Board Policy CA-250: Protection of Confidential Health Information

Effective date: 2019-06-18

Purpose

The Board of Directors (the “Board”) of Vitalité Health Network (the “Network”) is committed to ensuring that systems, structures, and policies and procedures are in place to protect the confidentiality and privacy of patients and staff and thereby maintain public confidence in the Network.

This commitment includes the assurance that the framework governing the collection, utilization and communication of confidential information takes into account the legislation governing access to information and the protection of confidential information and allows ongoing improvement of the information management practices within the Network.

Definition

  • Confidential information:
    Includes, without being limited to, the following types of information:
    • Personal information (PI);
    • Personal health information (PHI);
    • Information of a sensitive nature and information that is confidential (e.g. administrative information noted in personal notebooks or agendas);
    • Human resources or payroll information;
    • Legal information;
    • Financial information.

Policy

  1. The Board is responsible for ensuring that mechanisms and structures are in place to effectively manage all aspects of access to, and the protection of, confidential information.
    1. The Board reviews the policies governing access to, and the protection of, confidential information and receives periodic monitoring reports from the senior management team.
    2. The Chairperson of the Board must inform the Minister of any breach of confidentiality committed by a Board member.
  2. The Board assigns the President and Chief Executive Officer the responsibility for developing and implementing all strategies, policies, and procedures designed to ensure that principles and practices governing access to, and the protection of, confidential information are integrated into all aspects of the Network’s philosophy, culture, and operational planning.
    1. The President and Chief Executive Officer must ensure that any hint of a failure to protect privacy or confidentiality is investigated in accordance with the Network’s policies on the protection of privacy and confidentiality.
    2. The President and Chief Executive Officer must inform the Minister of any serious breach of confidentiality or privacy by a senior manager, employee, or medical staff member or by non-employed or agent staff of the Network.
    3. The President and Chief Executive Officer must inform the Board as soon as possible of any breach of confidentiality with the potential to affect the Network’s reputation or the safety of its patients.