By Date

Health Sector Privacy Officer Training 2017

Health Sector Privacy Officer Training 2017

 Here are the details you’ve been asking for!

 

June 6 (in person in downtown Toronto or via webcast, your choice) +

Weekly/biweekly teaching sessions, resources & online community to end of 2017

                                                                                                                                        

As health care organizations and providers, your privacy practices are under scrutiny from your patients, residents or clients (and their families), the courts, the media and the Information and Privacy Commissioner of Ontario (IPC/O). Attorney General prosecutions are underway under the Personal Health Information Protection Act (PHIPA), and class actions have been filed in the courts. This year, Bill 119 amended PHIPA in numerous important ways (including doubling the fines to up to $100,000 for individuals and $500,000 for organizations and requiring reports to the IPC/O of certain privacy breaches and reports to regulatory Colleges).

 

This course focuses on Ontario legislation, but is of value to any health sector Privacy Officer. It will give you confidence in your role by giving you the information and skills you need to succeed as a Privacy Officer or as:

 

  1. A Chief Information Officer
  2. A person with a Privacy Officer reporting to you, or
  3. If you advise organizations that are subject to health privacy requirements or create related health policy

 

You receive:

  • A full day session in downtown Toronto (or via webcast, the choice is yours) where we will launch the community and tackle some of the tough issues
  • An additional weekly or biweekly set of webinars, videos, resources and intensive instruction from a leading legal educator in the field, most in real time
  • 30+ hours (up from the previous course that was 20 hours) with flexibility to learn at a pace that works for you, and with the support of a community
  • The most current information on privacy practices and expectations for health care organizations
  • Practical and dynamic skills training for adult learners using scenarios, stories, quizzes and practical applications for your environment
  • Sample tools to adapt to your organization for your everyday use, including these templates:
    • Privacy program checklist and document checklist
    • Privacy policies
    • Annual confidentiality pledge for all staff, students, volunteers and researchers
    • Privacy communiques (to customize and circulate as evidence of your due diligence)
    • Board update on privacy
    • Privacy impact assessment resources
    • Privacy breach checklist
    • Privacy breach notification/script
  • A privacy library
    • The primary Ontario privacy resource – “Guide to the Ontario Personal Health Information Protection Act: A Practical Guide for Health Care Providers” (H. Perun, M. Orr, F. Dimitriadis, Irwin Law, 2005)
    • Online resources compiled for you, so you do not have to search them out yourself
  • Strategies to assist you to work through your organization’s documents
  • A report card you complete at the end of the course to share with your Board or supervisor to demonstrate your organization’s privacy compliance status and privacy priorities (or gaps, if any)
  • A letter outlining the training you have received, for your organization’s due diligence

 

LOCATION – June 6, 2017 St. Andrew’s Club and Conference Centre at 150 King St W., 27th Floor, Room L2, Toronto, ON (King St. W. and University Ave.) http://www.standrewsclub.ca/  (Or via webcast)

 

WHY DID WE CHANGE THE COURSE FORMAT?

 

Some of you have said that travel at this time of year is tough, and/or that you welcome online opportunities, and that you love the community and problem-solving that comes with a membership that extends beyond a day a month for three months (the previous format). We have passed on that savings to you, and are pleased to offer new and interactive ways to learn where you get what you need.

 

COVE ACADEMY

 

Cove Academy is a new and innovative training platform. Our lead trainer in the course is Mary Jane Dykeman, a Principal of Cove Academy and lawyer at DDO Health Law. We bring experience, humour and vitality to each training session. We work with health care organizations across the continuum of care (from primary to quaternary care, community and social services, academic centres, as well as children’s, seniors’ and mental health and addiction providers). We know exactly why PHIPA was drafted as it was, the nuance of PHIPA’s application within your environment, and the common and complex issues Privacy Officers and others working in privacy face daily. We have developed scenarios that will resonate with you.

 

WE WILL COVER:

  1. Recent developments, risk management and due diligence (Day 1 session and throughout the course as new orders and decisions of IPC/O arise)
  2. The privacy basics, including general limiting principles and collection rules
  3. Privacy compliance overview
  4. Creating and reinforcing a culture of privacy
  5. Security & safeguards, including the ins and outs of audits and increasing number of shared systems
  6. Consent and capacity in the PHIPA context
  7. Secondary Uses and Disclosures
  8. Disclosure to third parties
  9. Who is the health information custodian?
  10. Privacy breach investigation & response
  11. IPC/O orders and decisions – what you need to know
  12. How to create and show due diligence
  13. Attorney General prosecutions – what we know so far
  14. Dealing with the media
  15. Tips for training staff whether you are a large or small health information custodian
  16. Circle of care and lockbox
  17. Access & Correction
  18. Special rules related to children
  19. Special rules in mental health settings

Q&A – What keeps you up at night?

Q&A – What keeps you up at night?

Overwhelmed? Don’t know what you don’t know?

By signing up for this course, you will confidently be able to:

 

  • Understand basic privacy terminology such as: personal health information (PHI); health information custodians (HICs); agents; collection, use, and disclosure; circle of care & lockbox; privacy impact assessments (PIAs); and threat risk assessments (TRAs)
  • Explain the rights individuals have to privacy
  • Identify the basic “consent rules” of privacy and the exceptions to those rules
  • State the situations where your organization can collect, use and disclose PHI with and without consent
  • Understand the role of the IPC/O
  • State the possible consequences for privacy breaches and poor privacy practices with knowledge of current cases and referrals for prosecution
  • Identify the 7 main sources of the privacy laws, rules and best practices in Ontario
  • Use our 15 point Privacy Program Checklist to evaluate how well your organization is doing with its own privacy compliance and present an update to your Board
  • Articulate a strategy for your organization’s privacy program launch or refresh
  • Organize your privacy binder/electronic folder by using our Privacy Program Documentation Checklist
  • Launch or refresh your orientation program for new staff, students and volunteers to include:
    • Privacy policies (samples provided)
    • All staff training (in-house training is an optional extra service option we can provide to you)
    • Confidentiality pledge (sample provided)
    • Board training (customizable PowerPoint provided)
  • Launch or refresh your privacy program to include:
    • Timelines for updating privacy policies
    • Schedule for annual training
    • Annual confidentiality pledge (sample provided)
    • Email reminders/newsletters to all staff on a regular basis (subscription is an extra service option available to receive monthly emails to send to all staff)
    • Follow up with all staff if there is a privacy breach
    • Random audits (messaging to staff, frequency and scope)
    • Respond to common challenges in engaging staff, physicians, students and volunteers
  • Identify the 3 categories of safeguards under PHIPA: physical, administrative, and technological; and common examples of how to protect the PHI you hold
  • Read and understand a PIA and TRA
  • Determine when you can conduct your own and when to solicit an external PIA or TRA
  • Conduct random audits of an electronic health record system and identify suspicious activity
  • Identify and respond to the areas of greatest risk for health care organizations
  • Differentiate between express consent, implied consent and no consent
  • Understand the difference between consent and notice
  • Understand who can make substitute decisions and under what circumstances (especially for young children, incapable adults or deceased persons)
  • Explain the circle of care to patients and staff
  • Identify the key opportunities and issues of concern with shared care models (such as HealthLinks)
  • Explain a lockbox to patients and staff (brochure and information sheet provided)
  • Identify what a lockbox looks like in an electronic health record
  • Provide sample language to your clinicians for communicating with external health care providers when there is a lockbox restricting disclosure
  • Explain to patients and staff when you need patient consent to engage in an activity and when you do not
  • Strategize within your own organization about who is authorized to engage in secondary uses and disclosures – and who is not
  • Identify the key opportunities and issues of concern when participating in large health sector quality, efficiency and reporting initiatives
  • Understand the key elements of a data sharing agreement
  • Identify a situation when you are being asked to be a health information network providers and understand the responsibilities of fulfilling that role and potential consequences of failing to meet those responsibilities
  • Process simple access and correction requests (and identify situations where you need expert advice)
  • Address individual requests for access to “family records” where there is a single record for multiple patients (e.g. in some counselling settings, or in situations where information about a newborn remains in the mother’s record)
  • Identify key situations where your organization is required by law to disclose PHI (mandatory disclosures)
  • Avoid an order for deemed refusals of access
  • Respond to common complicated situations in third party disclosure, with or without consent, including:
    • Parents, Insurance companies, Lawyers and courts, Regulatory bodies: Workplace Safety and Insurance Board, College of Physicians and Surgeons of Ontario and other health regulatory Colleges, Ministry and health sector partners (including for anonymized data), Police, Children’s aid societies, requests for records to be brought to court and/or for evidence to be given (including the nuance for mental health records)
  • Conduct your own privacy breach investigation
  • Determine when to ask for an external investigator to complete an investigation
  • Notify affected patients in the case of a privacy breach
  • Write a privacy breach report
  • Anticipate how to work with the IPC/O
  • Manage common questions from the media
  • Determine the level of detail to share with other staff not involved in the breach
  • Determine the appropriate disciplinary consequences for a privacy breach
  • Update your policies and privacy practices to reflect these new developments

 

Testimonials

Here’s what previous registrants had to say about the 2015 and 2016 versions of this course:

  • The instructors and team . . . are healthcare privacy experts and this course is a valuable resource for all healthcare Privacy Officers. The training provided me the knowledge to transition into my new role confidently.
  • I really appreciated the templates! As an ED who wears many hats, this was a huge time saver and plus gave me the relief that we have in place what we need now.
  • The tools were excellent. We are developing a privacy framework in this LHIN with consultants but internally I also needed help to emphasize the importance of privacy.
  • Liked it all, but what really made this course different was that the trainers are actually the subject matter experts and as such, questions could be answered in depth.
  • The depth of knowledge and hands on experience of the trainers is what makes this training superb.
  • The instructors were very knowledgeable and because it related to healthcare, very relevant. Was great to have feedback from other health organizations.
  • Real life examples go a long way to proving how real privacy issues are and the consequences for them.

Health Sector Privacy Officer Training Spring 2016

Spring 2016  – 3 Full Days

April 12, May 10 & June 14

The privacy practices of health care organizations are under increasing scrutiny from patients (and their families), the courts, the media and the regulator, the Information and Privacy Commissioner of Ontario (IPC/O). As Privacy Officer, it is your job to ensure your organization is compliant with privacy laws and IPC/O guidelines. Whether you are new to the Privacy Officer role or are a seasoned privacy professional, you may wonder whether you have the latest information to do your job properly.  You may have already discovered that it is not enough to know the technicalities of the law; it is also important that you understand the spirit of the legislation and how to apply the law to specific and sometimes difficult situations.

This is the only course of its kind in Canada.

This course will give you confidence in your role by giving you the information and skills you need to succeed as a Privacy Officer.

You receive:

  • 20 hours of intensive instruction from leading legal educators in the field
    • 3 full day sessions each available in person in downtown Toronto or via webcast
  • Reassurance that you have the most current information on privacy practices and expectations for health care organizations
  • Practical and dynamic skills training for adult learners using scenarios, stories, quizzes and assignments
  • Sample tools to adapt to your organization for your everyday use, including (and many more):
    • Privacy program checklist
    • Privacy policies
    • Privacy breach checklist
    • Privacy breach notification
  • A privacy library
    • The primary Ontario privacy resource – “Guide to the Ontario Personal Health Information Protection Act: A Practical Guide for Health Care Providers” (H. Perun, M. Orr, F. Dimitriadis, Irwin Law, 2005)
    • Online resources are compiled for you in a few downloadable PDFs so you do not have to find the resources yourself and print them individually
  • A reading list to prepare you before each session
  • Homework to assist you to work through your own organization’s documents
  • A report card you complete yourself at the end of the course to share with your Board or supervisor to demonstrate your organization’s privacy compliance status and remaining privacy gaps, if any
  • A letter outlining the training you have received, for your organization’s due diligence

While we focus on Ontario legislation – this course is of value to any health sector Privacy Officer.

For more information – click on the title “Health Sector Privacy Officer Training” above. And for even more information, contact Franca Latino by phone at: 416-967-7100 x 242  or by email at: flatino@ddohealthlaw.com

Legal Issues for Family Health Teams – Monthly Teleconference 2016

DDO Health Law runs a monthly call-in program to discuss legal issues facing family health teams (FHTs). These calls are for Executive Directors, Lead Physicians and human resources personnel for FHTs and family health organizations (FHOs)/family health networks (FHNs).

What are the topics for 2016?  (Note: If the date has passed, a recording of the session may be available)

  • January 7 – Managing an older workforce/dealing with employees past retirement age
  • February 4 – Providing services to kids and youth
  • March 3 – Providing services to the elderly
  • April 7 – Pros and cons of becoming a charity
  • May 5– Privacy updates (including managing staff who are also patients)
  • June 2 – Emergency preparedness
  • July – no call
  • August – no call
  • September  8 – Managing difficult situations involving patients and families
  • October  6 – Investigating complaints against physicians who are not employees
  • November  3 – Mental health 101
  • December  1 – Social media and the law 

    Monthly calls are scheduled over the lunch hour from 12pm – 1pm on the first Thursday of the month. There are no calls scheduled for July or August.

Why join?

  • You will hear from legal experts who understand FHTs (and your relationship with your FHOs/FHNs)
  • You get 10 monthly calls on  the latest legal topics and trends affecting FHTs
  • You will have a chance to ask questions and share stories with your FHT colleagues
  • Your FHT will receive a 10% discount on all in-service training by DDO Health Law in 2016
  • You can be added to our email list to receive legal updates as they happen
  • The calls are exclusively for FHTs – so you know you are getting information relevant to your day-to-day work
  • You can have as many people from your FHT and affiliated FHOs/FHNs (physicians) on each call – the flat fee is per FHT

What is the cost? and how do I sign up?

There is a flat fee for an annual subscription. Fees are per FHT. Please contact Franca Latino at flatino@ddohealthlaw.com for details about this program, fees and how to sign up or if you are having technical difficulties on the day of a session.

Ontario’s Health Statutory Context

Interested to see a one-page summary of the laws that apply to health care organizations in Ontario?  Click the title for a PDF copy of “Ontario’s Health Statutory Context”.

Mental health comes out of shadows (The Lawyers Weekly)

Mary Jane Dykeman wrote a piece “Mental health comes out of shadows” for The Lawyers Weekly Health Law Focus. Click title for PDF version.

 

Proposed Changes to PHIPA through Bill 119 Blacklined – Not Official Copy

PROPOSED CHANGES TO ONTARIO’S HEALTH PRIVACY LEGISLATION

This week the Ontario government introduced Bill 119, which proposes to amend the Personal Health Information Protection Act, 2004 (PHIPA).  DDO Health Law has prepared a blacklined version of PHIPA so it is easy to see the proposed changes. Please click the title “Proposed Changes to PHIPA through Bill 119 Blacklined” above for a PDF version that you can download.

Caution: This is for general information purposes only and is not an official version.  These changes are not yet law and there may be further future amendments.  Please contact us if you have questions.

Mary Jane Dykeman  mjdykeman@ddohealthlaw.com

Kate Dewhirst             kdewhirst@ddohealthlaw.com

Kathy O’Brien             kobrien@ddohealthlaw.com

Employment Law Call-In Program for Health Care Organizations

DDO Health Law is proud to announce a new monthly call-in program dedicated to employment law issues for health care organizations.

This teleconference offers a cost-effective and convenient way for managers and human resources personnel for health care organizations to stay current on legal issues. You will learn how to save your organization money by avoiding the most common and costly mistakes in managing employees.

Topics for 2015/2016

  • September 29 – New developments in the enforceability of employment contracts
  • October 27 – Accommodating mental illness in the health care workplace
  • November 24 – New developments in 2015 on overtime and hours of work
  • December – NO CALL
  • January 26 – Termination of employment – pitfalls and solutions
  • February 23 – FAQs and practical answers on accommodating family responsibilities
  • March 29 – The Employment Standards Act – most common mistakes
  • April 26 – How to conduct a proper workplace investigation
  • May 3 – Recent cases on “just cause terminations”
  • June 28 – How to avoid age discrimination in the workplace

Monthly calls are scheduled over the lunch hour from 12pm – 1pm on the last Tuesday of the month.

Benefits

  • For one price, you get 9 calls on the latest legal topics and trends
  • You can have as many people from your organization on each call as you wish, the flat fee is per employer
  • The calls are exclusively for health care employers; the topics discussed come from our firsthand experience advising hospitals, long-term care homes, family health teams, community agencies, health charities and other health care organizations on their most common and costly human resources problems
  • The calls are designed for adult learners and use storytelling and scenarios to keep you interested
  • You will have a chance to ask questions and share stories with your colleagues
  • You can be added to our email list to receive legal updates as they happenThe teleconference is offered as a flat rate subscription per employer. The cost is $600 plus HST.

Cost

The teleconference is offered as a flat rate subscription per employer. The cost is $600 plus HST. Please contact Franca Latino at flatino@ddohealthlaw.com or 416-967-7100 x 242 for details about this program, fees and how to sign up.

Emergency Preparedness Program for Health Care Organizations

September 2015

At DDO Health Law, we understand your organization’s need to put in place a robust emergency management plan (including for some organizations, by September 30, 2015). We have developed a 12-step program to help you meet that deadline and then continue to prepare your organization in case of emergency such as fire, flood, or pandemic.  Our program reflects current best practices, including materials provided by at least one local health integration network to its health services providers. We have read all of these materials and pulled from them and other resources to determine current best practices — so that you do not need to.

DDO Health Law’s Emergency Preparedness Program offers your organization the comfort and assurance of:

  • Understanding the pillars of emergency management, including Prevention and Mitigation, Preparedness, Response, Recovery
  • Creating organization-specific emergency management plans to establish simultaneous response to fires and other emergencies
  • Effectively participating in system level preparedness and coordinating emergency response with other health service providers
  • Properly training team members in case of emergency
  • Identifying key gaps, including hazard identification and risk analysis
  • How to best communicate with your clients, their families, the public and the media

The DDO Health Law Emergency Preparedness Program provides you with:

  •  Dial-in series. You will be invited to take part in 5 phone sessions, scheduled in September 2015. We will provide you ahead of the calls a template plan, the 12 steps you need to take to be ready, and other templates and materials. Noon sessions are:
    • Thursday, September 3
    • Friday, September 11
    • Thursday, September 17
    • Thursday, September 24
    • Final session with open Q&A on Monday, September 28
  • Training materials. You will be provided template training materials for team members, including a training slide deck you can circulate before your Board signs off, even before you schedule an in-person session to walk your team through the training.
  • Admin on call workbook. DDO Health Law previously wrote an administrator on call workbook to help health care staff deal with various kinds of crises. It is the bedrock of emergency management. We will provide you a copy of this workbook, and a draft chapter specifically on emergency preparedness. We will also provide you a copy of the updated workbook once available, for your future reference.
  • Mutual aid/assistance agreement. This template agreement is ready to be used in the event that an emergency strikes your organization, and you need to quickly put into place legal arrangements to backfill services.
  • Briefing note for your senior leadership and Board. Written by DDO Health Law, it will state that you have signed up for and participated in the DDO Health Law program, have been provided with the materials described here, and that you have undertaken that you have “filled in the blanks” and taken the steps we’ll discuss in the dial-ins. As long you have done this, we are prepared to say that your organization is compliant and that your Board should feel assured that it can sign the M-SAA by September 30, 2015 as requested by at least one LHIN. For others who do not need a September 30 signoff, the materials and briefing note still serves as a baseline for your Board and shows a measure of your due diligence.
  • Board resolution. Template Board resolutions will be provided, both for those organizations that must meet the September 30 deadline, and a more generic one for those that do not.
  • Feel free to include whomever you wish on the dial-in. The flat fee covers any team members you want to have at your table to listen in and ask questions as you work through and finalize your plan and program.

Registration is $1,000.00 plus HST ($1,130). We accept Visa or cheques.

Fax to Franca Latino at (416) 967-7120; or call her at (416) 967.7100 ext. 242 to say you will register and how you will pay.

DDO HEALTH LAW

Mary Jane Dykeman and Kate Dewhirst are partners at DDO Health Law, a boutique health law firm in Toronto. They frequently advise on risk management issues relating to health care organizations premises, reputational risk, staff issues and other crises. Mary Jane was recently part of a fire safety emergency preparedness panel at the 2015 OANHSS annual convention. Mary Jane and Kate work extensively with community providers, large and small hospitals, community support services providers, disease associations, long-term care homes, family health teams, community health centres, retirement homes and other housing and health service providers.

Feel free to email or call Mary Jane Dykeman at (416) 967-7100 ext. 225 with any questions

Health Sector Privacy Officer Training

Fall 2015  – 3 Full Days

October 14, November 10 & December 8

The privacy practices of health care organizations are under increasing scrutiny from patients (and their families), the courts, the media and the regulator, the Information and Privacy Commissioner of Ontario (IPC/O). As Privacy Officer, it is your job to ensure your organization is compliant with privacy laws and IPC/O guidelines. Whether you are new to the Privacy Officer role or are a seasoned privacy professional, you may wonder whether you have the latest information to do your job properly.  You may have already discovered that it is not enough to know the technicalities of the law; it is also important that you understand the spirit of the legislation and how to apply the law to specific and sometimes difficult situations.

This is the only course of its kind in Canada.

This course will give you confidence in your role by giving you the information and skills you need to succeed as a Privacy Officer.

You receive:

  • 20 hours of intensive instruction from leading legal educators in the field
    • 3 full day sessions each available in person in downtown Toronto or via webcast
  • Reassurance that you have the most current information on privacy practices and expectations for health care organizations
  • Practical and dynamic skills training for adult learners using scenarios, stories, quizzes and assignments
  • Sample tools to adapt to your organization for your everyday use, including (and many more):
    • Privacy program checklist
    • Privacy policies
    • Privacy breach checklist
    • Privacy breach notification
  • A privacy library
    • The primary Ontario privacy resource – “Guide to the Ontario Personal Health Information Protection Act: A Practical Guide for Health Care Providers” (H. Perun, M. Orr, F. Dimitriadis, Irwin Law, 2005)
    • Online resources are compiled for you in a few downloadable PDFs so you do not have to find the resources yourself and print them individually
  • A reading list to prepare you before each session
  • Homework to assist you to work through your own organization’s documents
  • A report card you complete yourself at the end of the course to share with your Board or supervisor to demonstrate your organization’s privacy compliance status and remaining privacy gaps, if any
  • A letter outlining the training you have received, for your organization’s due diligence

While we focus on Ontario legislation – this course is of value to any health sector Privacy Officer.

For more information – click on the title “Health Sector Privacy Officer Training” above. And for even more information, contact Franca Latino by phone at: 416-967-7100 x 242  or by email at: flatino@ddohealthlaw.com

Legal Issues for Family Health Teams – Monthly Teleconference 2015

DDO Health Law runs a monthly call-in program to discuss legal issues facing family health teams (FHTs). These calls are for Executive Directors, Lead Physicians and human resources personnel for FHTs and family health organizations (FHOs)/family health networks (FHNs).

What are the topics for 2015?  (Note: If the date has passed, a recording of the session is available)

  • January 8th – Managing sick leave
  • February 5th – Tips for FHTs when a physician leaves the FHO (retirement/leave of absence/sick leave/other
  • March 5th – Procurement 101
  • April 2nd – Human rights law 101
  • May 7th – Governance tips and trends
  • June 4th – Real estate and leasing law
  • July – no call
  • August – no call
  • September 10th – Contracts 101
  • October 8th – Privacy Updates
  • November 5th – Overtime and Hours of Work
  • December 3rd – Consent to treatment 101 

    Monthly calls are scheduled over the lunch hour from 12pm – 1pm on the first Thursday of the month. There are no calls scheduled for July or August.

Why join?

  • You will hear from legal experts who understand FHTs (and your relationship with your FHOs/FHNs)
  • You get 10 monthly calls on  the latest legal topics and trends affecting FHTs
  • You will have a chance to ask questions and share stories with your FHT colleagues
  • Your FHT will receive a 10% discount on all in-service training by DDO Health Law in 2015
  • You can be added to our email list to receive legal updates as they happen
  • The calls are exclusively for FHTs – so you know you are getting information relevant to your day-to-day work
  • You can have as many people from your FHT and affiliated FHOs/FHNs (physicians) on each call – the flat fee is per FHT

What is the cost? and how do I sign up?

There is a flat fee for an annual subscription. Fees are per FHT. Please contact Franca Latino at flatino@ddohealthlaw.com for details about this program, fees and how to sign up or if you are having technical difficulties on the day of a session.

123