Question

How do you deal with the issue of confidentiality/ privacy in aged care?

Answer 1

Privacy and confidentiality, claiming that privacy is about controlling the access of health information that is required/desired by governments, institutions and individuals, whereas ‘many medical professionals, hospitals, insurers and other entities with access to health information regarding maintaining the confidentiality of medical communications and the security of medical records as paramount professional responsibilities. With regard to health information, confidentiality has been defined as ‘restricting information to persons belonging to a set of specifically authorized recipients.

1. Develop comprehensive patient privacy and confidentiality policy

If you intend to collect, store, and discuss sensitive patient information, according to Australian law, you must have a comprehensive confidentiality policy. Implementing a formal privacy policy doesn’t have to be complicated. For staff and allied health professionals, hold a meeting and ensure everyone understands what’s involved, giving staff clear protocols to follow when handling private information. Patients should be able to access your privacy policy online, but you may want to consider including a Privacy Policy sheet in your New Patient materials and emailing current clients a copy, explaining why and how it applies to them.

2. Ensure the confidentiality policy extends to partners

Speak to your healthcare partners and establish who has access to patient information, how will it be handled, and when it will be transmitted. The goal is not to control how they do things, but to ensure their confidentiality ethos aligns with the strict levels of protection you’ve implemented or plan to implement. This step can be as simple as a phone call to compare privacy policies and security setups, sorting out any divisions then and there.

3. Make sure all confidential information is stored within secure systems

With the ever-increasing volume of patient data being generated, clinics may face challenges in determining what types of data need to be collected and on what types of systems the data should be stored. Furthermore, and most importantly, look to invest in a cloud-based medical practice management platform that offers the highest level of security and protection. It is imperative to ensure that your cloud-based system is backed by an Australian Government-certified provider, such as Microsoft Azure.

4. Implement best practice IT security policies

There are some everyday tips that you can adopt to ensure that you and your team aren't inadvertently opening yourself up to a security threat, including:

• Encrypt and password-protect all laptops, tablets, and smartphones as these devices are highly susceptible to being lost or stolen.
• Enforce a workplace policy that requires complex passwords or phrases be used, containing a mix of letters, numbers, and symbols, as modern targeted password hackers can easily crack common passwords. Never share passwords among team members.
• Ensure your practice management system uses two-factor authentication.
• Protect against malicious software by ensuring that all computers and servers are protected by antivirus systems and are regularly patched and up to date.
• If you offer WiFi at your clinic, create two separate networks; one for your practice and another for your patients. This reduces the risks of potential breaches.