|
|
|
| confidentiality the collection, use, and disclosure of personal information and relevant consent access to client records storage, retention, transportation, and disposal of client records how to contact the privacy officer
|
|
Inform clients, preferably at the beginning of their care, about the limits of confidentiality, and to whom they can speak if they have questions.
|
Ensure that you have consent from the client (or substitute decision-maker) before sharing information about the client with another health care professional, when there is any uncertainty about whether they are a part of the client’s health care team. Follow your organizational policies, procedures, or restrictions on documenting consent and when determining with whom information can be shared.
|
|
Know when, how, and what client information to share with health care professionals inside and outside your organization to enable continuity of care. Consider what information will be required for the delivery of safe and ethical care to the client.
|
|
| Does a law require me to disclose this information? Is disclosure without the client’s consent authorized by the BCCNM Bylaws (see section 183)? Should I encourage and support the client to disclose the information before I do? What reason do I have for not doing so? If I am concerned about the risk of harm to clients or others, can I justify the weight I have attached to both the magnitude and the probability of harm? With whom am I permitted to discuss this issue? If I believe compelling circumstances exist that affect anyone’s health or safety, who is the most appropriate person to receive this information? Do I have the authority to disclose this information or do I need to involve the designated individual in my organization? Do I have enough information and the appropriate skills to act on my decision or do I need further advice or consultation?
|
|
When a child who is deemed capable of making health care decisions has consented to health care, do not release health care information to others (including the parents) without the child’s consent, unless there is a legal obligation or compelling circumstances that affect the child’s health or safety. These issues can be complex and may require consultation with knowledgeable colleagues and, if applicable, your employer or privacy officer.
|
If you are concerned that a client poses a risk of harm to themselves or others, report it immediately to an appropriate person and follow any relevant organizational policies, procedures, or restrictions.
|
Know what to do if clients ask to look at their records or request a correction to their records. Organizational policies, procedures, or restrictions should provide clear direction. If they do not, speak to the privacy officer or health records manager in your organization.
|
|
|
| When a child is in need of protection under the Child, Family and Community Service Act. When a vulnerable adult is in need of support and assistance under the Adult Guardianship Act.
|
|
In the event of a security breach, take appropriate measures to address the issue as soon as possible after the breach is discovered. Know what your organization’s policies, procedures, or restrictions state.
|
Intervene if others fail to maintain client confidentiality. Consider if the most appropriate action is for you to discuss your concerns directly with the person or to report it to someone senior in your organization. If your concerns are not addressed or if you decide it is not prudent to discuss your observations and concerns directly, use the reporting mechanisms in your workplace so others can take action.
|
|
Do not discuss clients or care-related events in online forums (e.g., social networking websites). Talking about care situations online may breach client confidentiality, even if the client’s name is not mentioned.
|
Be aware of your organization’s policies, procedures, or restrictions on the use of digital devices to collect or access personal information about a client. Doing so without consent or other legal authority may be a serious breach of privacy.
|
|