Privacy Compliance for Clinics in Alberta

  • Updated

Alberta’s Health Information Act governs how clinics collect and use electronic health information. Under HIA Section 60, clinics who act as custodians of health information have a “duty to protect health information.” Juvonno can help clinics act as trusted gatekeepers of the health information collected and stored.

Privacy Impact Assessment

The first thing Alberta clinics need to complete is a Privacy Impact Assessment.

What is a Privacy Impact Assessment (PIA)?

(PIA) is a process that assists custodians in reviewing the impact that a new project may have on individual privacy. The process is designed to ensure that the custodian evaluates the program or scheme to ensure technical compliance with the Health Information Act as well as assessing the broader privacy implications for individuals.

Privacy Impact Assessment Requirements

HIA’s Duty to prepare privacy impact assessment:

  • HIA Section 64(1): Each custodian must prepare a privacy impact assessment that describes how proposed administrative practices and information systems relating to the collection, use and disclosure of individually identifying health information may affect the privacy of the individual who is the subject of the information.

  • HIA Section 64(2): The custodian must submit the privacy impact assessment to the Commissioner for review and comment before implementing any proposed new practice or system described in subsection (1) or any proposed change to existing practices and systems described in subsection (1).

Tips for PIA Submission:

  • Submit PIA Questionnaire before implementing Juvonno.
  • Include Juvonno’s Privacy Policy and Terms & Conditions as your Information Management Agreement with Juvonno. These are the agreements you enter into when starting up with Juvonno.
  • Submit your PIA Questionnaire with a cover letter from the head of your practice/clinic.
  • Submit an updated PIA Questionnaire anytime you change systems for collection and disclosure of health information.

In addition to the PIA, you’ll want to understand the features in Juvonno that will help you protect the health information of your patients/clients.

Quick List of Juvonno’s Privacy Controls for Alberta

Juvonno comes with many technical features to help Alberta clinics meet HIA requirements.

  • Privacy guarantees via Privacy Policy and Terms & Conditions

  • Charts are locked and timestamped

  • User Type Access controls - Juvonno account owner chooses which staff what access to what information in Juvonno.

  • Unique passwords - all Juvonno users are required to login individually, and all of their behaviour in Juvonno can be identified. Passwords are also easily reset for the highest level of security.

  • Behaviour tracking - Clinic owners can audit their Activity Log in Juvonno and view all activity for all users or filter the report to see what health information a particular staff member accessed over a specific time frame.

  • Administrative, physical, and technical safeguards

  • Juvonno securely stores health information in secured SOC2 Type2-certified data centers, and all data is backed up regularly on secondary servers.

  • Search and tag health information for easy retrieval

  • Flexible charting to meet regulatory requirements

  • Controlled disclosure and sharing of health information between practitioners

Was this article helpful?

1 out of 1 found this helpful