health data management
TRANSCRIPT
Data
Data outlives facilities, devices and people and is the longest lasting asset in any organisation.
Data governance manages the approach
Data governance is defined as ‘a set of processes that ensure that important data assets are formally managed throughout the enterprise’ (Sarsfield 2009, 23)
Governance Principles-Record KeepingThe Basics…………….
• Compliance• Availability• Accountability• Integrity• Retention• Protection• Disposition• Transparency
Enterprise Information Management (EIM)
“The acquisition, organisation, analysis, storage, retrieval, and dissemination of information to support decision-making activities”(Kloss 2016, 45)
Enterprise Information Management (EIM)-Building Blocks for Information Governance
Privacy, Confidentiality and Security
Integrity and Quality
Design and Capture
Contents and Records
ManagementAccess and Use
Challenges affecting healthcare in 2018…….
• Financial challenges• Healthcare reform• Government mandates• Patient Safety and Quality-HACs • Patient satisfaction• Clinician-hospital relations• Population health management• New Technology• Personnel shortages• Implementing accountable care• Legal Challenges • My Health Record
Is your health data managem
ent robust enough to m
eet these challenges?
NSW Government launch archive audit after confidential medical records found in abandoned building
Canadian pharmacist fined for routinely accessing health records of acquaintances
Phishing attack breaches 38,000 patient records at Legacy Health
Third-party vendor error exposes data of 19K patients for 2 months
What would happen if you had to face these challenges?........
Legislation
• Aged Care Act 1997/2009
• Electronic Transactions Act 1999
• Evidence Act 1995, Evidence Amendment Act 2008
• Human Tissue and Transplantation Act
• Mental Health Act
• Privacy Act
• State Records Act
Privacy and Security Risks1. Access and Disclosure
1.1 An unauthorised user gains access1.2 An authorised user violates the appropriate use conditions
2 Information Integrity2.1 Mislabelling, misfiling2.2 Degradation, destruction or loss 2.3 Technology obsolescence
3. Fraud 3.1 Insider 3.2 Malware 3.3 Cyber-attack
4. Technology4.1 Mobile 4.2 Embedded devices
5. Organisational Negligence6. Human errors and negligence
Disconnect between businesses complying
with their legal privacy legal obligations, and
what individuals expect businesses to do with
their data.
Privacy and Security
“[Patients are] more likely to give permission to sharetheir data if they understand how
their data will beused”
- The Consumer’s Health Forum
Trust and Transparency
Businesses need to be more transparentabout their data handling practices
Transparency ensures businesses areclear about their practices and are givingproper consideration to what the customer should expect.
Trust and Transparency
By giving patients the ability to have
their say in regard to how their data is
handled, businesses are building
consumer trust.
Patient Choice
Consider what happens at the point of collection of
any personal information like health data and ask:
− What information are we collecting about ourpatients?
− How do we intend to use that information?− What information of our patients might we share
with others and what will they do with it?− What information and choices are we giving our
patients about personal information we collect?
Patient Choice
Understanding Data Processing Obligations
• Personal data• Type of data • Security obligations • Nature and purpose• Release of information • Responsibilities
The cost of poor data quality
It costs ten times as much to complete a unit of simple work when the data are flawed in any way compared to when they are accurate.
What is the actual ‘source of truth’??
How, What, Where & Why
How-Establish an Information Governance CommitteeCreate a charter to support members in their roles
What-Set the terms of reference Clear, consistent and transparent
Where-Within your organisations hierarchy – stakeholders Engage your Executives and leaders
Why-Health Data Governance Transparency Demonstrate clear, consistent secure management of all
information & processes
How, What, Where & Why Continued
Policies, Standards
and Legislation
Create and
Capture
Store and
Protect
Find, Use and
Share
Keep or Destroy