Contributor: Michael McGill, CHIM, CIAPP-C

Privacy Awareness Week is almost here (May 10-14), and I see it as an opportunity not just for health information professionals to focus on this aspect of our jobs, but an opportunity to keep citizens informed of their privacy rights.

As certified health information professionals, we are governed by the Canadian College of Health Information Management’s code of ethics, which includes: “Strive, at all times, to protect the privacy, security, and confidentiality of health information in any form or medium.” The responsibility of being a guardian of private information is a significant one, and as we know, we are further guided in our role by provincial and federal legislation, including the Personal Information Protection and Electronic Documents Act (PIPEDA), which outlines 10 fair information principles:

1. Accountability
2. Identifying purposes
3. Consent
4. Limiting collection
5. Limiting use, disclosure, and retention
6. Accuracy
7. Safeguards
8. Openness
9. Individual access
10. Challenging compliance

The global pandemic has brought new challenges around protecting privacy. The internal information technology and security teams at all health care facilities are working diligently—especially in light of increased cyberattacks on hospitals, health regions, and authorities. Some have reported that such attacks are up by 50% over the past year. I see it as another opportunity for health information professionals: it’s a perfect time to promote best practices within our health care organizations and support our colleagues in being the most privacy-wise we can be.