MedicalDirector Data Consent Form

Transcription

1 MedicalDirector Data Consent Form Dear Doctor, MedicalDirector is committed to ethical and appropriate practices to maintain the expectations of the community and the requirements of the law for the security, privacy and integrity of personal health information. As part of that commitment, we need your consent to deal with the data that you will be sending us. You attention is drawn to MedicalDirector s Position Statement of Privacy and the Handling of Personal Health Information, attached. Please read the enclosed Acknowledgment and Consent Form ( Form ). Before receiving any data we require the Form to be signed. Accordingly, if in order, you need to fax a copy of the signed Acknowledgement and Consent Form to us or enclose it with your data when it is posted to our office. Please note that you must always send patient-sensitive data (including backups) to MedicalDirector as encrypted, and protected with a strong password. MedicalDirector Head Office Return Addresses: Clinical, PracSoft and Helix Customer Service Manager PO Box 176 BUNDABERG QLD 4670 Phone: Fax: (07) customercare@medicaldirector.com Specialist Products Multiview, Blue Chip, Day Surgery, Caseg. Customer Service Data Analyst PO Box K1265 Haymarket NSW 1240 Phone Fax: (02) customercare@medicaldirector.com 2017 Health Communication Network Limited 1

2 Health Communication Network Limited ABN DATA TRANSFER - ACKNOWLEDGEMENT AND CONSENT FORM PRACTICE NAME: ABN: PRACTICE ID: CONTACT PERSON: POSITION: PRACTICE ADDRESS for RETURNING DATA: P/CODE: PHONE: ( ) FAX: ( ) MedicalDirector Application: Clinical PracSoft Helix Specialist Products I hereby give consent to Health Communication Network Limited (HCN) to undertake the following work (the Work): (Please tick all options which are applicable) Convert patient data from an existing database into the format required by the HCN Program. Examine the enclosed data files for inconsistency or corruption and if HCN considers it necessary repair such data. Analyse or amend the data as agreed under HCN s Beta Testing program. Use the data to improve the functionality or operability of the HCN Program, or for HCN to use the data, and strictly in de-identified form, in order to develop and market analytical insights, including in relation to trends in medical conditions or treatment patterns. Any of the above as may be requested by me in writing from time to time, until (insert date) I acknowledge that ensuring patient privacy is my responsibility when sending data to MedicalDirector. I acknowledge that it is my responsibility to ensure that each patient signs Annexure 1 to this Data Transfer Acknowledgment and Consent Form (and that I ensure all such consents remain current) before I send data comprising personal information and sensitive information to MedicalDirector. If any such consents are withdrawn, I will promptly notify MedicalDirector in each case. The data I m sending to MedicalDirector is AES-256 encrypted and protected with a strong password Health Communication Network Limited 2

3 The person signing this form acknowledges and agrees that: 1. AUTHORITY: I sign and agree to the statements in this form with authority of and on behalf of the proprietor(s)/operator(s) of the medical practice named above. 2. HCN PRIVACY STATEMENT: I have read the attached HCN Position Statement on Privacy and the Handling of Personal Health Information. 3. BACK UP COPIES: I will take a back-up or file copy of the relevant data before it is sent to HCN. 4. LIMITATIONS ON DATA CONVERSIONS: When the Work involves converting data from a (source) product to the HCN Program it may not be possible to achieve an exact match between data items in the two systems due to: a) documentation of the source data structures being unavailable or inadequate; b) data items present in the source data structures not being defined in the HCN Program or stored in a different format; c) data items in the source data containing corruptions or not being consistent with the format defined in the documentation of the source data. 5. COSTS: Where the Work involves repair to data I undertake to pay HCN s costs for such repair. 6. THE WORK: HCN will deal with the data (and its disc or other media) only for the purpose of undertaking the Work. Except where I have directed otherwise HCN will not disclose or provide the data (or any part of the data) to any third party. HCN will ensure that the Work is carried out by HCN s employees or agents who must conform to HCN s confidentiality requirements. 7. COPIES OF DATA: I acknowledge that the Work may require HCN to take copies or create derivative files containing some or all of the data, and that I have obtained all relevant consents required by applicable laws including laws affecting privacy, personal information (including health records and information) or the collection, handling, storage, processing, use or disclosure of data, for HCN to undertake such actions. At the completion of the Work these copies and files will be dealt with in accordance with clause UPDATES: HCN will advise me when it safely receives the data and it will keep me updated about how the Work is progressing 9. SECURITY: While it has possession of the data HCN will ensure compliance with security measures to protect the data (including copies of and derivative data files created to carry out the Work) against accidental or unlawful destruction or accidental loss, unauthorised alteration, unauthorised disclosure or access or unauthorised processing appropriate to the risks presented by the carrying out of the Work and the nature of the data. 10. DESTRUCTION/RETURN OF DATA: Sixty (60) days after completion of the Work HCN will destroy all copies of the data including any derivative files it creates to carry out the Work. Such destruction will include the original data submitted unless I indicate, by ticking the following box, that I require the original data to be returned: Return my original data on completion of the Work. (tick if desired) 11. CLAIMS: I understand that any claims relating to the Work must be submitted to HCN within sixty (60) days of completion of the Work. 12. LIMITED WARRANTY: HCN warrants to me that: a) HCN will carry out the Work with reasonable care; b) the diskettes, or other media in which the Work is supplied is free of defects and computer software viruses. While HCN will take reasonable steps to verify converted data is accessible from the HCN Program it gives no assurance and does not warrant that any converted data is suitable for my intended use in content or structure. To the extent permitted by mandatory operation of law, HCN makes no other warranty or representation as to fitness for use, functionality, suitability, performance or compatibility or otherwise of the Work. 13. OTHER DATA USES: Where the Work is to use the data to improve the functionality or operability of the HCN Program, or for HCN to use the data (in de-identified, aggregated form), in order to develop and market analytical insights, including in relation to trends in medical conditions or treatment patterns: a. HCN agrees that it will only do so with data that has been deidentified and aggregated; b. I agree that HCN may use or aggregate such data in conjunction with other information collected or obtained by HCN; c. Notwithstanding clause 6, HCN may disclose or provide such data to any third party; and d. I agree that I have obtained all relevant consents required by law or as otherwise directed by HCN from time to time, including from patients in the form provided at Annexure 1 to this Data Transfer Acknowledgment and Consent Form, for HCN to collect, store, use and disclose such de-identified, aggregated data. If you do not agree to the provisions of this clause 13, do not nominate the de-identified form of data Work. 14. AES-256 encryption will be used when preparing the sensitive patient data for transporting to MedicalDirector. 15. A strong password is used to protect the encrypted data from hacking in the event the sensitive data is lost or stolen. A Strong password contains; a) At least 15 characters b) Uppercase letters c) Lower case letters d) Numbers e) Symbols 16. LIABILITY: HCN s liability for breach of warranty is limited to the carrying out of the Work again, or if HCN so elects, a refund of the applicable fee, if the Work is defective. To the extent permitted by law, HCN will not be liable for any loss of data or errors in data resulting from the carrying out of the Work nor will it be liable for any loss or damage of the disc or other media containing the data while in transit to or from HCN. HCN shall in no circumstances be liable in any way whatsoever to me nor shall I have any remedy in respect of any claim (whether contractual, tortious, statutory or otherwise) for any form of damages, losses, costs, injury or harm sustained or incurred by me in consequence of or resulting from directly or indirectly out of the carrying out of the Work. To the extent permitted by law, I agree that HCN shall not be liable in respect of any claim by me for any special, incidental, indirect or consequential damages or for any loss of use, profits, goodwill, revenues or data even if HCN was or should have been advised of the possibility of such potential loss or damage. I acknowledge that I am solely responsible to the extent permitted by law for the back up of all data sent to HCN for the purpose of carrying out the Work. I certify that I am authorised to sign this Form on behalf of the Practice referred to above: Signed: Name: Date signed: 2017 Health Communication Network Limited 3

4 Health Communication Network Limited ACN Position Statement on Privacy and the Handling of Personal Health Information Health Communication Network Limited (HCN) recognises that the capacity of information technology to capture and transfer information electronically has heightened community concerns about privacy in relation to the handling of personal health information. Personal health information is personal information and sensitive information: that is considered to be health information under applicable privacy laws; about a person s health, medical history or past, present or future medical care; collected in the provision of health services to an individual; or about any health service provided to an individual. Personal health information is sensitive. The secure transfer, storage and disposal of personal health information are paramount to protecting and maintaining privacy. To this end, HCN is committed to ethical and appropriate practices to maintain community expectations for the security, privacy and integrity of personal health information. HCN s position statement on privacy addresses the following key issues: information conversion between systems; the collection of information for research purposes; the provision of service and support; the use of de-identified, aggregated information; the collection of information used in HCN communications; and emerging technologies. The position statement takes into consideration the following: RACGP Standards for general practices, 'Management of Health Information' (2013) Australian Code for the Responsible Conduct of Research (2007) OAIC Draft Business resource Handling health information under the Privacy Act (2015) OAIC Privacy Fact Sheet 49: Health Information and your privacy OAIC Privacy Fact Sheet 50: Accessing and correcting your health information 1. Protection of Privacy and HCN staff As a condition of their employment, all HCN staff are required to acknowledge and agree to abide by HCN s policies and procedures concerned with the protection of privacy, including the privacy of personal health information. 2. Privacy in relation to the conversion of information between data systems Conversions are often undertaken for HCN clients to transfer data formats and information between data systems, one or both of which are HCN supported systems. In such conversions, data and information will be used and dealt with only for the agreed transfer process and for no other purpose. Information is transferred between data systems in a secure and protected computer environment whereby access is granted only to those HCN employees directly involved in the transfer. Information used in the transfer process is returned, retained or destroyed as agreed with the client prior to undertaking the transfer process. Clients are made aware of HCN s position on privacy and the handling of personal information and procedures in advance of any transfer. HCN privacy processes include the conduct of a post transfer audit to ensure that data has been transferred in accordance with documented protocols. 3. Privacy in relation to information collected for research and statistical purposes 3.1. De-identification The information custodian may disclose to HCN, and HCN accepts for the purpose of research and statistical modeling, information that will be deidentified by, or on behalf of HCN. De-identified information means personal health information which has been rendered no longer about an identifiable individual or an individual who is reasonably identifiable for the purposes of applicable laws. A component of the de-identification process may involve the removal of data such as the patient s name, address, telephone number, Medicare number or other information that could reasonably identify the person. As re-identification techniques develop over time, the processes which will be required to properly de-identify personal health information may also change. Where required by law, or as otherwise directed by HCN from time to time, the information custodian must sufficiently inform all relevant individuals of the possible uses and disclosure of their information to enable him or her to give (where required) requisite informed consent to the use of their information for such research and statistical purposes. In addition, HCN may from time to time provide the information custodian with an information statement policy to display at their point of care outlining for the relevant individual the possible uses of their information for these purposes. Moreover, both the information custodian and consumer will retain the right to refuse the use of any personal health information for research and statistical purposes at a later date Information storage and retention Information managed by HCN for research and statistical purposes will be recorded in a durable and appropriately referenced form and will comply with applicable privacy protocols in relation to research. The information will be retained to enable it to be referenced for a maximum of five years from the date of publication, or such longer period as is required by law. Prior to acceptance of de-identified information for research or statistical purposes, HCN and the client will agree upon contractual arrangements in relation to: location of information access to original information access to databases of converted information 4. Privacy in relation to the provision of service and support In providing service and support to its clients, HCN may need to access personal and sensitive information in order to perform a support service such as setting up a client system, assessing the correct system operation or investigating software anomalies referred to by the client. The information may be accessed from the client in hardcopy or electronic form, including by remote connection to the client via modem. The information is to be used only for the agreed purpose. On completion of the support service task the information will be returned, retained or destroyed in accordance with prior agreement between HCN and the client. Clients are made aware in advance of HCN s position on privacy and the handling of personal information and procedures. By their nature, events which require support services are often unpredictable and HCN's speed of response is important for the continued operation of client systems. Accordingly, formal consent from the client to access or be provided with information may in some cases be recorded by way of a standing approval, supplemented by agreed procedures in relation to any particular instance of support. HCN conducts a post service audit to ensure that information is accessed in accordance with documented protocols. 5. Other data uses HCN may use (including by creating derivatives of) data to improve the functionality or operability of the HCN Program, and use the data, strictly only in de-identified form, in order to develop and market analytical insights, including in relation to trends in medical conditions or treatment patterns. HCN may also use or aggregate such data in conjunction with other information collected or obtained by HCN, and HCN may disclose such de-identified, aggregated data to third parties in its sole discretion. HCN will not disclose unit level information or information which it does not reasonably believe is appropriately de-identified. This may involve the creation of insights, the improvement of HCN's existing products and software and the creation of new products and software. De-identification of the data will be conducted in accordance with industry best practice and section 3.1 above. HCN will also undertake audits of such data at regular intervals to ensure that it has been, and continues to be, properly de-identified. 6. Issues in relation to the collection of information used in HCN communications. HCN provides regular information to its clients on health-related products and services using printed material and in electronic forms such as s or HCN websites. To make these processes more efficient, HCN may ask clients to identify their preferences in relation to the subject matter of this marketing and HCN may record such preferences. The information collected is not personal health information and the purpose for collection of this information will be clearly explained at the time of collection. As examples, the information could record whether clients prefer electronic distribution rather than printed material, have an interest in Obstetrics or would like ongoing information on patient support programs. The information will be used in the preparation of customised material specific to each client group and will not be used for any other purpose. Such information will not be provided to any other party. This information will be provided in accordance with the Spam Act 2003 (Cth) where it is provided via , and will clearly identify HCN as the entity authorising the message, will include up-to-date information about how to contact HCN and will include a clear and conspicuous statement that the client may send HCN an unsubscribe message to HCN in order to stop receiving these materials in the future. Clients will be made aware of HCN s position on privacy and the handling of personal information in advance. Clients may review their information on request, make changes as desired or may request that no information be recorded. CONTACT: Company Secretary Health Communication Network Ltd Health Communication Network Limited 4

5 Copying Backups and Other Sensitive Data to Removable Media MedicalDirector is committed to ethical and appropriate practices to maintain the expectations of the community and the requirements of the law for the security, privacy and integrity of personal health information. As part of that commitment, we are providing the following guide to assist in the understanding and possible steps that potentially protect patient privacy when moving Medical Director Software backups or other sensitive data to removable media which has the potential to get lost or stolen. Introduction When considering moving sensitive patient information onto removable media such as a USB, thumb or flash drive, external hard drive, or CD/DVD, critical steps need to be taken to ensure your patient s sensitive information is best protected in the event the data is lost or stolen. Before we take you through the steps of preparing MedicalDirector Software backups or other sensitive data for transferring to removable media, we strongly recommend you get familiar with the Australian Privacy Principles (APPs) and your responsibilities. Under the Privacy Act 1988 (Privacy Act), the Australian Information Commissioner may issue guidelines regarding acts or practices that may have an impact on the privacy of individuals. See for the latest APPs that impact on the privacy of individuals and your responsibilities. Process Overview The following steps will take you through how to prepare your sensitive data prior to moving to removable media. In short, the main tasks are; 1. The files are zipped (archived) into a single file. 2. The zip file is encrypted with AES-256 encryption algorithm. 3. The encryption key (password) is applied and meets the definition of a strong password. How to Zip and Encrypt Sensitive Data The free 7-Zip program is used in this guide to archive and encrypt MedicalDirector Software backups or other sensitive files. 7-Zip contains the strong AES-256 encryption algorithm. 1. Download the free 7-Zip archiving and encryption tool from 2. Install 7-Zip on your workstation or server. 3. Open the 7-Zip program. 4. Locate, select and highlight the folders and/or files you wish to zip and encrypt Health Communication Network Limited 5

6 6. Click the Add icon The Add to Archive window appears. 7. Give the archive file an appropriate name. 8. Tick the Encrypt File Names check box Health Communication Network Limited 6

7 9. Created to strong password. A strong password has a combination of; o At least 15 characters o Uppercase letters o Lowercase letters o Numbers o Symbols Strong password example:!{q).bst[n'rv9j TIP: There are many free websites that will generate a random strong password for you. Please google strong password generator or password generator to find websites that will help you generate the strong password you require. 10. Enter your strong password into the Enter password field. 11. Reenter the strong password into the Reenter password field. 12. Click 13. Browse to the location of the folder and/or files you wanted to archive and encrypt. 14. Locate the archived (zipped) and encrypted 7-Zip file with the filename you provided in Step 6. You may now move this archived (zipped) and encrypted file (MDBackup03Mar16.7z) to removable media Health Communication Network Limited 7

8 How to Unencrypt Your Data The following takes you through the steps to unencrypt a file that was encrypted with the 7-Zip program. 1. Ensure the 7-Zip program is installed on the computer that you want to unencrypt the file on. If not, follow steps 1-2 in the section How to Zip and Encrypt Sensitive Data to install the 7-Zip program. 2. Once 7-Zip is installed on the computer, right click on the encrypted zip file, select 7-Zip > Open archive. 3. The Enter Password window appears. Enter the password associated to the encrypted file. The file will now be unencrypted and the contents accessible. Health Communication Network Limited Level 5, 477 Pitt Street, HAYMARKET NSW, 2000 Tel: Fax: A.B.N Copyright Health Communication Network Limited 8