HISA produces guide to protecting health information
The Health Informatics Society of Australia (HISA) has released a new guide to protecting personal health information covering privacy, security and confidentiality requirements with advice applicable to all healthcare settings.
Inspired by the guidelines produced by Canada's health informatics association COACH, the 300-page Australian Guidelines for the Protection of Health Information is aimed at all Australian healthcare organisations and is based on international best practice.
The publication has been edited by three leading Australian privacy and security experts: Edith Cowan University associate professor Trish Williams, Extensia CEO Emma Hossack and cyber security and IT expert Peter Croll.
HISA says that in conjunction with applicable privacy legislation, security standards and information protection best practices, the guidelines form part of a privacy and security framework designed to support the appropriate use and protection of personal health information (PHI).
The publication has four main objectives:
- To educate healthcare professionals and organisations about the privacy rights of their subjects of care
- To assist healthcare professionals and organisations to minimise the risk of inappropriate, insecure, or unauthorised collection, use, disclosure, modification, storage, or destruction of PHI
- To assist healthcare professionals and organisations to maximise the integrity, availability, and confidentiality of PHI, and the efficacy of administering authorised access
- To assist healthcare professionals and organisations to design and implement programs to protect the privacy and security of personal health information.
HISA CEO Louise Schaper said the guide was essential to reducing risk for healthcare organisations and the advice applicable to all healthcare settings.
“There is advice on the need to protect and foster trust, organisational transparency and accountability, managing consent, security safeguards and quality,” Dr Schaper said.
“The new 13 Australian Privacy Principles (APPs) are addressed and we also cover considerations when implementing electronic health records.”
She said the publication offered ways to identify gaps and enhance existing practices and safeguards and also to be a tool for advancing education and awareness. It includes discussions on new privacy laws, technologies, threats and risk management.
The publication will be updated regularly by a panel of Australian national and international experts to reflect the latest knowledge in the field.
Dr Schaper said HISA was indebted to the vision and collaboration of COACH, whose guidelines form the basis for the HISA publication.
Australian Guidelines for the Protection of Health Information: Protecting Health Information is Everyone’s Business is available for purchase online from HISA.
Posted in Australian eHealth