Clinical Information Sharing

Privacy and Security Training and Attestation

All physicians who use the Connect Care clinical information system (CIS) must complete InfoCare privacy awareness training and attest to its key expected behaviours:

Physicians who complete InfoCare training via MyLearningLink (MLL) but find that MLL does not credit them for completion (check online learning tips to minimize technical problems) should email helpmylearninglink@ahs.ca with the subject "Move InfoCare to Complete", stating in the body of the email that they completed the course, accept the attestation (as linked above) and request immediate course completion credit.

Information Sharing Compact

A Clinical Information Sharing Compact summarizes rights and responsibilities related to health information sharing that AHS and affiliated physicians agree to uphold:

Key physician responsibilities include:

      • Patient-Centred - Embrace and support information sharing for patient well-being and clinical improvement.

      • Provider Access - Care for and secure CIS personal access credentials, while keeping practitioner contact information current and accurate.

      • Patient Access - Respond to patient queries about CIS records and direct as appropriate to AHS information services.

      • Disclosure - Respond promptly when made aware of information disclosure needs, respecting patients’ expressed wishes.

      • Protection of Information - Be aware of and adhere to CIS information protections, and notify AHS when compromise or breach is suspected.

      • Information Use - Be accountable for the allowed use of CIS health, clinician and organizational information, while respecting the contributions of others.

      • Clinical Improvement - Identify opportunities for clinical and health system improvement, and collaborate to produce and use the information required.

      • Accuracy - Completely, accurately and promptly document within the CIS, heeding minimum use norms, and report possible errors.

      • Governance - Take advantage of opportunities to meaningfully participate in information-sharing governance structures, including reporting information-sharing issues for review.

Practices

Prescribers use tools and functions within the CIS to help comply with provisions of CISA, the Information Sharing Compact, organizational policy and health legislation.

Some tools are most commonly applied by registration staff to protect demographic, contact or billing information by changing a patient’s status to “confidential” or marking an encounter as “private”. Other tools are more commonly managed by nursing and other clinical staff to highlight unique information sharing risks that might occur with guardianship or visitor restriction situations.

There are also features to assist with information challenges such as release restrictions and identity theft. Although these issues are often managed through health information management, it is important for all Connect Care users to understand their role in applying and interpreting the associated warnings.

A few tools are more commonly used by prescribers. These mostly relate to extra privacy protections that a prescriber may need to leverage to facilitate patient trust, relationships or otherwise mitigate information sharing challenges. All are well explained in the resources listed below. Five are particularly important:

Patient Level - Confidential Patient

If turned on, this property applies to the entire Connect Care record including all outpatient, ER, inpatient and continuing care encounters. Identifiable information will not appear in patient lists and way-finding reports (i.e., all encounters are marked “private” automatically) and Break-the-Glass (BTG) protocols are applied to the record at the patient level. The Alberta Netcare Portal is set to match this state, expressed as global person-level masking with BTG required for any information access.

Physicians do not normally directly mark patient records as confidential. However, they can counsel concerned patients about how to submit a request, and their signature is required to support a request (see form listed in resources below).

Encounter Level - Private (Break-the-Glass)

If turned on for a specific encounter (e.g., outpatient visit, hospitalization), users need to re-enter their login credentials in order to access information related to the encounter or to open the encounter where Break-the-Glass (BTG) is in play. A reason for seeking access must be provided. All BTG accesses are subject to a BTG audit report.

Prescribers do not normally turn this encounter protection on as it does increase the risk that information will not be accessed as required for continuity of care. If confident about the relevant policies, BTG can be activated for an encounter by opening the patient chart to that encounter, then opening the FYI flags activity, either by activating the flag icon at the top of the StoryBoard (leftmost column of the opened chart) or by using the top-right Search function to look up "FYI". A BTG flag can be added with this activity. A reverse process is used to deactivate the BTG status associated with an encounter. Detailed instructions are available in the resources listed below.

Documentation Level - Sensitive Note

If turned on for a specific documentation object (e.g., progress note), then the associated documentation can only be viewed by users belonging to the same login department as the author, by users sharing the same specialty as the author and by the health information management access and disclosure team. The "sensitive" note property can be removed later if circumstances have changed. It cannot be applied to consult notes. Any note marked as sensitive will not be shared to Netcare.

A note is made "sensitive" by selecting the "Sensitive" button appearing at the top of eligible notes in Hyperspace note editing tools. The "sensitive" property can be removed by doing an "Addendum" to the note at a later time, then deselecting the "Sensitive" (lock) icon/button. The Notes tab in Chart Review includes a column with "Sensitive" or "Not Sensitive" showing the status of the listed notes.

Sensitive notes should be rarely used. Particular care is required to separately document information required for patient safety or continuity of care.

Guardianship & Information Access Flag

This is an important "FYI" flag that captures information pertinent to complex situations involving alternate decision-makers or restrictions about sharing patient information with certain members of the patient’s family or support network. This is relevant to prescribers who may be responsible for obtaining informed consent.

Release Restrictions Flag

This "FYI" flag appears when there is information captured in a patient’s record that should be reviewed prior to disclosure and where that information may not otherwise be reviewed (i.e., information about a confidential source of information that should not be disclosed to the patient). This is important to prescribers when they may have concerns that certain information would carry a safety or privacy risk to the patient or another individual if disclosed.

Resources

More Information