The Osgoode Certificate in Privacy Law and Information Management in Healthcare
2020-01-27 @ 8:00 am – 5:00 pm
Maintaining adequate privacy around health information is a core priority of patients, medical institutions and professionals, software vendors, and clinical researchers. A web of regulatory instruments and best practices have developed to protect sensitive medical data. These ensure that only those who require access for treatment or research purposes are able to view this most personal category of private information. Failure to adopt adequate protective initiatives can leave patients vulnerable to the loss of highly sensitive personal information and medical organizations liable for breeches that can lead to class actions and a loss of trust by their patient populations.
If you are a healthcare risk manager, privacy officer, director of care/professional practice, a lawyer advising on privacy and information management issues, nurse or nurse educator, it is critical that you have a current understanding of the key issues and how to deal with them. Or, if you are involved in healthcare IT or software, you should be able to understand the complex regulatory web and your clients’ needs. Designed by an expert multidisciplinary faculty, the Osgoode Certificate in Privacy Law and Information Management in Healthcare will explore the range privacy interests that must be protected in the day-to-day treatment of patients, the development of information systems and the creation of institutional policies. It will provide practical strategies for complying with regulatory and contractual obligations and designing viable procedures for governing health data systems and partnerships.
Over the course of one week, comprised of instructional sessions and practical, hands-on learning, get up-to-date on topics, including:
- Demystifying the regulatory landscape: PHIPA, PIPEDA, MFIPPA, FIPPA and other targeted or sector-specific laws (such as Public Hospitals Act, Mental Health Act, Health Protection and Promotion Act, Long-Term Care Homes Act) and Privacy Act
- Strategies and tactics for lost or stolen devices, including best practices for storing data
- Responding to privacy breaches
- Creating effective consent directives
- Managing data sharing agreements with vendors and other patient services
- Best practices for effective data management and ensuring data integrity
- Determining and minimizing risk: medical devices and other sources of patient information
- Conducting privacy impact assessments
- Managing threat risk assessments
- Understanding how to meet audit requirements and managing the costs of data verification
- Guidelines for cross border data sharing (particularly in cloud-based services)