CMPA Member Advice: Nova Scotia, Privacy and Confidentiality Obligations
Nova Scotia’s Privacy Commissioner, Catherine Tully, has signalled that her office will increase scrutiny of physicians – specifically those in private practice – around issues of transmission of personal health information and notification of privacy breaches throughout 2017.
This increased focus follows the release of the Investigation Report IR16-02 Nova Scotia Health Authority and Private Practice Physicians in November 2016. The Report examined three privacy breaches in which mental health referral forms were mistakenly faxed to a private business. In her findings, Commissioner Tully called for improvements in the transmission of personal health information and encouraged Nova Scotia health custodians to adhere to the following best faxing practices.
Best Faxing Practices: Office of the Information and Privacy Commissioner for Nova Scotia
- Develop a systematic approach for sending faxes, document it and communicate it with all staff. Normally, this will include identifying one person designated to send faxes.
- Enter the Clinic’s correct fax number into the fax machine’s pre-sets and send a test fax to the Clinic.
- Set a reminder to conduct biannual reviews to be sure the Clinic’s fax number hasn’t changed.
- Use cover sheets when sending faxes.i
Understand Your Privacy Obligations
The CMPA has a number of articles and resources to help you understand and adhere to your privacy obligations.
We encourage all members to review and follow the tips to mitigate risk detailed in the above resources. We also invite our Nova Scotia members to examine the Privacy Rules and Policies applicable to Nova Scotia health custodians.
If you have specific questions about your obligations, please contact us via web mail through your secure member portal (Login required. Visit the My Membership page for information about web mail) or call us at 1-800-267-6522.
- Tully C. Investigation report IR16-02 Nova Scotia Health Authority and Private Practice Physicians. [Internet] Halifax (NS): Office of the Information and Privacy Commissioner for Nova Scotia; 2016 Nov 23. [cited 2017 January] 27 p. Available from: https://foipop.ns.ca/sites/default/files/reports/IR16-02%20OIPC%20%282016%20November%2023%29.pdf