Understanding how your information is stored, accessed, shared and protected with digital health is an important part of being an engaged partner in your health care. Here are five top things to know about how privacy is at the forefront of digital health, and what role you play.
- Those that collect your health information are subject to laws
- The information in your health record is yours
- Your information is collected once and, where authorized, may be used multiple times
The health care providers and organizations that collect your information are subject to health information privacy or e-health laws in the jurisdictions in which they provide services. These laws require personal health information to be protected with proper security; they also require procedures, policies and training programs to be in place for those using digital health systems.
While the information is held by someone other than yourself, the information in the record(s) is yours and you have the right to access it. However, the physical record(s) is the responsibility of the person or organization that created it.
The new digital health world also means there are more ways for you to participate in managing your health. For example, you might use an application on a personal mobile device to monitor a medical condition (e.g., blood pressure) or to record lifestyle activities (e.g., diet). This means that you may also be involved in collecting, managing and/or sharing your personal health information.
Digital health involves creating a network of systems to securely hold and share health information with authorized care providers. It also may mean your information is collected once by your doctors, hospitals, clinics, etc. in digital health systems and used for a number of authorized purposes, such as:
- Providing or informing decisions about your care
- Paying for the services
- Analyzing de-identified data for health system purposes
Your privacy is respected and your personal health information is protected by digital health systems through technical and legal means. For example:
- At a technical level, digital health systems include functions that record what changes were made to a record, by whom and when. This means that you or an auditor can determine who accessed your record and when. This type of auditing, which is not possible with paper records, can help identify unauthorized viewing of personal health information and assist investigations into privacy breaches.
- From a legal perspective, health information privacy laws make sure you have someone to call – an organization’s privacy officer or the jurisdiction’s Privacy Commissioner – if you have concerns that your privacy has been breached. The laws also include strong measures that can be taken if people inappropriately access personal health information.
Canadians are increasingly using applications or “apps” to collect information, connect with health care providers and share information with family and friends about their health and lifestyle. This means that you also play a role and have a responsibility for ensuring your privacy is protected and your information is kept secure by:
- Knowing what personal health and lifestyle information the apps are collecting and sharing
- Being aware of the security settings of these applications
- Keeping mobile devices safe and their security features up to date
- Knowing where the information is being stored and how it is being used
- Being confident that the family and friends you are sharing information with will respect your privacy and treat the information appropriately.
Note: Canada Health Infoway does not collect or hold any personal health information.