DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

Report of the Health Data Research Forum: Office of the Information & Privacy Commissioner for B.C. and the B.C. Ministry of Health

Posted on February 17, 2014 by Dissent

From the report:

On December 9, 2013, the Office of the Information and Privacy Commissioner for British Columbia (OIPC) and the B.C. Ministry of Health (MoH) convened a meeting of 38 representatives from the health research community and its stakeholders in British Columbia. The attendees were invited to come together to discuss and seek solutions on timely access to, and appropriate use of, health data under the stewardship of the MoH and health authorities for research, evaluation, planning and quality improvement while maintaining academic independence and enhancing privacy protections and security safeguards. Discussion included, but was not limited to:

  • The current state of health data access for research and health system innovation in B.C.;
  • Best practices for improving access to health data for research purposes;
  • Methods to ensure strong privacy protections and security safeguards; and
  • Principles for an improved future state with identified priority action items for continuous improvement.

Moreover, this forum built upon previous efforts to enhance timely and appropriate access to health data by identifying opportunities, barriers and solutions to health data access discussed in the OIPC’s Report of the Roundtable Discussion on Access to Data for Health Research – held on June 25, 2012 and the efforts of the MoH to implement recommendations following three recent health data breaches and the associated investigations. This report serves as the record of the discussions of the Health Data Research Forum held on December 9, 2013.

[…]

The key recommendations for the next 12 months to develop robust and enabling privacy and security frameworks include:

  • Reviewing the role of the Data Stewardship Committee (DSC);
  • Designing proportionate and tailored privacy and security framework;
  • Articulated and common principles within the GHISA and training for the principles and framework developed in the GHISA;
  • Standardized data request, review and approval process within health authorities;
  • Clearly identified roles and responsibilities for all parties involved;
  • Clarification on the “use for contact purposes” in the FIPPA S.35 (1)(a)(i);
  • Acceptable alternatives to encryption;
  • Workshops to review existing privacy and security frameworks and work towards a harmonized approach; and
  • Develop a library of Privacy Impact Assessments (PIAs).

The key long-term recommendations to develop robust and enabling privacy and security frameworks include:

  • Mechanisms to keep the framework current;
  • Clear guidelines to researchers for safe storage of personal health and/or sensitive information;
  • Consistent standards for data linking regarding identification;
  • Data Stewardship Committee guidance on sensitivity of data;
  • Population Data BC to have access to HealthIdeas; and
  • Defined criteria for low-risk data regarding the potential identification of subjects.

You can download the full report here (pdf).

No related posts.

Category: Uncategorized

Post navigation

← NHS admits new medical records database could pose privacy risk
Wachovia customer sues bank for failing to protect his account and then falsely fingering him to the feds →

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • Nova Scotia Power Data Breach Exposed Information of 280,000 Customers
  • No need to hack when it’s leaking: Brandt Kettwick Defense edition
  • SK Telecom to be fined for late data breach report, ordered to waive cancellation fees, criminal investigation into them launched
  • Louis Vuitton Korea suffers cyberattack as customer data leaked
  • Hunters International to provide free decryptors for all victims as they shut down (2)
  • SEC and SolarWinds Seek Settlement in Securities Fraud Case
  • Cyberattacks Disrupt Iran’s Bread Distribution, Payments Remain Frozen
  • Hacker with ‘political agenda’ stole data from Columbia, university says
  • Keymous+ Hacker Group Claims Responsibility for Over 700 Global DDoS Attacks
  • Data breach reveals Catwatchful ‘stalkerware’ is spying on thousands of phones

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • Record-Breaking $1.55M CCPA Settlement Against Health Information Website Publisher
  • Ninth Circuit Reviews Website Tracking Class Actions and the Reach of California’s Privacy Law
  • US healthcare offshoring: Navigating patient data privacy laws and regulations
  • Data breach reveals Catwatchful ‘stalkerware’ is spying on thousands of phones
  • Google Trackers: What You Can Actually Escape And What You Can’t
  • Oregon Amends Its Comprehensive Privacy Statute
  • Wisconsin Supreme Court’s Liberal Majority Strikes Down 176-Year-Old Abortion Ban

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.