The delivery of virtual health care has grown incredibly during the pandemic. Doctors, clinicians and patients have made good use of online communications technology as a substitute for in-person medical consultations.
It’s only appropriate that their privacy and security training is growing, as well.
Doctors, clinicians and other health care providers in Ontario now have access to information and education about the latest privacy and security developments in digital health and virtual care and how to use new tools safely and effectively.
Not only is there online information and structured training available year-round to virtual health care providers, there’s a special Digital Health and Virtual Care Day next month, featuring an agenda packed with privacy-related lectures, information sessions and a real-life case study from a physician who was hacked.
Despite some of the privacy challenges, tech-enabled virtual visits have allowed many patients to connect safely with their health care providers, at a distance, while relieving pressure on hospitals, walk-in clinics and other care facilities.
Ontario Health (OTN), operator of the provincial telemedicine network, realized about a 25 per cent increase in total active accounts in a single last month, from just over 41,000 to about 50,000. And direct-to-patient video visits rose from about 1,000 per day to about 10,000 a day.
Yes, the pandemic made much of this happen, but virtual care is also supporting non-COVID-19 related care delivery. The Ontario Virtual Care Clinic (OVCC) – at seethedoctor.ca — launched as a temporary resource for those who don’t have a family doctor or who are unable to access their doctor during the COVID-19 outbreak.
Now, it seems virtual care is here to stay: almost all Canadian physicians say they will continue to use virtual care after the pandemic, and 64 per cent say they will maintain or increase their use.
No matter what else it delivers, virtual care brings additional considerations for privacy and security that clinicians must be aware of to protect patient confidentiality and data.
In response to a demand for guidance, OntarioMD (OMD) and the Ontario Medical Association (OMA) have launched a new online Virtual Care Privacy & Security Training Module for Ontario physicians, other clinicians and their support staff.
(The OMD and the OMA developed the Privacy & Security Virtual Care Training Module with the support of Canada Health Infoway, a federal not-for-profit agency that supports the adoption of digital health solutions. The Ontario Virtual Care Clinic is a partnership between the OMA, OMD and OTN, with funding support from Canada Health Infoway, and technology provided by Novari Health, a Kingston, ON-based company that develops virtual care and e-health solutions incorporating 256-bit end-to-end encryption with all data secured in Canadian Microsoft Azure data centres.)
The training covers important topics such as obtaining and managing patient consent, as well as the development and implementation of privacy policies in the context of ongoing digital care developments and online virtual care activities.
“The Privacy & Security Virtual Care Training Module addresses an important need for physician practices during a critical period in care delivery,” said Ariane Siegel, General Counsel and Chief Privacy Officer at OMD. “Physicians need practical guidance on their regulatory obligations and how to select and use virtual care tools that best support their patients and their workflow. Training and best practices can help keep any data collected or exchanged during virtual visits private and secure.”
The training offers education for physicians to help them fulfill their role as what’s called health information custodians (HICs) under the Personal Health Information Protection Act (PHIPA) and comply with the Personal Information Protection and Electronic Documents Act (PIPEDA).
Meanwhile, the Information and Privacy Commissioner of Ontario has released new guidelines for the health care sector and the use of virtual care techniques and technologies.
Privacy and Security Considerations for Virtual Health Care Visits (a downloadable PDF) is available from the IPC; as well, a new provincial standard for virtual visit solutions and a verification process for telehealth technology platform vendors that meet described privacy and security criteria are also available, the latter from Ontario Health.
The Privacy Commissioner expects health care providers to take several steps to enhance privacy and security when providing virtual health care:
- develop and implement policies to address virtual health care delivery;
- notify patients about those virtual care policies;
- conduct privacy impact assessments on specific privacy and information security risks;
- ensure employees get up-to-date privacy and security training to reduce the risk of unauthorized collection, use and disclosure of personal health information (including specific guidance for those working from home); and
- have a protocol in place for responding to actual or suspected privacy breaches.
Recent events have shown that digital health and virtual care tools are incredibly important when in-person visits aren’t possible, and that managing patient information and health-related data safely is just as important.
“If there is one silver lining in this terrible pandemic, it’s that it’s pushing health care delivery everywhere into the 21st century. With the commitment of government and the passion of health system partners across Ontario, I think the cycle of innovation is just beginning, with many opportunities for new ideas ahead,” said Dr. Ed Brown, CEO, Ontario Health (OTN).