-day basis, regardless of their physical location. These technologies have a great potential to improve care for patients who […]
Individual health practitioners and community health organizations usually have some awareness of privacy regulations and have developed a privacy policy, but may struggle to integrate privacy principles into their daily operations. Here are our answers to the question, “Where do […]
Privacy Impact Assessments (PIAs) are a key tool for demonstrating compliance with privacy laws. We outline our approach to basic institutional PIAs, as well as PIAs for multi-institutional or multi-jurisdictional data initiatives. The KI Design approach to a single institutional […]
Ontario’s Personal Health Information Protection Act (PHIPA) governs healthcare providers including general practitioners and group practices, long-term care facilities and community care access centres, hospitals, psychiatric facilities, and independent health facilities. PHIPA regulates the collection, use and disclosure of personal […]
