Skip header and navigation
CMA PolicyBase

Policies that advocate for the medical profession and Canadians


12 records – page 1 of 2.

Putting Patients First : Comments on Bill C 6 (Personal Information Protection and Electronic Documents Act) : Submission to the Senate Standing Committee on Social Affairs, Science and Technology

https://policybase.cma.ca/en/permalink/policy1979
Last Reviewed
2019-03-03
Date
1999-11-25
Topics
Ethics and medical professionalism
Health care and patient safety
Health information and e-health
  2 documents  
Policy Type
Parliamentary submission
Last Reviewed
2019-03-03
Date
1999-11-25
Topics
Ethics and medical professionalism
Health care and patient safety
Health information and e-health
Text
CMA commends the federal government for taking this important first step that begins the debate on privacy and the protection of personal information. The issues are complex and the interests at stake significant. CMA welcomes the opportunity to provide comments on Bill C-6 and hopes that its input will strengthen the Bill by ensuring that patient privacy and the confidentiality of medical records are adequately protected. CMA’s chief concern with Bill C-6 is the inadequacy of its provisions to protect the right of privacy of patients and the confidentiality of their health information. The right of privacy encompasses both the right to keep information about ourselves to ourselves if we so choose and to exercise control over what subsequently happens to information we confide in trust for the purpose of receiving health care. In recent years, this right, and the ability of physicians to guarantee meaningful confidentiality, have becoming increasingly threatened. Computerization of health information facilitates easy transfer, duplication, linkage and centralization of health information. Captured in electronic form, patient information is potentially more useful for the purpose of providing care. However, thus captured, it also becomes much more valuable and technically accessible to various third parties -- private and public, governmental and commercial -- wishing to use this information for other purposes unrelated to providing direct care. An additional concern is that the demand for health information, referred to by some commentators as ‘data lust’, is growing, partly as a consequence of ‘information hungry’ policy trends such as population health. There is also a disturbing tendency toward ‘function creep’, whereby information collected for one purpose is used for another, often without consent or even knowledge of the individual concerned and without public knowledge or scrutiny. Furthermore, initiatives concerning health information technology tend to be dominated by those who seek access to this information for secondary purposes. From this perspective, privacy may appear less as a fundamental right than as a hindrance or even roadblock. As we move further into the information age there is some danger that we will become so spell-bound by the promise of information centralization and database linkages that we lose sight of the patients who confided this information or reduce them to impersonal ‘data subjects’. To avoid this danger and the allure of the technology we need to ground the application of information technology and practices in well-tested, enduring principles. We need to put privacy first rather than treat it as a nuisance or impediment. Rules and regulatory regimes concerning health information should be based on the principle of patient privacy because ultimately health information technology is not about ‘bits and bytes’ or ‘data’ or even ‘data subjects’ but about patients, and patients deserve to be treated with respect and dignity and to have their wishes and choices valued and respected. If we are to put patients first the right of privacy must be given primacy in rules concerning health information. This does not mean that this right is absolute. What it does mean is that the burden of proof must rest with those whose purposes, however compelling they may be, encroach upon the right of privacy. It means that we value patient privacy at least enough to demand explicit justification of any proposal that would diminish privacy. Bill C-6 begins with the right premise: that “rules to govern information collection, use and disclosure” should recognize the “right of privacy”. However, it fails to recognize the special nature of health information and to tailor its provisions accordingly. In consequence there is confusion and uncertainty about Bill C-6's application to health care. Even more seriously, however, Bill C-6 fails to recognize that health information requires stronger or greater privacy protection than other types of information. The inadequacy of Bill C-6 for health care is not surprising because clearly it was not drafted with health information in mind. Rather, it is written from the perspective of encouraging commerce. It appears to have access to information as its dominant value. The world of health care is very different from that of commerce and consequently requires distinct rules that are more protective of privacy. Confiding information to your physician under the trust of the patient-physician relationship is not on par with giving your address to a salesclerk when you purchase a toaster or rent a movie. Health information is special by nature. Canadians know this. In a recent Angus Reid poll commissioned by CMA Canadians told us loudly and clearly that they regard their health information as especially sensitive. However, the obvious sensitivity of health information is not the only thing that makes it special and in virtue of which it warrants distinct rules to strengthen privacy protection. It is important to recognize that this information is typically collected under the trust patients vest in their physicians. Patients confide their information for the purpose of receiving care and in the expectation that it will be held in the strictest confidence. This purpose, and the preservation of this trust, should be given primacy in rules concerning health information. It is also important to recognize that the trust under which patients confide in their physicians is fundamental to the patient-physician relationship. If patients can not trust their physicians to protect their information and keep it secret they will not confide it as freely as they do. In consequence, the ability of physicians to provide the care needed would be severely diminished. Rules relating to health information must be developed in recognition of its special nature and the circumstances of trust and vulnerability in which it is initially collected or confided. Patients confide in their physicians for the purpose of receiving care. The potential that the information thus confided may subsequently be used for other purposes must not impede the therapeutic purpose or diminish the trust and integrity of the patient-physician relationship. In recent years the secondary use of information for purposes other than those for which it was collected has been increasing without adequate oversight or public knowledge. This ‘function creep’ undermines the trust of patient-physician relationship. Collection and use beyond the therapeutic context and for purposes unrelated to the provision of direct care should be subjected to rigorous scrutiny before they are permitted to occur. To the extent that they are permitted to occur without patient consent they should be explicitly authorized in legislation to ensure transparency and adequate oversight. Putting patients first means ensuring that health information, in all but exceptional and justifiable circumstances, is used only under the strict control of the patient. The patient must be able to exercise control through voluntary, informed consent. Moreover, a distinction must be made between a patient’s right to know what can or must happen to health information and the right to consent to such use. Bill C-6 permits the collection, use and disclosure of information without knowledge or consent on grounds such as expediency, practicality, public good, research, offence investigation, historic importance and artistic purpose. The laxness and breadth of these exemptions as applied to health information is unacceptable. These uses, without the patient’s consent (or even knowledge), reduce the patient to a means to someone else’s end, however worthwhile that end may be. Moreover, the absence of consent (or even knowledge) undermines the integrity of the patient-physician relationship and has the potential to erode the trust patients have in their physicians - a trust that is essential to patients’ willingness to provide the complete information needed to provide them with care. CMA has developed and adopted a Health Information Privacy Code (Appendix A) in recognition of the special nature of health information and to give primacy to patients and to the right of privacy. This Code begins from the same starting point as Bill C-6, the Canadian Standards Association (CSA) Code which the Bill includes as Schedule 1. However, unlike Bill C-6, the CMA Code tailors the CSA Code to the specific circumstances of health information. The CMA Health Information Privacy Code, therefore, is able to address issues specific to health information that Bill C-6 either fails to address or, even worse, exacerbates. In light of the clear deficits in Bill C-6 and the inadequate protection of patient privacy and health information confidentiality, CMA urges this committee to accept the recommendations put forward in this brief to strengthen the Bill’s provisions for protecting privacy and to accept the amendment (Appendix B) CMA has prepared to give effect to these recommendations. CMA believes that Canadians desire and deserve no less than this as concerns the right of privacy with respect to health information. I. Introduction The Canadian Medical Association is the national voice of Canadian physicians. Our mission is to provide leadership for physicians and to promote the highest standard of health and health care for Canadians. The CMA is a voluntary professional organization representing the majority of Canada's physicians and comprising 12 provincial and territorial divisions and 43 affiliated medical organizations. On behalf of its 46,000 members and the Canadian public, CMA performs a wide variety of functions, including addressing the emerging issue of electronic health information and confidentiality and privacy. It is in this capacity that we present our position on Bill C 6, The Personal Information Protection and Electronic Documents Act. CMA commends the federal government for taking this important first step of beginning the debate on privacy and the protection of personal information. The issues are complex and the interests at stake significant. CMA welcomes the opportunity to provide comments on Bill C-6 and hopes that its input will strengthen the Bill by ensuring that patient privacy and the confidentiality of medical records are adequately protected. In preparing this brief CMA has had the benefit of the final report of the federal Advisory Council on Health Infostructure, Canada Health Infoway: Paths to Better Health: Final Report. (“Advisory Council Report”) Where appropriate, CMA cites the findings contained in the Report. CMA wishes to underscore the key themes of its brief: A. Health information is special by its nature. Rules relating to health information must be developed in recognition of its special nature. Ensuring protection of privacy and confidentiality of the patient record must take precedence over other considerations. Bill C-6 fails to do this. Bill C-6 is written from the perspective of encouraging commerce. It appears to have access to information as its dominant value. The world of health care is very different from that of commerce and consequently requires distinct rules. B. Typically, health information is confided in the context of the therapeutic relationship and under the trust upon which this relationship is built. Rules concerning health information -- and in particular its collection, disclosure and use for purposes unrelated to the provision of direct care -- must be consistent with the expectations of patients about confidentiality and must not exploit the trust patients have in their physicians or compromise the ability of physicians to earn and maintain this trust. C. Health information must, in all but exceptional and justifiable circumstances, be used only under the strict control of the patient. The patient must be able to exercise control through voluntary, informed consent. Moreover, a distinction must be made between a patient’s right to know what can or must happen to health information and the right to consent to such use. Bill C-6 permits the collection, use and disclosure of information without knowledge or consent on grounds such as expediency, practicality, public good, research, offence investigation, historic importance and artistic purpose. The laxness and breadth of these exemptions as applied to health information is unacceptable. These uses, without the patient’s consent (or even knowledge), reduce the patient to a means to someone else’s end, however worthwhile that end may be. Moreover, the absence of consent (or even knowledge) undermines the integrity of the patient-physician relationship and has the potential to erode the trust patients have in their physicians - a trust that is essential to patients’ willingness to provide the complete information needed to provide them with care. D. The root of most of the problems in applying Bill C-6 to health care information is its failure to distinguish among purposes for the collection, use and disclosure of health information. In particular, the Bill fails to distinguish between the primary purpose, which is to deliver care to and for the benefit of an individual patient, and secondary purposes, which are not for the direct benefit of the patient (and indeed may even use the patient’s information to his or her detriment). Provisions to protect privacy should give recognition to the difference between these purposes and should not hinder the ability of physicians and others to provide care consistent with the patient’s wishes. Moreover, the Bill has no effective mechanism to distinguish legitimate purposes, which should be permitted, from illegitimate purposes, which should not, notwithstanding the limitation to “purposes that a reasonable person would consider are appropriate in the circumstances” in Section 5(3). E. In recent years the secondary use of information for purposes other than the purpose for which it was collected has been increasing without adequate oversight or public knowledge. This ‘function creep’ undermines the trust of patient-physician relationship. Collection and use beyond the therapeutic context and for purposes unrelated to the provision of direct care should be subjected to rigorous scrutiny before they are permitted to occur. To the extent that they are permitted to occur without patient consent they should be explicitly authorized in legislation to ensure transparency and adequate oversight. This Brief will first look at the apparent rationale of Bill C-6 and its potential application to health information. The brief will then describe why CMA considers health information to be special in nature and worthy of special protection. Finally, the brief reviews the difference in approach between Bill C-6 and CMA’s Health Information Privacy Code to illustrate that Bill C-6 provides inadequate protection to patient privacy and medical confidentiality. II. Rationale and Scope of Bill C-6 A. Rationale of Bill C-6 The driving force behind Bill C-6 is the support and promotion of electronic commerce. The second part of the Bill is devoted to permitting electronic versions of documents and signatures to be legitimate or ‘originals’ if the provisions of the Act are followed. Part 2 of the Bill is quite distinct from Part 2 and both parts could stand alone as separate pieces of legislation. Part 2 simply allows electronic versions of documents and signatures to be recognized as legitimate. On its face, this has little to do with the protection of personal information except to the extent that storage of documents in electronic form provides greater ability to access, link and merge information. Certainly, the Bill appears to draw on this connection by including, in its statement of purpose, the provision of a right of privacy in an era in which technology increasingly facilitates the collection and free flow of information. Part 1 concerns all forms of personal information, electronic and otherwise. It gives some protection to personal information by requiring consent in some instances. In CMA’s view, a fundamental difficulty with Part 1 and with the Bill in general is that its goal is to promote commerce and thus all information is implicitly considered as falling within the ‘commercial’ realm. In the case of health information this is surely not the case or the only consideration. Moreover, this creates a clash of values when applied to a health care system that is a public system. The Advisory Council Report takes a firm stand on this issue and states that legislation respecting the privacy protection of health information, “should also contain a clear prohibition against all secondary commercial use of personal health information.”Moreover, Bill C-6 fails to distinguish and priorize different purposes for collecting, using and disclosing information and in doing so treats all purposes as more or less equal and subject to the same rules. CMA takes a quite a different view when it comes to health information and will expound its view throughout this brief. B. Scope - Application to Health Records CMA has argued from the outset that C 6 (and its predecessor C 54) will apply to some health information. This view now appears to be widely accepted. Nevertheless, it is unclear as to what extent Bill C 6 will apply to health records. The full name of the Act states, in part: An Act to support and promote electronic commerce by protecting personal information that is collected, used or disclosed in certain circumstances . . . . What are these circumstances? Section 4(1) states that Part 1 (the part protecting personal information) applies in respect of personal information that: (a) the organization collects, uses or discloses in the course of commercial activities; or (b) is about an employee of the organization and that the organization collects, uses or discloses in connection with the operation of a federal work, undertaking or business. The definition of commercial activity given in 2(1) that commercial activity Ameans any particular transaction, act or conduct or any regular course of conduct that is of a commercial character@ is circular and does nothing to clarify uncertainties concerning the Bill’s scope. There are two points to be made here as concerns the application of this Bill to health information. The first concerns clarity around where commercial ends and health care begins. Which health care settings that operate for profit are excluded from the Act? This question speaks to the difficulty of delineating what activity is considered health care and what activity is considered commercial. Moreover the increase in public/private partnerships and joint funding of endeavours within the health care sector, which the government appears to be promoting, may make it increasingly difficult to make this distinction; for example in the area of research. The second concerns the specification of different regimes for information protection and privacy rights, depending on whether the information is deemed to come under commercial activity. This is clearly not desirable. However, the solution to this problem is not to reduce the privacy rules for all health information to the lowest common denominator but to raise them to a higher level of protection than is afforded commercially acquired information. Subjecting all health information to the regime laid out in the CMA Health Information Privacy Code would achieve this objective. In preparing this brief CMA has assumed that the Bill will provide a scheme that applies to at least some health information. Three years after it is in force it will apply equally to activities that occur strictly within the provinces, unless there is legislation in the province that is substantially similar to the Bill (see sections 27(2)(b) and 30). No doubt the extent of the federal government’s ability to legislate in this area generally will be the subject of extensive debate. However, CMA has no comment on this debate and provides its opinion in the interests of ensuring that the rules that relate to health information are compatible with preserving the integrity of the patient physician relationship and the protection of patient privacy and health information confidentiality. The federal government has an opportunity to provide Canadians with strong privacy rights in health information. It is incumbent upon the government to do so. C. Scope - Government Excluded Bill C-6 expressly excludes a large part of government activity from its ambit. Although government activity is to some extent governed by the Privacy Act, R.S.C. 1985, P-21, the rules of this Act provide less protection than those of Bill C-6. Government should subject itself to at least the same rules that it requires of the private sector in so far as it is a collector and user of information. Indeed, government’s practices relating to the collection, storage, merging, transfer and use of health information should be subject to more stringent rules than those found in either the Privacy Act or Bill C-6. The Advisory Council Report also calls for the same rules to apply to the public and private sectors, rules that are more stringent than those found in the Privacy Act or Bill C-6. Therefore, CMA recommends: That, at least in connection with health information, the provisions of the Bill apply equally to the public and the private sectors. III. Considerations Regarding Patient Privacy and Confidentiality: Medical Context Versus Commercial Context A. CMA’s Position The world of health care is very different from that of commerce and consequently requires distinct rules that are more protective of privacy. Confiding information to your physician under the trust of the patient-physician relationship is not on par with giving your address to a salesclerk when you purchase a toaster or rent a movie. Health information is special by nature. Canadians know this. In a recent Angus Reid poll commissioned by CMA Canadians told us loudly and clearly that they regard their health information as especially sensitive. However, the obvious sensitivity of health information is not the only thing that makes it special and in virtue of which it warrants distinct rules to strengthen privacy protection. It is important to recognize that this information is typically collected under the trust patients vest in their physicians. Patients confide their information for the purpose of receiving care and in the expectation that it will be held in the strictest confidence. This purpose, and the preservation of this trust, should be given primacy in rules concerning health information It is also important to recognize that the trust under which patients confide in their physicians is fundamental to the patient-physician relationship. If patients could not trust their physicians to protect their information and keep it secret they would not confide it as freely as they do. In consequence, the ability of physicians to provide the care needed would be severely diminished. Rules relating to health information must be developed in recognition of its special nature and the circumstances of trust and vulnerability in which it is initially collected or confided. Patients confide in their physicians for the purpose of receiving care. The potential that the information thus confided may subsequently be used for other purposes must not impede the therapeutic purpose or diminish the trust and integrity of the patient-physician relationship. In recent years the secondary use of information for purposes other than those for which it was collected has been increasing without adequate oversight or public knowledge. This ‘function creep’ undermines the trust of patient-physician relationship. Collection and use beyond the therapeutic context and for purposes unrelated to the provision of direct care should be subjected to rigorous scrutiny before they are permitted to occur. To the extent that they are permitted to occur without patient consent they should be explicitly authorized in legislation to ensure transparency and adequate oversight. Putting patients first means ensuring that health information, in all but exceptional and justifiable circumstances, is used only under the strict control of the patient. The patient must be able to exercise control through voluntary, informed consent. Moreover, a distinction must be made between a patient’s right to know what can or must happen to health information and the right to consent to such use. Bill C-6 permits the collection, use and disclosure of information without knowledge or consent on grounds such as expediency, practicality, public good, research, offence investigation, historic importance and artistic purpose. The laxness and breadth of these exemptions as applied to health information is unacceptable. These uses, without the patient’s consent (or even knowledge), reduce the patient to a means to someone else’s end, however worthwhile that end may be. Moreover, the absence of consent (or even knowledge) undermines the integrity of the patient-physician relationship and has the potential to erode the trust patients have in their physicians - a trust that is essential to patients’ willingness to provide the complete information needed to provide them with care. CMA has developed and adopted a Health Information Privacy Code (Appendix A) in recognition of the special nature of health information and to give primacy to patients and to the right of privacy. In commenting on this Code the Advisory Council Report notes: The Code represents an important contribution to the deliberations of Canadians and legislators on how to safeguard privacy across the health domain. In his 1998-99 Annual Report, the Federal Privacy Commissioner writes in support of the Health Information Privacy Code: Legislators looking for guidance on health information privacy law need not re-invent the wheel; the Canadian Medical Association’s Health Information Privacy Code is a comprehensive benchmark for achieving a high national level of protection for personal information. The Code could be the basis for drafting legislation. Given the grumblings that the Code sets the bar too high, perhaps some Health Infoway funds should be used to study the impact of its implementation. The patients at the heart of this system deserve no less. There are several key principles that guided the development of the Health Information Privacy Code and upon which it is based: 1. The provision of health care to all Canadians irrespective of social circumstances or health status is a highly regarded value in Canadian society. The system is publicly funded and universally accessible. 2. The right of privacy is fundamental to a free and democratic society. 3. Rules relating to health information must recognize its special nature. Health information has a high level of sensitivity and is confided or collected in circumstances of vulnerability and trust for the primary purpose of benefiting the patient. 4. The hallmark of the medical profession since the time of Hippocrates has been the willingness and ability to hold information confided secret. 5. The patient-physician relationship is one of trust. A central feature of this trust is the belief of patients that information confided in or collected by physicians and other health care providers will be kept secret. 6. Patients believe that the information they disclose or that is gathered as a result of their seeking health care will be used to provide them with health care. Use beyond the provision of health care without knowledge or consent goes beyond what a patient’s reasonable expectations were when information was confided or collected and therefore is a breach of the trust patients place in their physicians. 7. Except in very limited circumstances, consent is required for health information collection, use, disclosure or access for any purpose. 8. Information required to provide patients with the health care sought should be readily available to those who require it to provide an aspect of care as consistent with the wishes of the patient. 9. Uses of health information for purposes other than the provision of health care to the person seeking care should be subject to rules that: - protect and promote privacy and confidentiality; - generally require express consent; - can be justified according to specific criteria. 10. Patients should know the uses to which their health information may be put prior to disclosing it. 11. Patients may be reluctant to disclose information if they are concerned about the uses to which the information is put or the persons entitled to access it. B. Public Opinion To determine the public’s views on issues concerning privacy and health information, CMA commissioned Angus Reid to conduct research in two forms, quantitative (survey) and qualitative (focus groups), and has found the following: 1. Canadians believe that health information is the most sensitive type of information, and indeed more sensitive than their financial information. 1. 2. Canadians believe that their health information will be kept confidential and consider this to be important. 3. Canadians believe it important to know and control how their health information is shared with others. 4. Canadians do not want their health information released to third parties (including governments and researchers) without their knowledge and consent. 5. Canadians have concerns about the release of delinked or anonymous information to third parties without their consent. 6. Some Canadians are reluctant to confide information to their physicians due to concerns about it subsequently being disclosed to others without their consent. 7. Patients believe that privacy rules should apply equally to the public and the private sector. These findings are consistent with the published literature and other findings relating to the public’s concerns about privacy and confidentiality. The CMA Health Information Privacy Code was developed in consideration of these views. Once developed, its principles were subsequently tested with the public in a series of cross-country focus groups and it was found that the Code appears to enjoy considerable public support. C. The Advisory Council Report The Advisory Council Report relates to the electronic health record. However, given the direction towards the greater use of technology and the underlying principles informing the Advisory Council, its recommendations are generalizable to all health information. A key principle of the Advisory Council Report is that access by health care professionals should be based on a need-to-know basis under the strict control of the patient. The Council, like CMA, calls for scrutiny and justification of secondary uses of health information. The Council is opposed to the use of multipurpose identifiers on the grounds that it becomes too easy for government officials from one department to gain access to a person’s health record or to combine a number of records to assemble a comprehensive profile. (Anecdotal evidence suggests that this concern may be justified and that there are insufficient safeguards preventing the flow of health information among government departments.) The Council recommends that all governments ensure that they have legislation to address privacy protection specifically aimed at protecting personal health information through explicit and transparent mechanisms. Included in these mechanisms are: * The provision of a precise definition of free and informed consent, as well as a statement of principle that informed consent should be the basis for sharing personal health information; * Any exemption to the requirement of informed consent should be clearly set out in law. More specifically, legislative guidance should be provided on how to balance the right of privacy with the public good for research purposes to implement a coherent and harmonized pan-Canadian system for independent, ethical review. * There should be provisions regulating secondary uses of non-identifiable health information. These provisions should address privacy concerns surrounding the degree to which data might be linked back to an identifiable individual. * Legislation should set clear limits on access to and use of health information by third parties outside the health care system. To prevent the serious invasions of privacy that can result from the unrestricted linking of personal health information with other kinds of information on the same individual, the legislation should contain provisions prohibiting the use for any other purpose of unique personal identifiers in health information systems. D. The Approach in Bill C-6 Bill C-6 begins with the right premise: that “rules to govern information collection, use and disclosure” should recognize the “right of privacy”. However, it fails to recognize the special nature of health information and to tailor its provisions accordingly. In consequence, there is confusion and uncertainty about Bill C-6's application to health care. Even more seriously, however, Bill C-6 fails to recognize that health information requires stronger or greater privacy protection than other types of information. The Bill makes a cursory attempt at distinguishing among varying types of personal information and gives inadequate additional protection to information that is highly sensitive (such as health information), notwithstanding the provisions in Paragraph 4.3.4 of Schedule 1 concerning consent which do provide some latitude for more stringent requirements in the case of sensitive information. The Bill permits the collection, use and disclosure of information without knowledge or consent on grounds such as expediency, practicality, public good, research, offence investigation, historic importance and artistic purposes. In the context of health information, these grounds should be subject to intense scrutiny to determine their relevance and legitimacy. Some of these grounds would not withstand scrutiny if subjected to the tests established in the CMA’s Health Information Privacy Code. E. Conclusion CMA believes that health information is special and deserves a higher level of privacy protection than other types of information. The Advisory Council Report also recognizes that distinct rules, more protective of privacy, are required for health information. The Council’s Report places strong emphasis on the protection of privacy, recognizes that, as a general rule, the flow of health information should be on a need-to-know basis and under the control of the patient through the exercise of free and informed consent, and requires limits on the secondary use of health information. The inadequacy of Bill C-6 for health care is not surprising because clearly it was not drafted with health information in mind. Rather, it is written from the perspective of encouraging commerce. It appears to have access to information as its dominant value. However, the world of health care is very different from that of commerce and distinct rules that are more protective of privacy. The CMA Health Information Privacy Code begins from the same starting point as Bill C-6, the Canadian Standards Association (CSA) Code which the Bill includes as Schedule 1. However, unlike Bill C-6, the CMA Code tailors the CSA Code to the specific circumstances of health information. The CMA Health Information Privacy Code, therefore, is able to address issues specific to health information that Bill C-6 either fails to address or, even worse, creates. It offers a template for the protection that should be specifically accorded to the right of privacy in health information, a template that appears to have considerable public support and is designed to uphold patient confidence in their physicians and the health care system. Amending Bill C-6 to incorporate the principles in the CMA Code would ensure adequate privacy protection. CMA recommends: That Bill C-6 be amended to incorporate specific provisions relating to health information and that the provisions of the CMA Health Information Privacy Code provide the basis of such provisions. CMA developed the Health Information Privacy Code in recognition of trends and developments that pose new threats to patient privacy and the trust of the therapeutic relationship. In recent years the secondary use of information for purposes other than the purposes for which it was collected has been increasing without adequate oversight or public knowledge. This ‘function creep’ undermines the trust of patient-physician relationship. Collection and use beyond the therapeutic context and for purposes unrelated to the provision of direct care should be subjected to rigorous scrutiny before they are permitted to occur. To the extent that they are permitted to occur without patient consent they should be explicitly authorized in legislation to ensure transparency and adequate oversight. CMA’s Health Information Privacy Code provides a test to which legislation addressing health information should be subjected. This test (found in section 3.6 of the CMA Code) states: Any proposed or existing legislation or regulation made under legislative authority that permits or requires health information collection, use, disclosure or access shall be subjected to the following legislative test: (a) There must be demonstration that: (i) a patient privacy impact assessment has been conducted, the analysis has been made public and has been duly considered prior to the introduction of legislation [section 3.5 of the Code provides guidance with respect to the patient privacy impact assessment]; (ii) collection, use, disclosure and access will be limited to the greatest degree possible to ensure that * the collection of health information by persons external to the therapeutic context will neither trade on nor compromise the trust of the patient-physician relationship; * patients are not likely to be inhibited from confiding information for primary purposes; * the ability of physicians to discharge their fiduciary duties to patients will not be compromised; and, * patient vulnerability will not be exploited; (iii) collection, use, disclosure and access will be restricted to what is necessary for the identified purpose(s) and will not impede the confiding or collection of information for primary purposes; (iv) provisions exist for ensuring that patients are provided with knowledge about the purpose(s) and that, subject to 3.6(b), patient consent is clearly voluntary; (v) the means used are proportionate and the collection will be limited to purposes consented to or made known to the patient; (vi) the patient’s privacy will be intruded upon to the most limited degree possible in light of the purpose(s) consented to or made known to the patient; (vii) linkage of the health information will be limited; and (viii) unless clear and compelling reasons exist: * all reasonable steps will be taken to make health information anonymous; and * if it has been demonstrated that making health information anonymous would render it inadequate for legitimate uses, the information will be collected and stored in a deidentified-relinkable format. (b) When nonconsensual collection, use, disclosure or access is permitted or required by legislation or regulation that meets the requirements of the Code, the following conditions must also be met: (i) the right of privacy has to be violated because the purpose(s) could not be met adequately if patient consent is required; and (ii) the importance of the purpose(s) must be demonstrated to justify the infringement of the patient’s right of privacy in a free and democratic society. (c) Any legislative provision or regulation that permits or requires health information collection, use, disclosure or access nonconsensually shall not, without compelling reasons, be applied retroactively to existing health information. In its current form, Bill C-6 would not pass the scrutiny of the test. Consequently, CMA recommends: That the proposed rules for health legislation be subject to the legislative test found in CMA’s Health Information Privacy Code and formulated in light of this process. IV. Specific Comments on Bill C-6 From the Perspective of CMA’s Health Information Privacy Code This section highlights some key distinctions between the approach taken by Bill C-6 and CMA’s Health Information Privacy Code. It uses examples to illustrate divergent approaches taken for the purpose of demonstrating that Bill C-6 is inadequate in the protection it accords health information and to show how the CMA Health Information Privacy Code would address the issues adequately. A. General Bill C-6 and CMA’s Health Information Privacy Code are based on the Canadian Standards Association’s Model Code for the Protection of Personal Information (CSA Code). Bill C-6 and the CMA Code also augment the CSA Code’s provisions where considered necessary. The need to extend the provisions of the CSA Code demonstrates that the CSA Code, being general in nature, provides inadequate protection to information in many instances. The CSA recognized this at the time it developed its Code and specifically issued additional, specific guidance for health information in the form of an appendix to the Workbook for applying the Code. The Workbook begins: Information regarding one’s health and health records may be among the most sensitive of all personal data. Individuals are concerned that inappropriate disclosure of such information could unduly affect their employment status or their lives in general. . . Some health information is obtained directly from health care providers who have been given a patient’s private information with the expectation that this information will remain as a private communication. Health care providers . . . in turn, feel that such concerns could influence individuals to withhold vital information or avoid treatment to ensure their private information remains as such. Implementation of privacy procedures that adhere to the principles in the CSA Code and rigid applications of such procedures are essential steps for organizations that require access to health information, to maintain an individual’s trust that sensitive personal information remains confidential. In designing and implementing such procedures, organizations should recognize the sensitive nature of such information and also the fact that the primary reason that health care providers maintain records is to ensure that safe and efficacious care is provided. The Workbook goes on to list 7 interpretative points to augment the CSA Code, providing additional privacy protection as it applies to health information, including the following: requirements for the individual’s knowledge and consent be rigidly followed. Consent to acquire and disclose health information should be undertaken with the individual’s full knowledge of the scope of information to be requested. Bill C-6 does not include these additional interpretive points. It does not give due recognition that health information, because of its high sensitivity, deserves even stronger protection than is provided in the CSA Code as appended in Schedule 1 of the Bill (which even the Committee that drafted the CSA Code recognized). Although Bill C-6 and the CMA Code are based on the CSA Code, each takes a different approach to the ultimate protection accorded information and to the right of privacy. This divergence demonstrates that there are many ways to resolve issues left unresolved by the CSA Code. In other words, it is not a foregone conclusion that basing provisions on the CSA Code will result in appropriate or adequate protection of information. Rather, resolution of issues requires thought and deliberation and will depend in some measure on the primacy given to certain values. Bill C-6 appears to have given access primacy in the pursuit of commerce, whereas CMA gives privacy protection primacy in the pursuit of the provision of health care in accordance with physicians’ fiduciary obligations to patients and the integrity of the patient-physician relationship. CMA did not develop its approach in a vacuum. It reviewed, and was inspired by, the report of the House of Commons Standing Committee on Human Rights and the Status of Persons with Disabilities, entitled Privacy: Where Do We Draw the Line? This report articulates and makes explicit many of the issues that should be informing the current debate on Bill C-6. In addition, the Report of the Advisory Council takes a very different approach than Bill C-6. The Report recognizes the need to pay more than lip service to protecting privacy and confidentiality and recommends specific measures aimed at doing this. B. Primacy of the Therapeutic Purpose The root of most of the problems in applying Bill C-6 to health care is its failure to distinguish among purposes for the collection, use and disclosure of health information. In particular, the Bill fails to distinguish between the primary purpose, which is to deliver care to and for the benefit of an individual patient, and secondary purposes, which are not for the direct benefit of the patient and indeed may even involve using the patient’s information to his or her detriment. Under Bill C-6, the same rules apply equally to both the primary and to secondary purposes. In other sectors this failure to distinguish different purposes and to fashion rules in light of salient differences may not pose problems. In the health care sector, however, the consequences could be quite serious. As applied to secondary purposes, the provisions in Bill C-6 fail to limit access appropriately. Access to information may occur in ways that are inappropriate and violate the privacy of patients. As applied to the primary purpose -- the use of a person`s information to provide that person with care -- the rules in the Bill, if rigidly construed, may inhibit access that would otherwise be appropriate and consistent with the patient`s right of privacy. For example, the consent provisions in the Bill could create impediments to information flow where various members of a ‘health care team’ require information about the patient in order to be effective for the patient’s benefit; the provisions in the Bill that seek to limit the extent of information collection could inhibit physicians from being as extensive as they sometimes are and should be in collecting information from patients for the purpose of providing care; the provisions in the Bill requiring that the patient`s request to review his or her record be in writing could in fact be a barrier to patient access which might otherwise be facilitated informally and consistently with the patient`s wishes by a simple verbal request. Such consequences no doubt would be unintended by the drafters of the Bill; the drafters might even argue that for someone to interpret the provisions mentioned above as potentially leading to these consequences would be to misinterpret them. Regardless, the fact is that the Bill, on these matters and others, is somewhat strained when its provisions are applied to health care. The CMA Health Information Privacy Code, however, is not. It begins from the same starting point as Bill C-6, which is the CSA Code. However, the CMA, recognizing (as the drafters of the CSA Code apparently also did) that the CSA Code would need to be tailored to deal adequately with health information, did so in drafting its Health Information Privacy Code. This document was written from the ground up not just with privacy first and foremost as a value but also with specific reference to the health sector. And it is based on the fundamental premise that not all purposes for the use of health care are equal and that the therapeutic purpose must be given primacy. Thus the CMA Health Information Privacy Code avoids the kind of problems identified above that might arise as Bill C-6 is applied to health information. For example, it specifies that the collection of health information for the primary purpose of providing care “may be as extensive as necessary to fulfil these purposes and reflect the high level of trustworthiness and accountability of health professionals in the therapeutic context” (3.2) but that for any secondary purposes it should be “as minimal as necessary in recognition of the need to protect the patient’s right of privacy in the therapeutic context” (3.3.). As concerns consent, which CMA recognizes to be core to the protection of privacy, the CMA Code articulates rules for consent in recognition of the importance of timely information flow in the team context and as appropriate to meet the purpose for which the patient has confided the information in the first place, which is to receive care. It stipulates that consent for the primary purpose may therefore be implied, albeit with certain qualifications. Moreover, where consent is required, the provisions of the Code allow that “the conveyance of generic information is a reasonable means of providing knowledge” in most circumstances, which means that this requirement is unlikely to create unreasonable burdens that would diminish rather than strengthen the therapeutic relationship. Finally, the CMA Code limits itself to issues of principle concerning patient access to their records; Bill C-6, by specifying that requests must be in writing, could in fact be creating a barrier to patient access or an undue burden upon the patient-physician relationship as there may be instances when an informal request would be quite appropriate. C. Knowledge of Purpose Prior to Collection Bill C-6 Bill C-6 is ambiguous in its provisions relating to whether or not a person should know the purposes for which information will be used prior to disclosure. This is due in part to the use of the term “knowledge and consent” as one concept rather than distinguishing the knowledge requirement from the consent requirement. What a person should know in relation to the purposes for which information might be used or disclosed, prior to its being given, is distinct conceptually from whether the person must consent before information can be used or disclosed for a particular purpose. Schedule 1 of the Bill contains a number of principles. For the purposes of this Brief the schedule will be referred to in terms of the principles (and their subparagraphs). Principle 2 addresses the identification of purposes for which information will be used or disclosed. Provided a purpose is identified it becomes a legitimate purpose (this Brief recognizes that the addition of the “reasonable person” clause in 5(3) takes precedence and provides some grounds for distinguishing legitimate and illegitimate purposes). Subparagraph 3 states that the identified purposes should be specified at or before the time of collection. Section 5(2) of the Bill states that the use of ‘should’ in schedule 1 indicates a recommendation and does not impose an obligation. Therefore, according to subparagraph 3, it is recommended but is not obligatory that disclosure occur. On the other hand, principle 3 addresses consent and appears to impose an obligation by stating that the knowledge and consent of the individual are required for the collection, use, or disclosure of personal information, except where inappropriate. Similarly subparagraph 2 appears to create something of an obligation by stating, “organizations shall make a reasonable effort to ensure that the individual is advised of the purposes for which the information will be used.” Section 7(1)(a) permits the collection of information without knowledge and consent when collection is clearly in the interests of the individual and consent cannot be obtained. The intent of this section could be made clearer, particularly in terms of who determines the “interests of the individual.” Otherwise this exception could give undesirable licence to collect without knowledge or consent. The provision in section 7(1)(b) is more problematic. This section appears to favour withholding knowledge from an individual if such knowledge would compromise accuracy, defeat the purpose for collection or prejudice the use. In some instances it may well be that, if an individual is provided with knowledge of the purposes for which information is collected and the uses to which it will be put, he or she may choose to withhold information rather than disclose it, and in doing so would clearly compromise accuracy, defeat the purpose for collection or prejudice the use to which the information will be put. This is contrary to principle 4.4.2, which recognizes that information should not be collected by misleading or deceiving individuals. The intent of this section should be far clearer and circumscribed in such a way as to make it clear that it is not permissible to withhold knowledge or not seek consent simply on the basis that if a person had knowledge they would not wish to disclose information. Section 7(1)(c) allows collection without knowledge or consent for journalistic, artistic or literary purposes. This provision is totally inappropriate in the case of health information. CMA Health Information Privacy Code The CMA Health Information Privacy Code is considerably more restrictive that Bill C-6. It recognizes that, in the therapeutic context, health information is confided or collected under the patient’s presumption that it is necessary to meet his or her therapeutic needs. The potential that health information may be subsequently collected, used, disclosed or accessed for other purposes without patient consent should be made known to patients before information is confided or collected for the primary therapeutic purpose. Moreover, it is not acceptable to withhold knowledge from patients deliberately out of concern that knowledge could inhibit them from confiding important information fully and truthfully. The CMA Health Information Privacy Code limits the nonconsensual collection of health information to circumstances where it is either permitted or required by legislation or ordered or decided by a court of law. In addition, the CMA Code gives explicit direction to legislators with respect to the conditions under which legislation should permit or require health information collection (see section 3.6 of CMA Code). In the case of nonconsensual collection, the following conditions are stipulated: 1. The right of privacy has to be violated because the purposes could not be met adequately if patient consent is required; and 2. The importance of the purposes must be demonstrated to justify the infringement of the patient’s right of privacy in a free and democratic society. D. Use Without Knowledge Or Consent Bill C-6 Once information has been collected and despite the limits, inadequate though they be, placed on collection without knowledge or consent, it can be put to even greater use than for the purposes for which it has been collected (with or without knowledge or consent). Section 7(2) opens up dramatically the uses to which collected information may be put without either knowledge or consent. At a minimum, and with little additional administrative effort, the enumerated grounds of section 7(2) (and 7(3) should be made known to an individual prior to their disclosure of information, which would be in keeping with the principle of openness and explicitness. Section 7(2)(a) allows use in connection with the investigation of an offence. In the medical context this could be problematic, particularly if it is interpreted to impose an obligation. Generally, there is no obligation to assist in the investigation of an offence, and indeed the fiduciary duty between patient and physician and the duty of confidentiality owed to the patient by the physician would suggest that physicians not offer information, despite its usefulness. Section 7(2)(b) recognizes emergency situations. However, as worded, section 7(2)(b) would allow access to anyone’s information if it is for the purpose of acting in an emergency threatening the life, health or security of an individual. The implications of this section should be carefully thought through. It is not desirable to give such a broad licence to access anyone’s information on the basis of an emergency. There should be some limiting principle that takes into account the prevailing view that people generally are not required to go to the assistance of others (emergency or otherwise) and that information about oneself is considered worthy of protection against use or disclosure, despite its potential benefit to others (for example, genetic information or HIV or Hepatitis C status). Section 7(2)(c) is very problematic as it permits the use of “identifiable” information for a host of purposes, including statistical and research, when it is impractical to seek consent. Even though the Commissioner must be informed of the use before the information is used the Commissioner has no power to approve or reject the use. If the use is legitimate under the Bill there would be no grounds open to the Commissioner to cause an audit to occur. This section gives significant scope for the secondary use of information that has been collected without knowledge or consent; in the case of health information it is very problematic. CMA Health Information Privacy Code The CMA Code makes a clear distinction between the primary purpose for the collection and use of health information and secondary purposes for its use. The key distinction between these two categories is that primary purposes relates to the provision of the health care benefit sought whereas secondary purposes are ends or aims that are not directly related to the provision of care. The CMA Code divides secondary purposes into two categories: 1. Secondary legislated purposes are those purposes that have been subjected to the legislative test specified in the Code and have subsequently been written into law; 2. Secondary nonlegislated purposes are any other purposes, such as education or research not governed by legislation, that meet the provisions of the CMA Code and the secondary nonlegislative test provided by the Code. The tests that the CMA Code requires of both relate to: 1. Impact on privacy. 2. Impact on the patient-physician relationship, especially confidentiality and trust. 3. Impact on the willingness of patients to disclose information. 4. Impact on patients’ ability to receive care. 5. Evidence of broad public support for the measure. 6. The use will not exploit or compromise the trust of the patient-physician relationship. 7. Patient vulnerability will not be exploited. 8. Under most circumstances patients will be fully informed of the purpose and patient consent will be clearly voluntary. 9. Patient privacy will be intruded upon to the most limited degree possible. 10. Linkage of health information will be restricted and consented to by patients. In other words, the CMA Code does not permit any and all secondary purposes for the use of health information. Rather, it requires justification for the secondary use and assurance that the secondary use will neither impede nor undermine the patient-physician relationship and the provision of health care to the patient. This test is much more privacy protective than the “reasonable person” test the Bill contains in Section 5(3). Moreover, the CMA Code only permits use without consent if it is permitted or required by legislation or when ordered or decided by a court of law. The Advisory Council Report Like the CMA, the Advisory Council Report makes distinctions among various types of uses. The Report calls for legislation to clearly prohibit all secondary commercial use of personal health information (in which respect the Advisory Council takes an even stronger position than the CMA). In addition, the Report recommends that there be provisions regulating secondary uses of non-identifiable health information and that such provisions should address privacy concerns surrounding the degree to which such data might be linked back to an identifiable individual. In this context, the Report recommends that legislation set clear limits on access to and use of health information by third parties outside the health care system. In addition the Report reviews the uses of health information for statistical and research purposes. In connection with research, the Report calls for a number of safeguards and restrictions: 1. Where the data sets used have a higher level of potential identifiability, “the general rule should be informed consent and stringent assurances about privacy protection and security arrangements are necessary before a researcher can have access to personally identifiable information.” 2. The Report recognizes that in some instances it may be impractical to obtain consent from patients. Whether in anonymous or identifiable form, the Report requires that notice be given about the use of the information. In the case of the use of identifiable information, the Report states that the research should be subject to independent ethics review with the onus on the person seeking to use the information without consent to demonstrate that: (a) a tangible public good of significant benefit will result; (b) consent is impossible to secure at a reasonable cost; (c) less identifiable data will not serve the same purpose; and (d) no harm can occur to any person directly or indirectly as a result of this use of his or her personal information. E. Disclosure Without Knowledge Or Consent Bill C-6 The comments found under C. and D. above apply equally here. Section 7(3) adds further instances when collected information can be disclosed to others without knowledge or consent. CMA Health Information Privacy Code In the case of secondary use of health information, the CMA Code takes a far more restrictive approach. As concerns use, disclosure or access, it states: The potential that health information, in whole or in part, may be subsequently collected, used, disclosed or accessed for other purposes without their consent, and what those purposes might be, must be made known to the patient by reasonable means before it is confided or collected for primary purposes. Moreover, the CMA Code recognizes that information disclosed by one organization is collected by another. The Code defines collection to mean: the act of accessing, receiving, compiling, gathering, acquiring or obtaining health information from any source, including third parties, and by any means. It includes information collected from the patient, as well as secondary collection of this information in whole or in part by another provider or user. The collecting organization should be bound by the provisions of the CMA Code, which generally requires consent for use for any purpose and always requires knowledge of the potential purposes that information will or must be put to prior to the information being disclosed. CMA’s Code states: Health information custodians must ensure that third parties privy to health information have adopted this Code or are bound by equivalent provisions. Finally, the CMA Code explicitly recognizes that information can be retrieved from a variety of sources to formulate records. Any and all such practices and the composite form developed are given the same degree of protection as that accorded information collected directly from the patient. F. Consent Bill C-6 In those cases where consent for collection, use or disclosure are required, the provisions in Bill C-6 are inadequate as applied to health care. Schedule 1 distinguishes between express and implied consent. Express consent is not adequately defined and it appears that this is not equivalent to what in health care is called ‘informed consent’. For example, Principle 4.3.2. says that “organizations shall make a reasonable effort to ensure that the individual is advised of the purposes for which the information will be used”. In the health care context, the notion of ‘reasonableness’ with respect to the doctrine of informed consent applies not to the effort to advise or inform (that much is assumed or given) but rather to determinations regarding what information should be provided to the patient. In addition, the application of some of the means described in Principle 4.3.7 by which individuals can give consent, and in particular the ‘negative option’ checkoff box in (b), may be quite problematic in the health care context. The broad scope allowed to implied consent in the Bill is also worrisome as applied to the health care setting. Principle 4.3.6 says “implied consent would generally be appropriate when the information is less sensitive”. However, with implied consent the issue is not the sensitivity of the information but rather the wishes of the patient. It is appropriate to infer consent even when the information is very sensitive provided one has reason to believe this is grounded in the patients wishes; conversely, it is not appropriate to infer consent, even in the case of information deemed not to be sensitive, if there is reason to believe the patient would object if asked explicitly. CMA Health Information Privacy Code The CMA Code furnishes clear definitions for consent: “Consent” means a patient’s informed and voluntary agreement to confide or permit access to or the collection, use or disclosure of his or her health information for specific purposes. For purposes other than the provision of direct care, which is the purpose for which the patient presents in the first place, the consent must always be explicit or express since there is no logical connection between secondary purposes and the desire to achieve care. Therefore inferences cannot be made with any confidence. The Code defines express consent as follows: “Express consent” is given explicitly, either orally or in writing. Express consent is unequivocal and does not require any inference on the part of the provider seeking consent. The CMA Code defines implied consent to disallow the loose use of the term, which is increasing today, to justify access for purposes (secondary purposes in particular) that the patient may not wish to occur: Implied consent arises where agreement may reasonably be inferred from the action or inaction of the individual and there is good reason to believe that the patient has knowledge relevant to this agreement and would give express consent were it sought. The CMA Code also lays out clear rules for the use of the concept of consent and makes clear that consent can be inferred for primary purposes (i.e., the provision of health care to the patient) but not for secondary ones, which require express consent. The Code grounds the notion of implied consent not in the desire to subvert express consent and thereby gain access to information that might otherwise be denied but rather in the wishes of the patient and the importance of providing health care for therapeutic purposes as consistent with those wishes. Advisory Council Report In addition to being more stringent than Bill C-6 about exemptions to consent, the Advisory Council Report also gives greater importance to defining the term clearly and strictly. It says that any legislation concerning health information should: contain a precise definition of free and informed consent, as well as a statement of principle that informed consent should be the basis for sharing personal health information. Although not as precise and emphatic on the subject of consent as is the CMA Health Information Privacy Code, the Report is certainly more so than is Bill C-6. G. Information Flow Within Organizations Bill C-6 Bill C-54 defined use to include “the transfer of personal information within an organization.” Bill C-6 no longer defines use, which leaves it uncertain whether the definition of use quoted above from Bill C-54 would be a reasonable interpretation of Bill C-6. If so, this would create a problem. Interpreting use in this way could have the effect of inappropriately restricting the free flow of information within an organization. In the health care context this is not a reasonable or desirable outcome and would hinder, rather than promotes, the patient’s right of privacy. CMA Code The CMA Code recognizes that the free flow of health information is desirable to the extent that it furthers the provision of the health care benefit sought and that it occurs with patient consent. The Code defines the primary purpose to mean: (i) Primary therapeutic purpose is the initial reason for a patient seeking or receiving care in the therapeutic context, and pertains to the delivery of health care to a particular patient with respect to the presenting health need or problem. It encompasses consultation with and referral to other providers on a need-to-know basis. (ii) Primary longitudinal purpose concerns developing composite health information about a particular patient, such as a detailed medical history, beyond direct application to the presenting health need or problem, in order to enhance ongoing care to that person. The Code goes on to state that: Health information collection, use, disclosure or access for the primary therapeutic and longitudinal purposes may be as extensive as necessary to fulfil these purposes and reflect the high level of trustworthiness and accountability of health professionals in the therapeutic context. And further states that: Security safeguards shall impede as little as possible health information collection, use, access and disclosure for primary purposes. Finally, in addressing consent the Code states: Consent to health information collection, use, disclosure and access for the primary therapeutic purpose may be inferred. Consent to subsequent collection, use, disclosure and access on a need-to-know basis by or to other physicians or health providers for this purpose, and for this purpose alone, may be inferred, as long as there is no evidence that the patient would not give express consent to share the information. The principles in the CMA Code that give effect to the patient’s right to control what happens to his or her information are not incompatible with the free flow of information among members of a health team for the purpose of providing care to the patient. Indeed, they facilitate and enable this flow to the extent this is in keeping with the patient’s wishes. H. Information Protected Bill C-6 The Bill covers “personal information” which is defined to mean “information about an identifiable individual, but does not include the name, title or business address or telephone number of an employee of an oganization.” This definition raises a host of questions: 1. Does the Bill cover information that has been delinked to an identifiable individual but that could be relinked to identify them? 2. Does the Bill only exclude anonymous information - that is, information that could never be relinked to an identifiable individual? And if so, is there an unjustified assumption that information can, in all cases, be rendered truly anonymous? 3. In the case of delinked and anonymous information, who decides that information about an identifiable individual can be rendered delinked or anonymous? The holder of the information or the person to whom the information pertains? 4. Is it accurate or reasonable to assume that people have no interest in information emanating from them once it has been rendered delinked or anonymous? 5. Given that anonymous information is generated from personal information, is the act or process rendering personal information into anonymous form considered a use under the terms of the Bill, and if so does this use require consent? In considering these questions, it is important to keep in mind that the concept of “anonymity” means different things to different people. Moreover, there are no generally used or accepted standards that address what is required to render identifiable information truly anonymous. As a consequence, different people use different standards (of varying degrees of rigour), if they use a standard at all. It is also important to note that, in virtue of sophisticated techniques for identifying individuals from supposedly anonymous information, there is debate about the extent to which true anonymity can ever be achieved or guaranteed. CMA Health Information Privacy Code In light of issues concerning the definition of ‘personal information’ and in the interest of ensuring a thorough scrutiny of information practices, the CMA Code provides a broad definition of health information: Health information means any information about a patient that is confided or collected in the therapeutic context, including information created or generated from this information and information that is not directly or indirectly linked to the provision of health care. It includes all information formats. The CMA Code covers identifiable information, delinked information, anonymous information and any composite form that is produced when health information is linked to other information about the patient. CMA’s research indicates that patients have an interest in their information even when it is in delinked and in anonymous formats. This view has recently received support from a decision of the High Court of Justice in England that is particularly relevant in the context of the commercial use of health information (Source Informatics Ltd. v. Department of Health). The issue arose because a prescription database company sought judicial review of a Department of Health policy document that advised National Health Service GPs and pharmacists not to sell “anonymous” prescribing or dispensing information. The document contained the following analysis: Anonymisation (with or without aggregation) does not, in our view, remove the duty of confidence towards the patients who are the subject of the data. Apart from the risk of identification of a patient despite anonymisation, the patient would not have entrusted the information to the GP or the pharmacist for it to be provided to the data company. The patient would not be aware of or have consented to the information being given to the data company, but would have given it to be used in connection with his care and treatment and wider NHS purposes. Anonymisation of the data (with or without aggregation) would not obviate a breach of confidence. . . .The duty of confidence may in some circumstances be outweighed by the public interest in disclosure. However we have severe reservations that disclosure by GPs or NHS pharmacists of dispensing information to X or other data companies would be argued to be in the public interest. Indeed it might well be contrary to the public interest if the data company is further selling the information on doctors prescribing habits to the pharmaceutical industry. High Court Justice Latham upheld the policy document, arguing that the information in question, though anonymous, was nonetheless confidential. He also argued that consent to its release was necessary and could not be implied, and that the breach of confidentiality involved in selling this information could not be justified as being in the public interest: In my view, it is impossible to escape the logic . . . that the proposal involves the unauthorised use by the pharmacist of confidential information. . . . In my judgement what is proposed will result in a clear breach of confidence unless the patient gives consent, which is not part of the proposal at present. Nor is it suggested that the patient can be said to have given implied consent. . . . I recognize that, for some, the sensitivity, as they see would see it, of the information may be such that they would feel that any use of the information without their consent, would be unconscionable. In other words it would be a breach of trust which they were reposing in the pharmacist. . . I have come to the conclusion that . . . this [is] a type of situation . . . in which there is a public interest in ensuring that confidences are kept. It is important that those who require medical assistance should not be inhibited in any way from seeking or obtaining. As I have indicated, I believe that there may be some patients who will feel very strongly that the pharmacist should not give any information obtained from the prescription without their consent. In view of the fact that there is a growing industry in so-called anonymous health information, it is important to ensure that this information is protected as consistent with the duties of health care providers and the expectation patients have that their providers will keep their information confidential. Advisory Council Report The Advisory Council Report addresses this issue in a number of ways. In making recommendations concerning the definition of health information, the Report calls for legislation that embodies: a clear definition of health information, broad enough to incorporate health information collected in public and private systems and to ensure that equal obligations and penalties apply to both public and private sectors. The Report recognizes a spectrum of data formats: completely anonymous, linked to pseudo-identities, code linked and reidentifiable, completely identifiable. In terms of sensitivity, the Report notes that information that can be re-identified is somewhat more sensitive than completely anonymous data or anonymous data linked to pseudo-identities and that completely identifiable health information is the most sensitive type of health information. The Report also notes that there can be some degree of risk of re-identification of what was believed to be anonymous data through such processes as data matching and the results of analysis using small cells. In this light, the Report recommends that legislation should recognize: A definition of personal health information, which takes into account the spectrum of potential identifiability in the case of health information. Furthermore, in the case of secondary uses of health information, the Report notes that provisions regulating secondary uses of non-identifiable health information must form part of any comprehensive legislation. Such provisions should address privacy concerns surrounding the degree to which data might be linked back to an identifiable individual. The Report raises further issues relating to the use of delinked and anonymous data. The Report notes that there may be group interests and concerns regarding data collected and states: Privacy can also be a concern for groups such as Aboriginal and immigrant communities. These communities worry that research on their members could be released to the media without notice and used in a negative way. This emerging issue is growing in importance and, in the Council’s view, should be a serious consideration in the context of ethical reviews of proposed research projects. It is important to note that, in these instances, it is not the fact that data is linked to an identifiable individual that is of concern. Rather, it is the ability to accumulate, process and dissect information that has ramifications for an individual because they are part of a group segregated and identified by the research. Finally, the Report considers the use of person-oriented data (data linked to individuals in a form where personal identifiers have been replaced by a code) for statistical purposes and notes that this too raises concerns about privacy. The Report notes that: “These concerns have traditionally been seen as a tradeoff against data access for research and analysis in the public interest.” The Report restates this to provide a more positive view of privacy and states: the best way for analysts to maintain the public’s consent to use sensitive (but anonymous) health data is to show the public that privacy, confidentiality and security are being taken seriously. In view of the issues concerning the definition of personal information and in the interest of ensuring maximum scrutiny of practices concerning health information and maximum protection of the right of privacy with respect to health information, CMA recommends: That there be a clear definition of the information being accorded a right of privacy and that this definition, at least in the case of health information, include identifiable information, delinked information, anonymous information and any composite information produced when health information is linked to any information about a person from any other source. I. Individual Access Bill C-6 Bill C-6 restricts the right of individual access to personal information. The grounds for denying access to information are inappropriate in the health care context. CMA Code The CMA Code follows the prevailing case law as it relates to medical records. Primarily this gives patients a right of access to their record in all but very limited circumstances. These circumstances are when there is a significant likelihood of a substantial adverse effect on the physical, mental or emotional health of the patient or substantial harm to a third party. The onus lies on the provider to justify denial of access on these grounds. J. Accuracy and Amendment Bill C-6 Bill C-6 requires that information be as accurate, complete and up-to-date as possible and that it shall not be routinely updated unless this is necessary to fulfil the purpose for its collection. In so far as amendment is concerned, Bill C-6 permits amendment to the record in specified circumstances. CMA Code The CMA Code takes a different approach in light of the nature and purpose of health information. The Code recognizes that the recording of statements of fact, clinical judgements and determinations or assessments should reflect as nearly as possible what has been confided by the patient and what has been ascertained, hypothesized or determined to be true using professional judgement. In terms of amending the record in light of a patient’s request, the CMA Code seeks to preserve the original record but also provide for noting the patient’s concerns. To accommodate both requirements the CMA Code states: Patients who have reviewed their information and believe it to be inaccurately recorded or false have the right to suggest amendments and to have their amendments appended to the health information. K. Sensitivity Bill C-6 Schedule 1 recognizes that medical records have a high level of sensitivity attached. For this reason this information may warrant special attention concerning consent, reasonable expectations, individual access and the degree of security that is appropriate. CMA Code The CMA Code recognizes that, even as all health information is sensitive (when considered against other forms of information about individuals), there are also variations in the level of sensitivity in various aspects of the health record. The CMA Code defines the “sensitivity of health information” to refer to: the patient’s interest in keeping the information secret. It varies according to the nature of the information, its form, and the potential negative repercussions of its collection, use or disclosure on the patient’s interests. Under the Code’s consent provisions it is stated that: Although all health information is sensitive and should be treated as such, the more sensitive the health information is likely to be, given what is known about the circumstances or preferences of the patient, the more important it is to ensure that consent is voluntary and informed. With respect to security the Code states: The development of security safeguards with respect to levels of access for various users shall recognize the differences in the sensitivity of health information and permit access accordingly. Moreover, the Code recognizes that health information is special and therefore requires distinct rules that afford stronger privacy protection not just due to its sensitivity but also to the circumstances of vulnerability and trust under which it is initially confided or collected. These special circumstnaces, which include much more than sensitivity, are outlined in Principle 2 of the Code. Bill C-6, by contrast, fails to consider these other features that make health information a special case. In consequence its provisions are not adquately tailored to the special nature of health information and do not accord it the strong privacy protection it warrants. V. Conclusions The increased capacity to collect, store, transfer, merge and access information, coupled with trends that support increased use of and access to information, have the potential to erode our traditional understanding and protection of privacy and confidentiality. The issues are complex and the choices we must make are difficult. Nevertheless, these issues should be squarely on the table and the choices that we make must be clear, transparent and defensible. Of paramount importance is that the public is not mislead into believing that their information is being protected or kept confidential when in fact it is not. Therefore, even to refer to Bill C-6 as the “Personal Information Protection and Electronic Documents Act” should be the subject of debate. Is the Bill truly about information protection or is it actually about permitting access to information? The approach to rules for information in Bill C-6 is directed toward commerce and appears to have access, and not privacy, as its dominant value, notwithstanding the Bill’s reference to a “right of privacy”. In CMA’s view, the Bill’s approach is inadequate when applied to health information. Based on the evidence, it seems highly likely that the public would also find Bill C-6 inadequate. Bill C-6 was not developed with health information in mind. In consequence there is confusion and uncertainty about its application to the health care context. Even more seriously, however, Bill C-6 fails to recognize that privacy with respect to health information requires stronger or greater protection than other types of information. CMA presents a different approach, an approach that recognizes the special nature of health information; an approach that puts patients first and values privacy and the preservation of the trust and integrity of the patient-physician relationship. This approach appears to be well-grounded in the values that Canadians hold about privacy and would likely enjoy broad public support. In addition, the CMA approach draws support from the Federal Advisory Council Report, which like CMA recognizes the importance of preserving patient privacy and the confidentiality of the health record in an era of increased use of technology. Implicitly, the Report recognizes that the benefits of such technology cannot be realized if public support, based on respect for privacy, cannot be secured. The CMA’s Health Information Privacy Code does what Bill C-6 fails to do. Amending Bill C-6 to incorporate the principles in the CMA Code would ensure adequate privacy protection. In light of the clear deficits in Bill C-6 and the inadequate protection of patient privacy and health information confidentiality, CMA urges this Committee to accept its recommendations and the amendment that incorporates them. Nothing less would give Canadians the high level of privacy protection they desire and deserve when it comes to their health information. VI. Summary of Recommendations That Bill C-6 be amended to incorporate specific provisions relating to health information and that the provisions of the CMA Health Information Privacy Code provide the basis of such provisions; and That any proposed rules for health legislation be subject to the legislative test found in CMA’s Health Information Privacy Code and formulated in light of this process; and That there be a clear definition of the information being accorded a right of privacy and that this definition, at least in the case of health information, include identifiable information, delinked information, anonymous information and any composite information produced when health information is linked to any other information about a person from any other source; and That, at least in connection with health information, the provisions of the Bill apply equally to the public and the private sectors. CMA has drafted an amendment to Bill C-6 (Appendix B) which, if accepted, would achieve all of these recommendations and adequately give Canadians the kind of privacy protection with respect to their health information that they deserve and desire.
Documents
Less detail

Listening to our Patient's Concerns : Comments on Bill C 54 (Personal Information Protection and Electronic Document Act) : Submission to the House of Commons Standing Committee on Industry

https://policybase.cma.ca/en/permalink/policy1980
Last Reviewed
2019-03-03
Date
1999-03-18
Topics
Health care and patient safety
Health information and e-health
Ethics and medical professionalism
  2 documents  
Policy Type
Parliamentary submission
Last Reviewed
2019-03-03
Date
1999-03-18
Topics
Health care and patient safety
Health information and e-health
Ethics and medical professionalism
Text
Over the last year, CMA has become increasingly concerned that debate on the issues concerning health information have been framed in terms of access to information with an attendant erosion of privacy and confidentiality. This one-sided approach comes at a time of expansion in our capacity to collect, store, merge, transfer and access information, coupled with trends both in the health care sector and generally related to the use of information To address these concerns and to ensure that privacy and confidentiality in the medical context are valued, protected and preserved, CMA developed and adopted a Health Information Privacy Code. This Code should form the basis of all legislation governing the collection, use and disclosure of health information. Health information is special by its nature. Rules relating to health information must be developed in recognition of its special nature. Ensuring protection of privacy and confidentiality of the patient record must take precedence over other considerations. Bill C-54 fails to do this. Bill C-54 is written from the perspective of encouraging commerce. It appears to have access to information as its dominant value. CMA considers the world of health care to be very different from that of commerce and consequently requiring distinct rules. Health information use must, in all but exceptional and justifiable circumstances, occur only under the strict control of the patient. The patient must be able to exercise control through voluntary, informed consent. Bill C-54 permits the collection, use and disclosure of information without knowledge or consent on grounds such as expediency, practicality, public good, research, offence investigation, historic importance and artistic purpose. The evident lack of protection accorded health information based on such ground, is unacceptable. The absence of protection undermines the integrity of the patient-physician relationship and has the potential to erode the trust patients have in their physicians - a trust that is essential to patients’ willingness to provide the complete information needed to provide them with care. Moreover, distinctions must be made between a patient’s right to know what can or must happen to health information and the right to consent to such use. Not all purposes for the collection and use of health information are equal. Collection and use beyond the therapeutic context should be subjected to rigorous scrutiny before they are permitted to occur. Bill C-54 fails to make such a distinction and treats all purposes that could be identified for information collection or use as equal. Moreover, the Bill has no mechanism to distinguish legitimate purposes, which should be permitted from illegitimate purposes, which should not. In light of the clear deficits in Bill C-54 and the inadequate protection of patient privacy and health information confidentiality, CMA makes the following recommendations: That Bill C-54 be amended to incorporate specific provisions relating to health information and that the provisions of the CMA Code provide the basis of such provisions; and That the proposed rules for health legislation be subject to the legislative test found in CMA’s Code and formulated in light of this process; and That there be a clear definition of the information being accorded a right of privacy and that this definition, at least in the case of health information, include identifiable information, delinked information, anonymous information and any composite form produced when information is linked to any information about a person from any other source; and That, at least in connection with health information, the provisions of the Bill apply equally to the public and the private sectors. I. Introduction The Canadian Medical Association is the national voice of Canadian physicians. Our mission is to provide leadership for physicians and to promote the highest standard of health and health care for Canadians. The CMA is a voluntary professional organization representing the majority of Canada's physicians and comprising 12 provincial and territorial divisions and 43 affiliated medical organizations. On behalf of its 45,000 members and the Canadian public, CMA performs a wide variety of functions, including addressing the emerging issue of electronic health information and confidentiality and privacy. It is in this capacity that we present our position on Bill C 54, The Personal Information Protection and Electronic Documents Act. CMA commends the government for taking the first, important step of beginning the debate on the protection of personal information. The issues are complex and the interests at stake significant. CMA welcomes the opportunity to provide comments on Bill C-54. CMA hopes that its input will strengthen the Bill by ensuring that patient privacy and the confidentiality of medical records are adequately protected. In preparing this brief CMA has had the benefit of the final report of the federal Advisory Council on Health Infostructure, Canada Health Infoway: Paths to Better Health: Final Report. (“Advisory Council Report”) Where appropriate, CMA cites the findings contained in the report. CMA wishes to underscore the key themes of its brief: A. Health information is special by its nature. Rules relating to health information must be developed in recognition of its special nature. Ensuring protection of privacy and confidentiality of the patient record must take precedence over other considerations. Bill C-54 fails to do this. Bill C-54 is written from the perspective of encouraging commerce. It appears to have access to information as its dominant value. CMA considers the world of health care to be very different from that of commerce and consequently requiring distinct rules. B. Health information use must, in all but exceptional and justifiable circumstances, occur only under the strict control of the patient. The patient must be able to exercise control through voluntary, informed consent. Bill C-54 permits the collection, use and disclosure of information without knowledge or consent on grounds such as expediency, practicality, public good, research, offence investigation, historic importance and artistic purpose. The evident lack of protection accorded health information based on such ground, is unacceptable. The absence of protection undermines the integrity of the patient-physician relationship and has the potential to erode the trust patients have in their physicians - a trust that is essential to patients’ willingness to provide the complete information needed to provide them with care. Moreover, distinctions must be made between a patient’s right to know what can or must happen to health information and the right to consent to such use. C. Not all purposes for the collection and use of health information are equal. Collection and use beyond the therapeutic context should be subjected to rigorous scrutiny before they are permitted to occur. Bill C-54 fails to make such a distinction and treats all purposes that could be identified for information collection or use as equal. Moreover, the Bill has no mechanism to distinguish legitimate purposes, which should be permitted from illegitimate purposes, which should not. This brief will first look at the apparent rationale of Bill C-54 and its potential application to health information. The brief will next describe why CMA considers health information to be special in nature and worthy of special protection. Finally, the brief reviews the difference in approach between Bill C-54 and CMA’s Health Information Privacy Code to illustrate that Bill C-54 provides inadequate protection to patient privacy and health record confidentiality. II. Rationale and Scope of Bill C-54 A. Rational of Bill C-54 The driving force behind Bill C-54 is the support and promotion of electronic commerce. The second part of the Bill is devoted to permitting electronic versions of documents and signatures to be legitimate or ‘originals’ if the provisions of the Act are followed. Part two of the Bill is quite distinct from part one and both parts could stand alone as separate pieces of legislation. Part two simply allows electronic versions of documents and signatures to be recognized as legitimate. On its face, this has little to do with the protection of personal information except to the extent that storage of documents in electronic form provides greater ability to access, link and merge information. Certainly, the Bill appears to draw on this connection by including, in its statement of purpose, the provision of a right of privacy in an era in which technology increasingly facilitates the collection and free flow of information. Part one concerns all forms of information, electronic and otherwise. It gives some protection to personal information by requiring consent in some instances. In CMA’s view, a fundamental difficulty with part one and the Bill in general is that it’s goal is to promote commerce and thus all information is implicitly considered as falling within the ‘commercial’ realm. In the case of health information this is surely not the case or the only consideration. Moreover, this creates a clash of values when applied to a health care system that is a public system. The Advisory Council Report takes a hard line on this issue and states that legislation respecting the privacy protection of health information, “should also contain a clear prohibition against all secondary commercial use of personal health information.” Because all information is subjected to similar rules, there is no attempt within the Bill to distinguish some purposes for collecting information from other purposes. The Bill takes the approach that the purposes should be known and documented. While not stated explicitly, the assumption is that all purposes identified are legitimate and are permitted. CMA has quite a different view when it comes to health information and will expound its view throughout this brief. B. Scope - Application to Medical Records CMA is uncertain whether or to what extent Bill C-54 will apply to health records. The full name of the Act states, in part: An Act to support and promote electronic commerce by protecting personal information that is collected, used or disclosed in certain circumstances.... What are these circumstances? Section 4(1) states that Part 1 (the part protecting personal information) applies in respect of personal information that: (a) the organization collects, uses or discloses in the course of commercial activities; (b) the organization collects, uses or discloses interprovincially or internationally; or (c) is about an employee of the organization and that the organization collects, uses or discloses in connection with the operation of a federal work, undertaking or business. It should further be noted that three years after the Act is in force it will apply equally to activities that occur strictly within the province unless there is legislation in the province that is substantially similar to the Bill (see sections 27(2)(d) and section 30). The first issue is the provision of section 4(1)(a) - collection, use and disclosure in the course of commercial activities. There seems to be an assumption on the part of government that this automatically excludes health records, (although the Act fails to define what is meant by commercial activity). Is this accurate or does the assumption fail to recognize that there is not a clear, unambiguous distinction between what might constitute commercial activity or other activity? There are two points to be made here. The first concerns clarity around where commercial ends and health care begins. Which health care settings that operate for profit are excluded from the Act? This question speaks to the difficulty of delineating what activity is considered health care and what activity is considered commercial. Moreover it recognizes that the increased encouragement to public/private funding of endeavours within the health care sector may make it increasingly difficult to make this distinction; for example in the area of research. The second concerns the movement of health information from the health care setting (recognizing that this is not easily distinguished from the commercial setting) to the commercial setting; for example, health information provided to insurance companies. When health care information is collected in a health care setting and transferred to a commercial setting, which rules apply - Bill C-54 or no rules? In CMA’s view, there is no clear way of distinguishing commercial activity from health care activity in a way that ensures that the health care record is subject to different rules than those pertaining to other records. Moreover, the dilemma for government is that even if such distinction could occur, would it be desirable that health records be subject to no rules? Put in another way, will those organizations that currently collect health care information be entitled to claim that since the information forms part of the health record they are not subject to the provisions of C-54? Under such a regime health care records would be subject to an even lower standard than that provided for information collected in the commercial context. In terms of the provisions of 4(1)(b) - interprovincial and international transfer of information. This appears to apply to all information. In the existing environment and developments such as the “health information highway,” interprovincial transfers of information, the capacity for the central collection and storage of information, mechanisms such as telephone and cable to transfer information and general trends related to population health, it seems likely that interprovincial traffic will grow rather than diminish. The significance of this section, therefore, cannot be underestimated. Finally, the provisions of 4(1)(c) may well contain health information about the employee. In preparing this brief CMA has assumed that the Bill will provide a scheme that applies to some health information. No doubt the extent of the federal governments ability to legislate in this area generally will be the subject of extensive debate. However, CMA has no comment on this debate and provides its opinion in the interests of ensuring that the rules that relate to health information are compatible with preserving the integrity of the patient-physician relationship and the protection of patient privacy and health information confidentiality. CMA considers that the government has an opportunity to provide Canadians with strong privacy rights in health information. Indeed, CMA believes that it is incumbent upon the government to do so. C. Scope - Government Excluded Bill C-54 expressly excludes a large part of government activity from its ambit. While government activity is to some extent governed by the Privacy Act, R.S.C. 1985, P-21, the rules of this act provide less protection than those of Bill C-54. Government should subject itself to at least the same rules that it requires of the private sector in so far as it is a collector and user of information. Moreover, CMA is of the view that government’s practices relating to the collection, storage, merging, transfer and use of health information must be subject to more stringent rules than those found in either the Privacy Act or Bill C-54. The Advisory Council Report also calls for the same rules to apply to the public and private sectors, rules that are more stringent than those found in the Privacy Act or Bill C-54. Therefore, CMA recommends: That, at least in connection with health information, the provisions of the Bill apply equally to the public and the private sectors. III. Considerations Regarding Patient Privacy and Confidentiality: Medical Context Versus Commercial Context A. CMA’s Opinion Over the last year, CMA has become increasingly concerned that debate on the issues concerning health information have been framed in terms of access to information with an attendant erosion of privacy and confidentiality. This one-sided approach comes at a time of expansion in our capacity to collect, store, merge, transfer and access information, coupled with trends both in the health care sector and generally related to the use of information To address these concerns and to ensure that privacy and confidentiality in the medical context are valued, protected and preserved, CMA developed and adopted a Health Information Privacy Code, which is appended to and forms part of this brief. In commenting on this Code the Advisory Council Report notes: The code represents an important contribution to the deliberations of Canadians and legislators on how to safeguard privacy across the health domain. There are a number of principles underpinning the Health Information Privacy Code: 1. The provision of health care to all Canadians irrespective of social circumstances or health status is a highly regarded value in Canadian society. The system is publicly funded and universally accessible. 2. The right of privacy is fundamental to a free and democratic society. 3. Rules relating to health information must recognize its special nature. Health information has a high level of sensitivity, it is confided or collected in circumstances of vulnerability and trust for the primary purpose of benefiting the patient. 4. Physicians now and historically promise that they will keep their patients’ information secret; this is a hallmark of the profession. 5. The patient-physician relationship is one of trust and a central feature of this trust is the belief in patients that information confided in or collected by physicians and other health care providers will be kept secret. 6. Patients believe that the information they disclose or that is gathered as a result of their seeking health care will be used to provide them with health care; uses beyond the provision of health care without knowledge or consent go beyond what a patient’s reasonable expectations were when information was disclosed or gathered and is a breach of the trust patients place in their physicians. 7. Except in very limited circumstances, consent is required for health information collection, use, disclosure or access for any purpose. 8. Information required to provide patients with the health care sought should be readily available to those who require it to provide an aspect of care. 9. Uses of health information for purposes other than the provision of health care to the person seeking care should be subject to rules that: - protect and promote privacy and confidentiality; - generally require express consent; - can be justified according to specific criteria. 10. Patients should know the uses to which their health information is put prior to their disclosure of it. 11. Patients may be reluctant to disclose information if they are concerned about the uses to which the information is put or the persons entitled to access it. B. Public Opinion To determine the public’s view on these issues, CMA commissioned Angus Reid to conduct research in two forms, quantative (survey) and qualitative (focus groups), and has found the following: 1. Patients believe that their health information will be kept confidential and consider this to be important. 2. Patients believe it important to know and control how their health information is shared with others. 3. Patients do not want their health information released to third parties (including governments and researchers) without their knowledge and consent. 4. Patients may have concerns about the release of delinked or anonymous information to third parties without their consent. 5. Patients may be reluctant to confide information as a result of concerns related to its use or disclosure. These findings are consistent with general findings relating to the public’s concerns about privacy and confidentiality. C. The Advisory Council Report The Advisory Council Report relates to the electronic health record. However, given the direction towards the greater use of technology and the underlying principles informing the Advisory Council, CMA believes that the recommendations are generalizable to all health information. A key principle of the Advisory Council is that access by health care professionals should be based on a need-to-know basis under the strict control of the patient. The Council, like CMA calls for scrutiny and justification of secondary uses of health information. The Council is opposed to the use of multipurpose identifiers on the grounds that it becomes too easy for government officials from one department to gain access to a person’s health record or combine a number of records to assemble a comprehensive profile. (Anecdotal evidence suggests that this concern may be justified and that there are insufficient safeguards preventing the flow of health information among government departments) The Council recommends that all governments ensure that they have legislation to address privacy protection specifically aimed at protecting personal health information through explicit and transparent mechanisms. Included in these mechanisms are: * The provision of a precise definition of free and informed consent, as well as a statement of principle that informed consent should be the basis for sharing personal health information; * Any exemption to the requirement of informed consent should be clearly set out in law. More specifically, legislative guidance should be provided on how to balance the right of privacy with the public good for research purposes to implement a coherent and harmonized pan-Canadian system for independent, ethical review. * There should be provisions regulating secondary uses of non-identifiable health information. These provisions should address privacy concern surrounding the degree to which data might be linked back to an identifiable individual. * Legislation should set clear limits on access to and use of health information by third parties outside the health care system. To prevent the serious invasions of privacy that can result from the unrestricted linking of personal health information with other kinds of information on the same individual, the legislation should contain provisions prohibiting the use for any other purpose of unique personal identifiers in health information systems. D. The Approach in Bill C-54 Bill C-54 is inadequate in its protection of health information. The Bill makes a meagre attempt at distinguishing among varying types of personal information and gives no additional protection to information that is highly sensitive (such as health information). The Bill permits the collection, use and disclosure of information without knowledge or consent on grounds such as expediency, practicality, public good, research, offence investigation, historic importance and artistic purposes. In the context of health information, these grounds should be subject to intense scrutiny to determine their relevance and legitimacy. In CMA’s view and according to the tests established in the CMA’s Code, some of these grounds would not withstand such scrutiny. E. Conclusion CMA’s Code offers a template for the protection that should be accorded health information, a template that appears to have some public support and that strives to retain patient confidence in their physicians and the health care system. The Report of the Federal Advisory Council also recognizes that special rules are required for health information. The Council’s Report places strong emphasis on the protection of privacy, recognizes that as a general rule the flow of health information should be on a need-to-know basis and under the control of the patient through the exercise of free and informed consent and requires limits on the secondary use of health information. In CMA’s view, Bill C-54 should incorporate specific rules relating to health information and CMA’s Code should form the basis of these rules. CMA recommends: That Bill C-54 be amended to incorporate specific provisions relating to health information and that the provisions of the CMA Code provide the basis of such provisions. In addition, CMA’s Code provides a test that legislation addressing health information should be subjected to. This test (found in section 3.6 of the CMA Code) states: Any proposed or existing legislation or regulation made under legislative authority that permits or requires health information collection, use, disclosure or access shall be subjected to the following legislative test: (a) There must be demonstration that: (i) a patient privacy impact assessment has been conducted, the analysis has been made public and has been duly considered prior to the introduction of legislation [section 3.5 of the Code provides guidance with respect to the patient privacy impact assessment]; (ii) collection, use, disclosure and access will be limited to the greatest degree possible to ensure that * the collection of health information by persons external to the therapeutic context will neither trade on nor compromise the trust of the patient-physician relationship; * patients are not likely to be inhibited from confiding information for primary purposes; * the ability of physicians to discharge their fiduciary duties to patients will not be compromised; and, * patient vulnerability will not be exploited; (iii) collection, use, disclosure and access will be restricted to what is necessary for the identified purpose(s) and will not impede the confiding or collection of information for primary purposes; (iv) provisions exist for ensuring that patients are provided with knowledge about the purpose(s) and that, subject to 3.6(b), patient consent is clearly voluntary; (v) the means used are proportionate and the collection will be limited to purposes consented to or made known to the patient; (vi) the patient’s privacy will be intruded upon to the most limited degree possible in light of the purpose(s) consented to or made known to the patient; (vii) linkage of the health information will be limited; and (viii) unless clear and compelling reasons exist: * all reasonable steps will be taken to make health information anonymous; and * if it has been demonstrated that making health information anonymous would render it inadequate for legitimate uses, the information will be collected and stored in a deidentified-relinkable format. (b) When nonconsensual collection, use, disclosure or access is permitted or required by legislation or regulation that meets the requirements of the Code, the following conditions must also be met: (i) the right of privacy has to be violated because the purpose(s) could not be met adequately if patient consent is required; and (ii) the importance of the purpose(s) must be demonstrated to justify the infringement of the patient’s right of privacy in a free and democratic society. (c) Any legislative provision or regulation that permits or requires health information collection, use, disclosure or access nonconsensually shall not, without compelling reasons, be applied retroactively to existing health information. In its current form, Bill C-54 would not pass the scrutiny of the test. Consequently, CMA recommends: That the proposed rules for health legislation be subject to the legislative test found in CMA’s Code and formulated in light of this process. IV. Specific Comments on Bill C-54 From the Perspective of CMA’s Health Information Privacy Code This section highlights some key distinctions between the approach taken by Bill C-54 and CMA’s Health Information Privacy Code. The purpose of this section is to illustrate through examples the divergence of approaches taken with the ultimate aim of demonstrating that Bill C-54 is inadequate in the protection it accords health information. A. General Bill C-54 and CMA’s Health Information Privacy Code are based on the Canadian Standards Association’s Model Code for the Protection of Personal Information (CSA Code). Bill C-54 and the CMA Code also augment the CSA Code’s provisions where considered necessary. The need to extend the provisions of the CSA Code demonstrates that the CSA Code, being general in nature, provides inadequate protection to information in many instances. Although Bill C-54 and the CMA Code are based on the CSA Code, each takes a different approach to the ultimate protection accorded information. This divergence demonstrates that there are many ways to resolve issues left unresolved by the CSA Code. In other words, it is not a foregone conclusion that basing provisions on the CSA Code will result in appropriate or adequate protection of information. Rather, resolution of issues requires thought and deliberation and will depend in some measure on the primacy given to certain values. Bill C-54 appears to have given access primacy in the pursuit of commerce, whereas CMA gives privacy protection primacy in the pursuit of the provision of health care in accordance with physicians fiduciary obligations to patients and the integrity of the patient-physical relationship. CMA did not develop its approach in a vacuum. It reviewed and was inspired by the report of the House of Commons Standing Committee on Human Rights and the Status of Persons with Disabilities, entitled Privacy: Where Do We Draw the Line? This report articulates and makes explicit many of the issues that should be informing the current debate on Bill C-54. In addition, the Report of the Advisory Council takes a very different approach to Bill C-54. The Report recognizes the need to pay more than lip service to protecting privacy and confidentiality and recommends specific measures aimed at doing this. B. Information Protected Bill C-54 The Bill covers “personal information” which is defined to mean “information about an identifiable individual that is recorded in any form.” This definition raises a host of questions: 1. Does the Bill cover or not information that has been delinked to an identifiable individual but that could be relinked to identify them? 2. Does the Bill only exclude anonymous information - that is, information that could never be relinked to an indentifiable individual? And if so, is there an unjustified assumption that information can, in all cases, be rendered truly anonymous? 3. In the case of delinked and anonymous information, who decides that information about an identifiable individual can be rendered delinked or anonymous? The holder of the information or the person to whom the information pertains? 4. Is it accurate or reasonable to assume that people have no interest in information emanating from them once it has been rendered delinked or anonymous? CMA Health Information Privacy Code The CMA Code provides a broad definition of health information: Health information means any information about a patient that is confided or collected in the therapeutic context, including information created or generated from this information and information that is not directly or indirectly linked to the provision of health care. It includes all information formats. In addition, the CMA Code covers identifiable information, delinked information, anonymous information and any composite form that is produced when health information is linked to other information about the patient. CMA’s research indicates that patients may have an interest in their information when it is in delinked and anonymous formats. Advisory Council Report The Advisory Council Report addresses this issue in a number of ways. In making recommendations concerning the definition of health information the Report calls for legislation that embodies: a clear definition of health information, broad enough to incorporate health information collected in public and private systems and to ensure that equal obligations and penalties apply to both public and private sectors. The report recognizes a spectrum of data formats: completely anonymous, linked to pseudo-identities, code linked and reidentifiable, completely identifiable. In terms of sensitivity, the Report notes that information that can be re-identified is somewhat more sensitive that completely anonymous data or anonymous data linked to pseudo-identities and that completely identifiable health information is the most sensitive type of health information. The Report also notes that there can be some degree of risk of re-identification of what was believed to be anonymous data through such processes as data matching and the results of analysis using small cells. In this light, the Report recommends: A definition of personal health information, which takes into account the spectrum of potential identifiability in the case of health information. Furthermore, in the case of secondary uses of health information, the Report notes that provisions regulating secondary uses of non-identifiable health information must form part of the legislation. Such provisions should address privacy concerns surrounding the degree to which data might be linked back to an identifiable individual. The Report raises further issues relating to the use of delinked and anonymous data. The Report notes that there may be group interests and concerns regarding data collected and states: Privacy can also be a concern for groups such as Aboriginal and immigrant communities. These communities worry that research on their members could be released to the media without notice and used in a negative way. This emerging issue is growing in importance and, in the Council’s view, should be a serious consideration in the context of ethical reviews of proposed research projects. It is important to note that in these instances it is not the fact that data is linked to an identifiable individual that is of concern. Rather, it is the ability to accumulate, process and dissect information that has ramifications for an individual because they are part of a group segregated and identified by the research. Finally, the Report considers the use of person-based data but not people’s names, for statistical purposes and notes that this too raises concerns about privacy. The Report notes that: “These concerns have traditionally been seen as a tradeoff against data access for research and analysis in the public interest.” The Report restates this to provide a more positive view of privacy and states: “the best way for analysts to maintain the public’s consent to use sensitive (but anonymous) health data is to show the public that privacy, confidentiality and security are being taken seriously.” Recommendation That there be a clear definition of the information being accorded a right of privacy and that this definition, at least in the case of health information, include identifiable information, delinked information, anonymous information and any composite form produced when information is linked to any information about a person from any other source. C. Knowledge of Purpose Prior to Collection Bill C-54 Bill C-54 is ambiguous in its provisions relating to whether or not a person should know the purposes for which information will be used prior to disclosure. This is due in part to the use of the term “knowledge and consent” as one concept rather than distinguishing the knowledge requirement from the consent requirement. What a person should know in relation to the purposes information might be used or disclosed for, prior to its being given is distinct conceptually from whether the person must consent before information can be used or disclosed for a particular purpose. Schedule 1 of the Bill contains a number of principles. For the purposes of this brief the schedule will be referred to in terms of the principles (and their subparagraphs). Principle 2 addresses the identification of purposes that information will be used or disclosed for. Provided a purpose is identified it becomes a legitimate purpose under the Bill. Subparagraph 3 states that the identified purposes should be specified at or before the time of collection. Section 5(2) of the Bill states that the use of ‘should’ in schedule 1 indicates a recommendation and does not impose an obligation. Therefore, according to subparagraph 3, it is recommended but is not obligatory that disclosure occur. On the other hand, principle 3 addresses consent and appears to impose an obligation by stating that the knowledge and consent of the individual are required for the collection, use, or disclosure of personal information, except where inappropriate. Similarly subparagraph 2 appears to create something of an obligation by stating, “organizations shall make a reasonable effort to ensure that the individual is advised of the purposes for which the information will be used.” The relationship between these sections should be clarified and made consistent. CMA is pleased to note that principle 3 has been modified to define when, and only when, organizations may collect information without knowledge or consent. Section 7(1)(a) permits the collection of information without knowledge and consent when collection is clearly in the interests of the individual and consent cannot be obtained. The intent of this section could be made clearer, particularly in terms of who determines the “interests of the individual.” Otherwise this exception could give undesirable license to collect without knowledge or consent. The provision in section 7(1)(b) is more problematic. This section appears to favour withholding knowledge from an individual if such knowledge would compromise accuracy, defeat the purpose for collection or prejudice the use. In some instances it may well be that if an individual is provided with knowledge of the purposes for which information is collected and the uses to which it will be put, they may choose to withhold information rather than disclose it, and in doing so would clearly compromise accuracy, defeat the purpose for collection or prejudice the use the information will be put to. This is contrary to the principle found in principle 4.1 which recognizes that information should not be collected by misleading or deceiving individuals. The intent of this section should be far clearer and circumscribed in such a way as to make it clear that it is not permissible to withhold knowledge or not seek consent simply on the basis that if a person had knowledge they would not wish to disclose information. Section 7(1)(c) allows collection without knowledge or consent for journalistic, artistic or literary purposes. This provision is totally inappropriate in the case of health information. CMA Health Information Privacy Code The CMA Code is considerably more restrictive that Bill C-54. It recognizes that in the therapeutic context, health information is confided by or collected from patients under the patient presumption that it is necessary to meet his or her therapeutic needs. CMA also believes that the potential that health information may be subsequently collected, used, disclosed or accessed for other purposes without patient consent should be made known to patients before information is confided or collected for the primary therapeutic purpose. CMA further notes that it is not acceptable to withhold knowledge from patients deliberately out of concern that knowledge could inhibit them from confiding important information fully and truthfully. CMA limits the circumstances the nonconsensual collection of health information to those: 1. Permitted or required by legislation; 2. When ordered or decided by a court of law. Moreover, the CMA gives explicit direction to legislators with respect to the conditions under which legislation should permit or require health information collection (see section 3.6 of CMA Code). In the case of nonconsensual collection, the following conditions are stipulated: 1. The right of privacy has to be violated because the purposes could not be met adequately if patient consent is required; and 2. The importance of the purposes must be demonstrated to justify the infringement of the patient’s right of privacy in a free and democratic society. While Bill C-54 is clearly enabling the collection of information, it does not, in CMA’s opinion put sufficient emphasis on or provide protections that preserve privacy and confidentiality, especially in the medical context. D. Use Without Knowledge Or Consent Bill C-54 Once information has been collected and despite the, albeit inadequate, limits placed on collection without knowledge or consent, it can be put to even greater use than the purposes it has been collected for with or without knowledge or consent. Section 7(2) opens up dramatically the uses to which collected information may be put without either knowledge or consent. At a minimum and without little additional administrative effort, the enumerated grounds of section 7(2) (and 7(3))should be made known to an individual prior to their disclosure of information, which would be in keeping with the principle of openness and explicitness. Section 7(2)(a) allows use in connection with the investigation of an offence. In the medical context this might be problematic particularly if it is interpreted to impose an obligation. Generally, there is no obligation to assist in the investigation of an offence and indeed the fiduciary duty between patient and physician and the duty of confidentiality owed to the patient by the physician would suggest that physicians not offer information despite its usefulness. Section 7(2)(b) recognizes emergency situations. However, as worded, section 7(2)(b) would allow access to anyone’s information if it is for the purpose of acting in respect of an emergency threatening the life, health or security of an individual. The implications of this section should be carefully thought through. Do we really intend to give such a broad licence to access anyone’s information on the basis of an emergency. In CMA’s view there should be some limiting principle that takes into account the prevailing view that people generally are not required to go to the assistance of others (emergency or otherwise) and that information about oneself is considered worthy of protection against use or disclosure despite its potential benefit to others for example, genetic information or HIV, Hepatitis C status. Section 7(2)(c) is very problematic as it permits the use of “identifiable” information for a host of purposes, including statistical and research, when it is impractical to seek consent. Even though the Commissioner must be informed of the use before the information is used the Commissioner has no power to approve or reject the use, and since the use is legitimate under the Bill provided the Commissioner has been notified there would be no grounds open to the Commissioner to cause an audit to occur. This section gives significant scope to use information that has been collected without knowledge or consent and certainly in the case of health information is problematic. CMA Health Information Privacy Code The CMA Code makes a clear distinction between the primary purpose for the collection and use of health information and secondary purposes for its use. The key distinction between these two categories is that primary purposes relates to the provision of the health care benefit sought whereas secondary purposes are ends or aims that are not directly related to the provision of care. The CMA Code divides secondary purposes into two categories: 1. Secondary legislated purposes, those purposes that have been subjected to the legislative test specified in the Code and have subsequently been written into law; 2. Secondary nonlegislated purposes are any other purposes, such as education or research not governed by legislation, that meet the provisions of the CMA Code and the secondary nonlegislative test provided by the Code. The tests that CMA requires both to go through relate to: 1. Impact on privacy. 2. Impact on the patient-physician relationship, especially confidentiality and trust. 3. Impact on the willingness of patients to disclose information. 4. Impact on patients’ ability to receive care. 5. Evidence of broad public support for the measure. 6. The use will not exploit or compromise the trust of the patient-physician relationship. 7. Patient vulnerability will not be exploited. 8. Under most circumstances patients will be fully informed of the purpose and patient consent will be clearly voluntary. 9. Patient privacy will be intruded upon to the most limited degree possible. 10. Linkage of health information will be restricted and consented to by patients. In other words, CMA is not satisfied that any and all secondary purposes for the use of health information should be permitted. Rather, CMA seeks justification for the secondary use and assurance that the secondary use will neither impede nor undermine the patient-physician relationship and the provision of health care to the patient. Moreover, the CMA Code only permits use without consent if it is permitted or required by legislation or when ordered or decided by a court of law. The Advisory Council Report Like CMA, the Advisory Council Report makes distinctions among various types of uses. The report calls for legislation to clearly prohibit all secondary commercial use of personal health information. In addition, the Report recommends that there be provisions regulating secondary uses of non-identifiable health information and that such provisions should address privacy concerns surrounding the degree to which such data might be linked back to an identifiable individual. In this context, the Report recommends that legislation set clear limits on access to and use of health information by third parties outside the health care system. In addition the Report reviews the uses of health information for statistical and research purposes. The Report’s findings with respect to statistical use have already been discussed. In connection with research, the Report calls for a number of safeguards and restrictions: 1. Where the data sets used have a higher level of potential identifiability, “the general rule should be informed consent and stringent assurances about privacy protection and security arrangements are necessary before a researcher can have access to personally identifiable information.” 2. The Report recognizes that in some instances it may be impractical to obtain consent from patients. Whether in anonymous or identifiable form the Report requires that notice be given about the use of the information in either form. In the case of the use of identifiable information, the Report states that the research should be subject to independent ethics review with the onus on the person seeking to use the information without consent to demonstrate that: (a) a tangible public good of significant benefit will result; (b) consent is impossible to secure at a reasonable cost; (c) less identifiable data will not serve the same purpose; and (d) no harm can occur to any person directly or indirectly [note the above discussion on group privacy] as a result of this use of his or her personal information. E. Disclosure Without Knowledge Or Consent Bill C-54 The comments found under C. and D. above apply equally here. Section 7(3) adds further instances when collected information can be disclosed to others without knowledge or consent. CMA Code In the case of health information CMA takes a far more restrictive approach. In the case of use, disclosure or access the CMA Code states: The potential that health information, in whole or in part, may be subsequently collected, used, disclosed or accessed for other purposes without their consent, and what those purposes might be, must be made know to the patient by reasonable means before it is confided or collected for primary purposes. Moreover, the CMA Code recognizes that information disclosed by one organization is collected by another. The Code defines collection to mean: the act of accessing, receiving, compiling, gathering, acquiring or obtaining health information from any source, including third parties, and by any means. It includes information collected from the patient, as well as secondary collection of this information in whole or in part by another provider or user. The collecting organization should be bound by the provisions of the CMA Code, which generally requires consent for use for any purpose and always requires knowledge of the potential purposes that information will or must be put to prior to the information being disclosed. CMA’s Code states: Health information custodians must ensure that third parties privy to health information have adopted this Code or are bound by equivalent provisions. Finally, the CMA Code explicitly recognizes that information can be retrieved from a variety of sources to formulate records. Any and all such practices and the composite form developed are given the same degree of protection as that accorded the original data collected by or through the patient. F. Information Flow Within Organizations Bill C-54 Bill C-54 defines use to include, “the transfer of personal information within an organization.” Therefore, to the extent that Bill C-54 restricts the free flow of information it restricts in within an organization. In the health care context this is not a reasonable or desirable outcome. CMA Code The CMA Code recognizes that the free flow of health information is desirable to the extent that it furthers the provision of the health care benefit sought and that it occurs with patient consent. The CMA Code defines the primary purpose to mean: (i) Primary therapeutic purpose is the initial reason for a patient seeking or receiving care in the therapeutic context, and pertains to the delivery of health care to a particular patient with respect to the presenting health need or problem. It encompasses consultation with and referral to other providers on a need-to-know basis. (ii) Primary longitudinal purpose concerns developing composite health information about a particular patient, such as a detailed medical history, beyond direct application to the presenting health need or problem, in order to enhance ongoing care to that person. The Code goes on to state that: Health information collection, use, disclosure or access for the primary therapeutic and longitudinal purposes may be as extensive as necessary to fulfil these purposes and reflect the high level of trustworthiness and accountability of health professionals in the therapeutic context. And further states that: Security safeguards shall impede as little as possible health information collection, use, access and disclosure for primary purposes. Finally, in addressing consent the Code states: Consent to health information collection, use, disclosure and access for the primary therapeutic purpose may be inferred. Consent to subsequent collection, use, disclosure and access on a need-to-know basis by or to other physicians or health providers for this purpose, and for this purpose alone, may be inferred, as long as there is no evidence that the patient would not give express consent to share the information. G. Individual Access Bill C-54 Bill C-54 restricts the right of individual access to personal information. The grounds for denying access to information are inappropriate in the health care context. CMA Code The CMA Code follows the prevailing case law as it relates to medical records. Primarily this gives the patients a right of access to their record in all but very limited circumstances. These circumstances are, if there is a significant likelihood of a substantial adverse effect on the physical, mental or emotional health of the patient or substantial harm to a third party. The onus lies on the provider to justify denial of access. H. Accuracy and Amendment Bill C-54 Bill C-54 requires that information be as accurate, complete and up-to-date as possible and that it shall not be routinely updated unless this is necessary to fulfil the purpose for its collection. In so far as amendment is concerned, Bill C-54 permits amendment to the record in specified circumstances. CMA Code The CMA Code takes a different approach in light of the nature and purpose of health information. The Code recognizes that the “recording of statements of fact, clinical judgements and determinations or assessments should reflect as nearly as possible what has been confided by the patient and what has been ascertained, hypothesized or determined to be true using professional judgement.” In terms of amending the record in light of a patient’s request, the CMA Code seeks to preserve the original record but also note the patient’s concerns. To accommodate both requirements the CMA Code states: Patients who have reviewed their information and believe it to be inaccurately recorded or false have the right to suggest amendments and to have their amendments appended to the health information. I. Sensitivity Bill C-54 In a number of instances Bill C-54 and in particular schedule 1 recognize that medical records have a high level of sensitivity attached. Which in turns warrants special attention concerning consent, reasonable expectations, individual access and implicity, the degree of security that is appropriate. CMA Code The CMA Code seeks to recognize that while all health information is sensitive (when considered against other forms of information about individuals) there are also variations in the level of sensitivity in various aspects of the health record. The CMA Code defines the “sensitivity of health information” to refer to: the patient’s interest in keeping the information secret. It varies according to the nature of the information, its form, and the potential negative repercussions of its collection, use or disclosure on the patient’s interests. Under the Code’s consent provisions it is stated that: Although all health information is sensitive and should be treated as such, the more sensitive the health information is likely to be, given what is known about the circumstances or preferences of the patient, the more important it is to ensure that consent is voluntary and informed. With respect to security the Code states: The development of security safeguards with respect to levels of access for various users shall recognize the differences in the sensitivity of health information and permit access accordingly. V. Conclusions The increased capacity to collect, store, transfer, merge and access information coupled with trends that support increased use of and access to information have the potential to erode our traditional understanding and protection of privacy and confidentiality. The issues are complex and the choices we must make are difficult. Nevertheless, these issues should be squarely on the table and the choices that we make must be clear, transparent and defensible. Of paramount importance is that the public is not mislead into believing that their information is being protected or kept confidential when in fact it is not. Therefore, even to refer to Bill C-54 as the “Personal Information Protection and Electronic Documents Act” should be the subject of debate. Is the Bill truly about information protection or is it actually about permitting access to information? Bill C-54 presents one approach, an approach that values commerce and access. In CMA’s view the approach is totally inadequate when applied to health information. CMA also believes that the public would also find Bill C-54 inadequate. CMA presents a different approach, an approach that values privacy and the preservation of the trust and integrity of the patient-physician relationship. CMA believes that its approach would receive broad public support. Moreover, CMA believes that to the extent the CMA Code presents tests rather than conclusions, these tests should be administered in good faith prior to legislative initiatives related to health information or in the case of secondary usage of health information in general. CMA believes that its approach draws support from the Federal Advisory Council Report, which also recognizes the importance of preserving patient privacy and the confidentiality of the health record in an era of increased use of technology. Implicitly, the Report recognizes that the benefits of such technology cannot be realized if public support, based on assurance of privacy protection, cannot be secured. CMA urges this committee to implement CMA’s recommendations and in doing so provide the type of protection that health information deserves and that Canadians desire. VI. Summary of Recommendations That Bill C-54 be amended to incorporate specific provisions relating to health information and that the provisions of the CMA Code provide the basis of such provisions; and That the proposed rules for health legislation be subject to the legislative test found in CMA’s Code and formulated in light of this process; and That there be a clear definition of the information being accorded a right of privacy and that this definition, at least in the case of health information, include identifiable information, delinked information, anonymous information and any composite form produced when information is linked to any information about a person from any other source; and That, at least in connection with health information, the provisions of the Bill apply equally to the public and the private sectors.
Documents
Less detail

Statement to the Canadian panel on violence against women Ottawa -September, 1992

https://policybase.cma.ca/en/permalink/policy11956
Last Reviewed
2019-03-03
Date
1992-09-15
Topics
Health care and patient safety
Ethics and medical professionalism
  1 document  
Policy Type
Parliamentary submission
Last Reviewed
2019-03-03
Date
1992-09-15
Topics
Health care and patient safety
Ethics and medical professionalism
Text
The CMA is pleased to have this opportunity to address the Canadian Panel on Violence Against Women. As a professional organization with a leadership role in societal issues affecting health, it is both appropriate and important for the CMA to be actively involved in addressing the problems associated with violence. The extremely high incidence of abuse, the associated severe physical, mental and psychological health problems and the significant role played by physicians in recognizing and caring for victims make this a priority for organized medicine. The CMA has significant experience and expertise in this field. In 1984, the CMA General Council passed a resolution stating: "That Health and Welfare Canada and the Provincial Ministries of Health and Education alert the Canadian public to the existence of family violence, including wife assault, child abuse, and elder abuse, and to the services available which respond to these problems, and that organized medicine (through such vehicles as professional journals, newsletters, conferences and formal medical education) alert the physicians of Canada to the problem and that all physicians learn to recognize the signs of family violence in their daily contact with patients and undertake the care and management of victims using available community resources." (Resolution #84-47) The CMA calls the Panel's attention to four major areas of concern: Recognition and Treatment, Education and Training, Protocol Development and Research. 1. Recognition and Treatment: Recognition includes acknowledging the existence and prevalence of abuse and identifying victims of violence. Violence against women is clearly a health issue and one that should be given a very high priority. Statistics indicate that nearly one in eight Canadian women will be subject to spousal violence in her lifetime and that one in five will be a victim of sexual assault. Violence against women is a major determinant of both short -and long-term health problems including traumatic injury, physical and psychological illnesses, alcohol/drug addiction and death. Furthermore, although it is critically important to recognize that abuse crosses all racial and socio-economic boundaries, there are strong indications that certain groups are particularly vulnerable to abusive acts (e.g., pregnant, disabled and elderly women). Recognition includes acknowledging and understanding the social context within which violence occurs. Violence is not an isolated phenomenon, but is part of the much broader issue of societal abuse of women. Physicians are often the first point of contact for patients who have been abused physically, sexually, mentally and/or psychologically. They have a vital role to play in identifying victims and providing treatment and supportive intervention including appropriate referral. Abuse is not always readily apparent, however, and may go undetected for extended periods of time. Numerous studies have shown that both physicians and patients often fail to identify abuse as an underlying cause of symptoms. Such delays can result in devastating and sometimes fatal consequences for patients. Even in those cases where abuse is apparent, both physicians and patients often feel uncomfortable talking openly about the abuse and the circumstances surrounding it. It is the physician's role and responsibility to create a safe and supportive environment for the disclosure and discussion of abuse. Furthermore, the lack of resources for support services or the lack of awareness of what services are available to provide immediate and follow-up care to patients in need may discourage physicians from acknowledging the existence of abuse and identifying victims. It is clear that improvement in the ability and the degree to which victims of abuse are recognized and given appropriate assistance by physicians and other caring professionals in a non-threatening environment is urgently required. Individuals who are abused usually approach the health care system through primary contact with emergency departments or other primary care centres. The care available in such settings is acute, fragmented and episodic. Such settings are not appropriate for the victims of violence. The challenge that we, as physicians, recognize is to be able to provide access in a coordinated way to medical, social, legal and other support services that are essential for the victim of violence. This integration of services is essential at the point of initial recognition and contact. The CMA has been involved with eight other organizations in the Interdisciplinary Project on Domestic Violence (IPVD), the primary goal of which is to promote interdisciplinary co-operation in the recognition and management of domestic violence. 2. Education and Training: The spectrum of abuse is complex; the victims are diverse; expertise in the field is developing. The current system of medical education neither provides health care personnel with the knowledge or skills nor does it foster the attitude to deal adequately with this issue. Some of CMA's divisions have played an active role in this area. For instance, the Ontario Medical Association has developed curriculum guidelines and medical management of wife abuse for undergraduate medical students. It is ,important that there be more involvement by relevant medical groups in developing educational and training programs and more commitment from medical educators to integrate these programs and resources into the curriculum. Programs must be developed and instituted at all levels of medical education in order that physicians can gain the requisite knowledge and skills and be sensitive to the diversity of victims of violence. The CMA believes that the educational programs must result in: 1) understanding of the health consequences of violence; 2) development of effective communication skills; and, 3) understanding of the social context in which violence occurs. Understanding of the social context in which violence occurs will require an examination of the values and attitudes that persist in our society, including a close consideration of the concepts of gender role socialization, sexuality and power. This is required in order to dispel the pervasive societal misconceptions held by physicians and others which act as barriers to an effective and supportive medical response to patients suffering the effects of violence. 3. Development of Protocols: The CMA recognizes the need for more effective management and treatment of the spectrum of problems associated with violence against women. Health care facilities, professional organizations and other relevant groups are challenged to formulate educational and policy protocols for integrated and collaborative approaches to dealing with prevention of abuse and the management of victims of violence. The CMA and a number of its divisions have been active in this area:
In 1985, the CMA prepared and published Family Violence: Guidelines for Recognition and Management (Ghent, W.R., Da Sylva, N.P., Farren, M.E.), which dealt with the signs and symptoms, assessment and management, referral assistance and medical records with respect to wife battering, child abuse and abuse of the elderly;
The Ontario Medical Association published Repons on Wife Assault in January 1991. This document, endorsed by the CMA, examines the problem of wife assault from a medical perspective and outlines approaches to treatment of the male batterer and his family;
The Medical Society of Nova Scotia has developed a handbook entitled Wife Abuse: A Handbook for Physicians, advising on the identification and management of cases involving the battering of women;
The New Brunswick Medical Society has produced a series of discussion papers on violence and in conjunction with that province's Advisory Council on the Status of Women, has produced a graphic poster depicting physical assault on pregnant women as a way of urging physicians to be alert for signs of violence against women; The Medical Society of Prince Edward Island has worked cooperatively with the provincial Department of Health and Social Services and the Interministerial Committee on Family Violence to produce a document entitled Domestic Violence: A Handbook for Physicians. The CMA encourages continued involvement by the medical profession in the development of initiatives such as these and welcomes the opportunity to work in collaboration with other professionals involved in this area. 4. Research The CMA has identified violence against women as a priority health issue. Like rriany other areas in women's health, there is a need for research focusing on all aspects of violence and the associated problems. More specifically, the CMA maintains that there should be more research on the incidence of abuse (particularly as it relates to particular groups), on ways to facilitate the disclosure by victims of abuse and on the effectiveness of educational and prevention programs. The CMA recognizes that the medical profession must show a greater commitment to ending abuse of women and providing more appropriate care and support services to those who are victims of violence. The CMA possesses unique skills and expertise in this area and welcomes the opportunity to work with the Panel on this challenging social and health problem.
Documents
Less detail

Health Care Coverage for Migrants: An Open Letter to the Canadian Federal Government

https://policybase.cma.ca/en/permalink/policy13940
Date
2018-12-15
Topics
Population health/ health equity/ public health
Health systems, system funding and performance
Ethics and medical professionalism
  1 document  
Policy Type
Policy endorsement
Date
2018-12-15
Topics
Population health/ health equity/ public health
Health systems, system funding and performance
Ethics and medical professionalism
Text
Dear Prime Minister Trudeau & Ministers Taylor and Hussen, We are writing to you today as members of the health community to urge your action on a crucial matter pertaining to health and human rights. You will no doubt be aware that the United Nations Human Rights Committee (UNHRC) recently issued a landmark decision condemning Canada for denying access to essential health care on the basis of immigration status based on the case of Nell Toussaint. Nell is a 49-year-old woman from Grenada who has been living in Canada since 1999, and who suffered significant negative health consequences as a result of being denied access to essential health care services. The UNHRC’s decision condemns Canada’s existing discriminatory policies, and finds Canada to be in violation of both the right to life, as well as the right to equality and freedom from discrimination. Based on its review of the International Covenant on Civil and Political Rights, the UNHRC has declared that Canada must provide Nell with adequate compensation for the significant harm she suffered. As well, they have called on Canada to report on its review of national legislation within a 180-day period, in order “to ensure that irregular migrants have access to essential health care to prevent a reasonably foreseeable risk that can result in loss of life”. The United Nations Special Rapporteur has pushed for the same, calling on the government “to protect health-related rights to life, security of the person, and equality of individuals and groups in situations of vulnerability”. Nell is one of an estimated half million people in Ontario alone who are denied access to health coverage and care on the basis of their immigration status, putting their health at risk. As members of Canada’s health community, we are appalled by the details of this case as well as its broad implications, and call on the government to: 1. Comply with the UNHRC’s order to review existing laws and policies regarding health care coverage for irregular migrants. 2. Ensure appropriate resource allocation, so that all people in Canada are provided universal and equitable access to health care services, regardless of immigration status. 3. Provide Nell Toussaint with adequate compensation for the significant harm she has suffered as a result of not receiving essential health care services. For more information on this issue, please see our backgrounder here: https://goo.gl/V9vPyo. Sincerely, Arnav Agarwal, MD, Internal Medicine Resident, University of Toronto, Toronto ON Nisha Kansal, BHSc, MD Candidate, McMaster University, Hamilton ON Michaela Beder, MD, Psychiatrist, Toronto ON Ritika Goel, MD, Family Physician, Toronto ON This open letter is signed by the following organizations and individuals: Bathurst United Church TOPS 1. Arnav Agarwal, MD, Internal Medicine Resident, University of Toronto, Toronto ON 2. Nisha Kansal, BHSc, MD Candidate, McMaster University, Hamilton ON 3. Michaela Beder, MD FRCPC, Psychiatrist, Toronto ON 4. Ritika Goel, MD, Family Physician, Toronto ON 5. Gordon Guyatt, MD FRCPC, Internal Medicine Specialist, McMaster University, Hamilton ON 6. Melanie Spence, RN, Nursing, South Riverdale Community Health Centre, Toronto ON 7. Yipeng Ge, BHSc, Medical Student, University of Ottawa, Ottawa ON 8. Stephen Hwang, MD, Professor of Medicine, University of Toronto, Toronto ON 9. Gigi Osler, BScMed, MD, FRCSC, Otolaryngology-Head and Neck Surgery, Canadian Medical Association, Ottawa ON 10. Anjum Sultana, MPH, Public Policy Professional, Toronto ON 11. Danyaal Raza, MD, MPH, CCFP, Family Medicine, Toronto ON 12. P.J. Devereaux, MD, PhD, Cardiologist, McMaster University, Brantford ON 13. Mathura Karunanithy, MA, Public Policy Researcher, Toronto ON 14. Philip Berger, MD, Family Physician, Toronto ON 15. Nanky Rai, MD MPH, Primary Care Physician, Toronto ON 16. Michaela Hynie, Prof, Researcher, York University, Toronto ON 17. Meb Rashid, MD CCFP FCFP, Family Physician, Toronto ON 18. Sally Lin, MPH, Public Health, Victoria BC 19. Jonathon Herriot, BSc, MD, CCFP, Family Physician, Toronto ON 20. Carolina Jimenez, RN, MPH, Nurse, Toronto ON 21. Rushil Chaudhary, BHSc, Medical Student, Toronto ON 22. Nisha Toomey, MA (Ed), PhD Student, University of Toronto, Toronto ON 23. Matei Stoian, BSc, BA, Medical Student, McMaster University, Hamilton ON 24. Ruth Chiu, MD, Family Medicine Resident, Kingston ON 25. Priya Gupta, Medical Student, Hamilton ON 26. The Neighbourhood Organization (TNO), Toronto, ON 27. Mohammad Asadi-Lari, MD/PhD Candidate, University of Toronto, Toronto ON 28. Kathleen Hughes, MD Candidate, McMaster University, Hamilton ON 29. Nancy Vu, MPA, Medical Student, McMaster University, Hamilton ON 30. Ananthavalli Kumarappah, MD, Family Medicine Resident, University of Calgary, Calgary AB 31. Renee Sharma, MSc, Medical Student, University of Toronto, Toronto ON 32. Daniel Voloshin, Medical Student , McMaster Medical School , Hamilton ON 33. Sureka Pavalagantharajah, Medical Student, McMaster University, Hamilton ON 34. Alice Cavanagh , MD/PhD Student, McMaster University, Hamilton ON 35. Krish Bilimoria, MD(c), Medical Student, University of Toronto, North York ON 36. Bilal Bagha, HBSc, Medical Student, St. Catharines ON 37. Rana Kamhawy, Medical Student, Hamilton ON 38. Annie Yu, Medical Student, Toronto ON 39. Samantha Rossi, MA, Medical Student, University of Toronto, Toronto ON 40. Carlos Chan, MD Candidate, Medical Student, McMaster University, St Catharines ON 41. Jacqueline Vincent, MA, Medical Student, McMaster, Kitchener ON 42. Eliza Pope, BHSc, Medical Student, University of Toronto, Toronto ON 43. Cara Elliott, MD, Medical Student, Toronto ON 44. Antu Hossain, MPH, Public Health Professional, East York ON 45. Lyubov Lytvyn, MSc, PhD Student in Health Research, McMaster University, Burlington ON 46. Michelle Cohen, MD, CCFP, Family Physician, Brighton ON 47. Serena Arora, Medical Student, Hamilton ON 48. Saadia Sediqzadah, MD, Psychiatrist, Toronto ON 49. Maxwell Tran, Medical Student, University of Toronto, Toronto ON 50. Asia van Buuren, BSc, Medical Student, Toronto ON 51. Darby Little, Medical Student, University of Toronto, Toronto ON 52. Ximena Avila Monroy, MD MSc, Psychiatry Resident, Sherbrooke QC 53. Abeer Majeed, MD, CCFP, Family Physician, Toronto ON 54. Oluwatobi Olaiya, RN, Medical Student, Hamilton ON 55. Ashley Warnock, MSc, HBSc, HBA, Medical Student, McMaster University, Hamilton ON 56. Nikhita Singhal, Medical Student, Hamilton ON 57. Nikki Shah, MD Candidate, Medical Student, Hamilton ON 58. Karishma Ramjee, MD Family Medicine Resident , Scarborough ON 59. Yan Zhang, MSc, Global Health Professional, Toronto ON 60. Megan Saunders, MD, Family Physician, Toronto ON 61. Pooja Gandhi, MSc, Speech Pathologist, Mississauga ON 62. Julianna Deutscher, MD, Resident, Toronto ON 63. Diana Da Silva, MSW, Social Worker, Toronto ON Health Care Coverage for Migrants: An Open Letter to the Canadian Federal Government Sign here - https://goo.gl/forms/wAXTJE6YiqUFSo8x1 The Right Honourable Justin Trudeau, Prime Minister of Canada The Honourable Ginette P. Taylor, Minister of Health The Honourable Ahmed D. Hussen, Minister of Immigration, Refugees and Citizenship CC: Mr. Dainius Puras, United Nations Special Rapporteur on the right of everyone to the enjoyment of the highest attainable standard of health Dear Prime Minister Trudeau & Ministers Taylor and Hussen, We are writing to you today as members of the health community to urge your action on a crucial matter pertaining to health and human rights. You will no doubt be aware that the United Nations Human Rights Committee (UNHRC) recently issued a landmark decision condemning Canada for denying access to essential health care on the basis of immigration status based on the case of Nell Toussaint. Nell is a 49-year-old woman from Grenada who has been living in Canada since 1999, and who suffered significant negative health consequences as a result of being denied access to essential health care services. The UNHRC’s decision condemns Canada’s existing discriminatory policies, and finds Canada to be in violation of both the right to life, as well as the right to equality and freedom from discrimination. Based on its review of the International Covenant on Civil and Political Rights, the UNHRC has declared that Canada must provide Nell with adequate compensation for the significant harm she suffered. As well, they have called on Canada to report on its review of national legislation within a 180-day period, in order “to ensure that irregular migrants have access to essential health care to prevent a reasonably foreseeable risk that can result in loss of life”. The United Nations Special Rapporteur has pushed for the same, calling on the government “to protect health-related rights to life, security of the person, and equality of individuals and groups in situations of vulnerability”. Nell is one of an estimated half million people in Ontario alone who are denied access to health coverage and care on the basis of their immigration status, putting their health at risk. As members of Canada’s health community, we are appalled by the details of this case as well as its broad implications, and call on the government to: 1. Comply with the UNHRC’s order to review existing laws and policies regarding health care coverage for irregular migrants. 2. Ensure appropriate resource allocation, so that all people in Canada are provided universal and equitable access to health care services, regardless of immigration status. 3. Provide Nell Toussaint with adequate compensation for the significant harm she has suffered as a result of not receiving essential health care services. For more information on this issue, please see our backgrounder here: https://goo.gl/V9vPyo. Sincerely, Arnav Agarwal, MD, Internal Medicine Resident, University of Toronto, Toronto ON Nisha Kansal, BHSc, MD Candidate, McMaster University, Hamilton ON Michaela Beder, MD, Psychiatrist, Toronto ON Ritika Goel, MD, Family Physician, Toronto ON
Documents
Less detail

Best practices for smartphone and smart-device clinical photo taking and sharing

https://policybase.cma.ca/en/permalink/policy13860
Date
2018-03-03
Topics
Health information and e-health
Ethics and medical professionalism
  1 document  
Policy Type
Policy document
Date
2018-03-03
Topics
Health information and e-health
Ethics and medical professionalism
Text
Clinical photography is a valuable tool for physicians. Smartphones, as well as other devices supporting network connectivity, offer a convenient, efficient method to take and share images. However, due to the private nature of the information contained in clinical photographs there are concerns as to the appropriate storage, dissemination, and documentation of clinical images. Confidentiality of image data must be considered and the dissemination of these images onto servers must respect the privacy and rights of the patient. Importantly, patient information should be considered as any information deriving from a patient, and the concepts outlined therefore apply to any media that can be collected on, or transmitted with, a smart-device. Clinical photography can aid in documenting form and function, in tracking conditions and wound healing, in planning surgical operations, and in clinical decision-making. Additionally, clinical photographs can provide physicians with a valuable tool for patient communication and education. Due to the convenience of this type of technology it is not appropriate to expect physicians to forego their use in providing their patients with the best care available. The technology and software required for secure transfer, communication, and storage of clinical media is presently available, but many devices have non-secure storage/dissemination options enabled and lack user-control for permanently deleting digital files. In addition, data uploaded onto server systems commonly cross legal jurisdictions. Many physicians are not comfortable with the practice, citing security, privacy, and confidentiality concerns as well as uncertainty in regards to regional regulations governing this practice.1 Due to concern for patient privacy and confidentiality it is therefore incredibly important to limit the unsecure or undocumented acquisition or dissemination of clinical photographs. To assess the current state of this topic, Heyns et al. have reviewed the accessibility and completeness of provincial and territorial medical regulatory college guidelines.2 Categories identified as vital and explored in this review included: Consent; Storage; Retention; Audit; Transmission; and Breach. While each regulatory body has addressed limited aspects of the overall issue, the authors found a general lack of available information and call for a unified document outlining pertinent instructions for conducting clinical photography using a smartphone and the electronic transmission of patient information.2 The discussion of this topic will need to be ongoing and it is important that physicians are aware of applicable regulations, both at the federal and provincial levels, and how these regulations may impact the use of personal devices. The best practices supported here aim to provide physicians and healthcare providers with an understanding of the scope and gravity of the current environment, as well as the information needed to ensure patient privacy and confidentiality is assessed and protected while physicians utilize accessible clinical photography to advance patient care. Importantly, this document only focusses on medical use (clinical, academic, and educational) of clinical photography and, while discussing many core concepts of patient privacy and confidentiality of information, should not be perceived as a complete or binding framework. Additionally, it is recommended that physicians understand the core competencies of clinical photography, which are not described here. The Canadian Medical Association (CMA) suggests that the following recommendations be implemented, as thoroughly as possible, to best align with the CMA policy on the Principles for the Protection of Patient Privacy (CMA Policy PD2018-02). These key recommendations represent a non-exhaustive set of best practices - physicians should seek additional information as needed to gain a thorough understanding and to stay current in this rapidly changing field. KEY RECOMMENDATIONS 1. CONSENT * Informed consent must be obtained, preferably prior, to photography with a mobile device. This applies for each and any such encounter and the purpose made clear (i.e. clinical, research, education, publication, etc.). Patients should also be made aware that they may request a copy of a picture or for a picture to be deleted. * A patient's consent to use electronic transmission does not relieve a physician of their duty to protect the confidentiality of patient information. Also, a patient's consent cannot override other jurisdictionally mandated security requirements. * All patient consents (including verbal) should be documented. The acquisition and recording of patient consent for medical photography/dissemination may be held to a high standard of accountability due to the patient privacy and confidentiality issues inherent in the use of this technology. Written and signed consent is encouraged. * Consent should be considered as necessary for any and all photography involving a patient, whether or not that patient can be directly recognized, due to the possibility of linked information and the potential for breach of privacy. The definition of non-identifiable photos must be carefully considered. Current technologies such as face recognition and pattern matching (e.g. skin markers, physical structure, etc.), especially in combination with identifying information, have the potential to create a privacy breach. * Unsecure text and email messaging requires explicit patient consent and should not be used unless the current gold standards of security are not accessible. For a patient-initiated unsecure transmission, consent should be clarified and not assumed. 2. TRANSMISSION * Transmission of photos and patient information should be encrypted as per current-day gold standards (presently, end-to-end encryption (E2EE)) and use only secure servers that are subject to Canadian laws. Explicit, informed consent is required otherwise due to privacy concerns or standards for servers in other jurisdictions. Generally, free internet-based communication services and public internet access are unsecure technologies and often operate on servers outside of Canadian jurisdiction. * Efforts should be made to use the most secure transmission method possible. For data security purposes, identifying information should never be included in the image, any frame of a video, the file name, or linked messages. * The sender should always ensure that each recipient is intended and appropriate and, if possible, receipt of transmission should be confirmed by the recipient. 3. STORAGE * Storing images and data on a smart-device should be limited as much as possible for data protection purposes. * Clinical photos, as well as messages or other patient-related information, should be completely segregated from the device's personal storage. This can be accomplished by using an app that creates a secure, password-protected folder on the device. * All information stored (on internal memory or cloud) must be strongly encrypted and password protected. The security measures must be more substantial than the general password unlock feature on mobile devices. * Efforts should be made to dissociate identifying information from images when images are exported from a secure server. Media should not be uploaded to platforms without an option for securely deleting information without consent from the patient, and only if there are no better options. Automatic back-up of photos to unsecure cloud servers should be deactivated. Further, other back-up or syncing options that could lead to unsecure server involvement should be ascertained and the risks mitigated. 4. Cloud storage should be on a Canadian and SOCII certified server. Explicit, informed consent is required otherwise due to privacy concerns for servers in other jurisdictions. 5. AUDIT & RETENTION * It is important to create an audit trail for the purposes of transparency and medical best practice. Key information includes patient and health information, consent type and details, pertinent information regarding the photography (date, circumstance, photographer), and any other important facts such as access granted/deletion requests. * Access to the stored information must be by the authorized physician or health care provider and for the intended purpose, as per the consent given. Records should be stored such that it is possible to print/transfer as necessary. * Original photos should be retained and not overwritten. * All photos and associated messages may be considered part of the patient's clinical records and should be maintained for at least 10 years or 10 years after the age of majority, whichever is longer. When possible, patient information (including photos and message histories between health professionals) should be retained and amalgamated with a patient's medical record. Provincial regulations regarding retention of clinical records may vary and other regulations may apply to other entities - e.g. 90 years from date of birth applies to records at the federal level. * It may not be allowable to erase a picture if it is integral to a clinical decision or provincial, federal, or other applicable regulations require their retention. 6. BREACH * Any breach should be taken seriously and should be reviewed. All reasonable efforts must be made to prevent a breach before one occurs. A breach occurs when personal information, communication, or photos of patients are stolen, lost, or mistakenly disclosed. This includes loss or theft of one's mobile device, texting to the wrong number or emailing/messaging to the wrong person(s), or accidentally showing a clinical photo that exists in the phone's personal photo album. * It should be noted that non-identifying information, when combined with other available information (e.g. a text message with identifiers or another image with identifiers), can lead to highly accurate re-identification. * At present, apps downloaded to a smart-device for personal use may be capable of collecting and sharing information - the rapidly changing nature of this technology and the inherent privacy concerns requires regular attention. Use of specialized apps designed for health-information sharing that help safeguard patient information in this context is worth careful consideration. * Having remote wipe (i.e. device reformatting) capabilities is an asset and can help contain a breach. However, inappropriate access may take place before reformatting occurs. * If a smartphone is strongly encrypted and has no clinical photos stored locally then its loss may not be considered a breach. * In the event of a breach any patient potentially involved must be notified as soon as possible. The CMPA, the organization/hospital, and the Provincial licensing College should also be contacted immediately. Provincial regulations regarding notification of breach may vary. Approved by the CMA Board of Directors March 2018 References i Heyns M†, Steve A‡, Dumestre DO‡, Fraulin FO‡, Yeung JK‡ † University of Calgary, Canada ‡ Section of Plastic Surgery, Department of Surgery, University of Calgary, Canada 1 Chan N, Charette J, Dumestre DO, Fraulin FO. Should 'smart phones' be used for patient photography? Plast Surg (Oakv). 2016;24(1):32-4. 2 Unpublished - Heyns M, Steve A, Dumestre DO, Fraulin FO, Yeung J. Canadian Guidelines on Smartphone Clinical Photography.
Documents
Less detail

CMA Policy Endorsement Guidelines

https://policybase.cma.ca/en/permalink/policy14021
Date
2018-03-03
Topics
Ethics and medical professionalism
  1 document  
Policy Type
Policy document
Date
2018-03-03
Topics
Ethics and medical professionalism
Text
These Guidelines constitute an implementation tool of seven recommendations and are informed by Guidelines for CMA’s Activities and Relationships with Other Parties (aka CMA’s Corporate Relationships Policy) and CMA’s Advertising and Sponsorship Policy. 1. Scope These Guidelines apply to the Canadian Medical Association (and not to its subsidiaries). As these are Guidelines, exceptions may be necessary from time to time wherein staff may use their discretion and judgment. 2. Definition Endorsement is an umbrella term encompassing “policy endorsement”, “sponsorship1” and “branding”. Policy endorsement includes: (a) CMA considering upon request, non-pecuniary public approval, which may include the use of CMA’s name and/or logo, of an organization’s written policy, on an issue that aligns with CMA policy, where there is no immediate expectation of return; or, (b) CMA adopting the policy of another organization as our policy; or (c) CMA asking another organization to publicly support our policy. 3. Process (a) Criteria: For policy endorsement requests from another organization to endorse their policy2 the following criteria shall be applied: i) we have a policy on the subject-matter and ii) we are actively working on advancing that policy position and iii) the organization has a follow-up action plan associated with its request. (b) Approval: Where policy exists, approval requires a policy staff member (with portfolio responsibility) and the VP of Medical Professionalism, or the policy staff member (with portfolio responsibility) and the Chief Policy Advisor. Where no policy exists, approval of the Board of Directors is required. (c) Annual confirmation: Where CMA adopts the policy of another organization3, CMA staff shall confirm annually, or more frequently if circumstances dictate, that the policy has not been altered by the other organization. (d) Requests: Pursuit of personal endorsement requests are not appropriate. Wherever possible, requests should come from an organization and not an individual. 4. Results (a) Where CMA adopts the policy of another organization, the adopted policy shall become CMA policy, and will include a notation on the document as being an adopted policy of [organization]. (b) All adopted policies will be housed in an accessible searchable database. (c) All requests by organizations for CMA to endorse their policy will be tracked in a central location, along with any response. 1 Sponsorship means, to consider upon request, pecuniary public approval, which may include the use of CMA’s name and/or logo, of an organization’s event (eg., conference), on an issue that is supported by CMA policy or that promotes CMA brand awareness, where there is an immediate expectation of return. 2 That is, part (a) of the definition in Section 2. 3 That is, part (b) of the definition in Section 2.
Documents
Less detail

Drug testing in the workplace (Update 2001)

https://policybase.cma.ca/en/permalink/policy194
Last Reviewed
2018-03-03
Date
2001-05-28
Topics
Ethics and medical professionalism
Pharmaceuticals/ prescribing/ cannabis/ marijuana/ drugs
  1 document  
Policy Type
Policy document
Last Reviewed
2018-03-03
Date
2001-05-28
Replaces
Drug testing in the workplace (1992)
Topics
Ethics and medical professionalism
Pharmaceuticals/ prescribing/ cannabis/ marijuana/ drugs
Text
Health and safety in the workplace continue to be areas of concern to the CMA. The CMA recommends that educational programs on the risks of drug-related impairment to health and safety in the workplace be directed toward labour, management and the public in general. Occupations for which impairment resulting from drug use may constitute a serious hazard should be identified and designated as such. The association recommends that supervisors be trained to refer a worker in a safety-sensitive job for a health assessment if the supervisor has reasonable grounds to suspect impairment of the worker. Workers holding safety-sensitive jobs should be educated to report any departure from their usual state of health as well as any drugs (prescribed or otherwise) being taken to the occupational health physician or, in the absence of such, to the physician of the worker's choice. The CMA is opposed to routine pre-employment drug testing. It recommends that random drug testing among employees be restricted to safety-sensitive positions and undertaken only when measures of performance and effective peer or supervisory observation are unavailable. Drug testing should always be conducted in such a way as to protect confidentiality and should be undertaken with the subject's informed consent (except when otherwise required by law). The idea of drug testing among workers has developed from society's concern over the relation between drug use and impairment, with resultant risks to the worker, fellow workers and the public. Education: Since prevention is the principal and ultimate objective the association recommends that educational programs on the risks of impairment to health and safety in the workplace be directed toward labour, management and the public in general. Illicit drugs are not the only ones that may cause impairment. Certain prescription drugs and even some over-the-counter medications may affect a person's ability to carry out professional functions safely; such effects may vary considerably from one person to another. Alcohol is by far the most common impairing drug implicated in accidents; in addition, the scientific literature contains a growing body of information on impairment and dangers resulting from the use and misuse of various therapeutic medications. Far less is documented or known about the role of illicit drugs in work-related accidents. Safety-sensitive occupations: In most workplaces there are occupations for which impairment may constitute a serious hazard. Such occupations should be identified and designated as such. Workers who hold such safety-sensitive jobs must accept the fact that other workers and the public need to be protected from the hazards of impairment, whether from physical or psychologic ill health or from the use of drugs (over-the-counter, prescription or illicit). Performance assessment of safety-sensitive occupations: The CMA recommends that supervisors be trained to refer a worker in a safety-sensitive job for a health assessment if the supervisor has reasonable grounds (e.g., unsatisfactory performance or observed unusual behaviour) to suspect impairment of the worker. The examining physician may recommend that some tests (including tests for the presence of certain drugs) be carried out under pre-agreed protocols. Workers holding safety-sensitive jobs must be educated to report any departure from their usual state of health as well as any drugs (prescribed or otherwise) they may be taking to the occupational health physician or, in the absence of such, to the physician of the worker's choice. Testing: Any discussion of drug testing must take the following into account: If a quantitative test is to be used to determine impairment a limit must be established beyond which a person is deemed to be impaired. However, since the threshold of impairment varies from one person to another this variation should be taken into account when a worker is being assessed. The tests must be valid and reliable. They must be performed only in laboratories accredited for drug testing. The tests must provide results rapidly enough to be useful in deciding whether the person should continue to work. If different testing procedures are available and the differences between the validity and reliability are not significant the least intrusive alternative should be chosen. The test should be conducted in such a way as to ensure confidentiality and should be undertaken with the subject's informed consent (except when otherwise required by law). Pre-employment testing: The CMA opposes routine pre-employment drug testing for the following reasons: Routine pre-employment drug screening may not objectively identify those people who constitute a risk to society. The mass, low-cost screening tests may not be reliable or valid. The circumstances may not justify possible human rights violations. Random testing: The CMA believes that random drug testing among employees has a limited role, if any, in the workplace. Such testing should be restricted to employees in safety-sensitive positions and undertaken only when measures of performance and effective peer or supervisory observation are unavailable. Role of occupational health services: Occupational health physicians must not be involved in a policing or disciplinary role with respect to employee testing. CMA recommends that employers provide a safe environment for all workers. With the help of experts such as those from national and provincial agencies dedicated to dealing with substance abuse occupational health departments should develop lists of drugs known to cause short-term or long-term impairment, including alcohol. These lists should be posted prominently in the workplace, and workers should be advised that in the event of obvious impairment those involved in safety-sensitive occupations will be asked to undergo medical assessment. If testing for drugs is indicated refusal to submit to testing may result in a presumption of noncompliance with the health requirements of the job. Alcohol impairment should not be tolerated, and legislation should be considered that would set a legal blood alcohol level for safety-sensitive occupations. Breathalyzers or other detection methods could be used if alcohol impairment is suspected in a person holding safety-sensitive occupation. As stated previously, refusal to submit to testing may result in a presumption of noncompliance with the health requirements of the job. These measures should be discussed with labour and management. Labour should be expected to recognize drug-related impairment as a serious health and safety issue, and management should demonstrate its concern by ensuring access to treatment, prevention and educational programs such as employee assistance programs.
Documents
Less detail

Assisted reproduction (Update 2001)

https://policybase.cma.ca/en/permalink/policy197
Last Reviewed
2018-03-03
Date
2001-05-28
Topics
Ethics and medical professionalism
  1 document  
Policy Type
Policy document
Last Reviewed
2018-03-03
Date
2001-05-28
Topics
Ethics and medical professionalism
Text
Like all scientific and medical procedures, assisted human reproduction has the potential for both benefit and harm. It is in the interests of individual Canadians and Canadian society in general that these practices be regulated so as to maximize their benefits and minimize their harms. To help achieve this goal, the Canadian Medical Association (CMA) has developed this policy on regulating these practices. It replaces previous CMA policy on assisted reproduction. Objectives The objectives of any Canadian regulatory regime for assisted reproduction should include the following: (a) to protect the health and safety of Canadians in the use of human reproductive materials for assisted reproduction, other medical procedures and medical research; (b) to ensure the appropriate treatment of human reproductive materials outside the body in recognition of their potential to form human life; and (c) to protect the dignity of all persons, in particular children and women, in relation to uses of human reproductive materials. Principles When a Canadian regulatory regime for assisted reproduction is developed, it should incorporate the following principles: For the regulation of assisted reproduction, existing organizations such as medical licensing authorities, accreditation bodies and specialist societies should be involved to the greatest extent possible. If the legislation establishing the regulatory regime is to include prohibitions as well as regulation, the prohibition of specific medical and scientific acts must be justified on explicit scientific and/or ethical grounds. If criminal sanctions are to be invoked, they should apply only in cases of deliberate contravention of the directives of the regulatory agency and not to specific medical and scientific acts. Whatever regulatory agency is created should include significant membership of scientists and clinicians working in the area of assisted reproduction. Elements of a Regulatory Regime The regulation of assisted reproduction in Canada should include the following elements: Legislation to create a national regulatory body with appropriate responsibilities and accountability for coordinating the activities of organizations that are working in the area of assisted reproduction and for carrying out functions that other organizations cannot perform. The development and monitoring of national standards for research related to human subjects including genetics and reproduction. The regulatory body would work closely with the Canadian Institutes of Health Research, other federal and provincial research granting councils, the National Council on Ethics in Human Research and other such organizations. The development and monitoring of national standards for training and certifying physicians in those reproductive technologies deemed acceptable. As is the case for all post-graduate medical training in Canada, this is appropriately done through bodies such as the Royal College of Physicians and Surgeons of Canada and the College of Family Physicians of Canada. The licensing and monitoring of individual physicians. This task is the responsibility of the provincial and territorial medical licensing authorities which could regulate physician behaviour in respect to the reproductive technologies, just as they do for other areas of medical practice. The development of guidelines for medical procedures. This should be done by medical specialty societies such as the Society of Obstetricians and Gynaecologists of Canada (SOGC) and the Canadian Fertility and Andrology Society (CFAS). The accreditation of facilities where assisted reproduction is practised. There is already in Canada a well functioning accreditation system, run by the Canadian Council on Health Services Accreditation, which may be suitable for assisted reproduction facitilies. Whatever regulatory body is established to deal with assisted reproduction should utilize, not duplicate, the work of these organizations. In order to maximize the effectiveness of these organizations, the regulatory body could provide them with additional resources and delegated powers. Criminalization The CMA is opposed to the criminalization of scientific and medical procedures. Criminalization represents an unjustified intrusion of government into the patient-physician relationship. Previous attempts to criminalize medical procedures (for example, abortion) were ultimately self-defeating. If the federal government wishes to use its criminal law power to regulate assisted reproduction, criminal sanctions should apply only in cases of deliberate contravention of the directives of the regulatory agency and not to specific medical and scientific acts.
Documents
Less detail

Guidelines for CMA's activities and relationships with other parties

https://policybase.cma.ca/en/permalink/policy234
Last Reviewed
2018-03-03
Date
2001-05-28
Topics
Ethics and medical professionalism
  1 document  
Policy Type
Policy document
Last Reviewed
2018-03-03
Date
2001-05-28
Topics
Ethics and medical professionalism
Text
Guidelines for CMA’s Activities and Relationships with Other Parties As the national voice of medicine in Canada, the CMA provides leadership for physicians, promotes the highest standards of health and health care for Canadians and acts as advocate for all Canadian physicians. In the furtherance of its purpose, the CMA conducts a variety of activities and has a variety of relationships with other parties. The CMA’s activities range from policy development to the delivery of products and services to physicians and the public. Its relationships with other parties range from the purchase of goods and services that support operations to partnerships that further or are consistent with its advocacy strategies. The CMA actively seeks out relationships with others in recognition of the benefits these bring in the attainment of the CMA’s purposes. Such benefits may include: - unifying the profession through relations with physician groups, including the divisions and affiliates - enabling a stronger advocacy voice in association with others - enhancing the CMA’s credibility with other parties - providing financial and human resources to support CMA activities - providing skills and capabilities that CMA may not possess - providing additional membership services. Activities or relationships with other parties and products and services produced through the activity or relationship (“activities or relationships”) that undermine the CMA’s reputation of professionalism, independence and quality are to be avoided, not only for their own sake but also because a diminishment of the CMA’s reputation impedes its ability to achieve its purposes. The following principles have been developed to help guide decisions about the kinds of activities CMA undertakes and about its relations with other parties, with the objective of ensuring the integrity and good reputation of the CMA. A process or processes will be developed to implement the principles, which will include the preparation of subdocuments on applying the principles to specific areas; for example, sponsorship, endorsement and coalitions. Principles The CMA should rigorously and actively pursue its laudable ends and seek out relationships with others to attain them with the caveat that activities or relationships that would tarnish the integrity or reputation of CMA or the medical profession or that would diminish the trust placed in them should be avoided. Conformity with CMA’s purpose The activity or relationship should further or support the CMA’s purposes as elaborated in its objects, vision and mission. The CMA’s purposes have been explicitly and widely agreed upon. The CMA holds itself to be, and encourages reliance that it is, an organization that pursues its specified purposes. Activities and relationships that do not further or support the CMA’s purposes have the potential to thwart these purposes in a number of ways, including inadequate accountability, inappropriate use of resources, unconstrained exercise of merely private judgement or inappropriate self-interest. 2. Medical professionalism and ethics The activity or relationship should be consistent with medical professionalism and with CMA’s Code of Ethics. The CMA is an association of physicians. When the CMA acts, it represents the medical profession. The CMA’s actions reflect upon the medical profession. The CMA’s stature and reputation are inextricably linked to the medical profession’s work, the professional stature of its member physicians and the trust Canadians place in their physicians. Engaging in activities or relationships that are inconsistent with medical professionalism and CMA’s Code of Ethics would erode trust in the CMA. Independence The activity or relationship should not undermine the CMA’s independence. To be a credible voice and influence and to be worthy of the trust and confidence of physicians and of the public, the CMA should be, and be seen to be, free of undue influence and in control of the decisions it makes. Undue influence occurs when one is induced to do or not do something that is contrary to what one would otherwise do if left to act freely. Undue influence deprives one of free agency and destroys free will such that it is rendered more the will of another than of one’s own. Activities and relationships that may undermine independence include: activities or relationships that provide revenue or benefit to the CMA such that ongoing dependency on the revenue or benefit impedes independence activities and relationships that create a product or service that is seen to be associated with the CMA but over which the CMA does not have final control or veto or the capacity to extricate itself Consistency with policy The activity or relationship should be consistent with CMA policy. The CMA develops policy in pursuance of its purposes; these should be referred to when making decisions in connection with activities or relationships. Conflicting goals and activities Relationships with parties whose goals or activities directly conflict with the CMA’s objects, mission or vision should be avoided. This does not preclude discussion with others or participation in events for the purposes of obtaining information, monitoring or lobbying. Transparency The terms and conditions of the activity or relationship should be transparent. Transparency promotes an openness to scrutiny and serves to enhance accountability and to discourage relationships or activities that could be considered problematic. The principle is generally applicable except in connection to matters related to competitive advantage, trade secret or a reasonable agreement of confidentiality. Compliance and accountability Processes must be in place to ensure that proposed and ongoing activities or relationships are appropriately reviewed for compliance with and clear accountability for these principles. These include the activities of the secretariat and the corporate subsidiaries.
Documents
Less detail

Federal monitoring of medical assistance in dying regulations

https://policybase.cma.ca/en/permalink/policy13856
Date
2018-02-13
Topics
Ethics and medical professionalism
  1 document  
Policy Type
Response to consultation
Date
2018-02-13
Topics
Ethics and medical professionalism
Text
The Canadian Medical Association (CMA) is pleased to provide input on the proposed regulations of the federal monitoring of Medical Assistance in Dying in Canada. The CMA fully supports the proposed intent of the regulations, in particular, public accountability and transparency and safeguards for vulnerable patient populations. Tracking trends and carrying out research is very important to monitor the implementation and implications of medical assistance in dying. The CMA further supports the intent to provide electronic reporting and guidance documents, and to leverage any synergies between the federal and provincial/territorial governments, especially to prevent duplication and to promote consistency in reporting across the country. The CMA would like to raise the following critical areas for your consideration: 1. Definitions/parameters of terms There continues to be a need to more clearly define several terms to ensure consistency of reporting. For example: a. Who constitutes a “practitioner”? One can argue that there is a broad scope of who is “a medical practitioner or nurse practitioner”. Is it the practitioner who provides MAiD? Or he practitioner who first reads a patient’s request for MAiD? Or is the first practitioner? Or second practitioner who assesses the patient? b. What constitutes a therapeutic relationship (as one of the eight proposed items to be collected about the practitioner)? A therapeutic relationship is not required to access MAiD. This criterion should be removed and if not, given the differences in opinion in the health professions as to what constitutes a therapeutic relationship includes, it should be clearly defined. c. What constitutes a request, a written request, the receipt of a request? If reporting obligations are “triggered” by a patient’s “written request”, at what point is that request actually triggered? The very first practitioner who receives the patient’s written request? Or the practitioner who conducts the eligibility assessment upon receipt of the written request? Or the practitioner who provides the prescription or carries out the procedure? d. On a related point, without clear definitions, any future comparative analysis of research or trends will be difficult as there will be no common starting point. e. There continues to be confusion on how to count or when to start counting the required 10 clear days. There are many reasons why this requires more clarity. 2. Collection and protection of data We applaud Health Canada for further reducing and revising data requirements. We submit, however, that further reductions are required for several reasons, including adherence to privacy best practices that require the collection of the least amount of data necessary to achieve reasonable purposes. In particular: a. In view of the quantity and highly personal and sensitive data that will be collected about patients and practitioners, data sharing agreements should be required; for example, agreements between the federal government and provincial/territorial governments or between researchers and others requesting use of the data to facilitate the appropriate sharing of data. b. Collection of personal information should be limited to what is relevant to the purpose of monitoring medical assistance in dying. Personal information, such as the patient’s full postal code, marital status, or principal occupation is beyond the scope of the eligibility criteria outlined in the legislation and thus beyond the scope of the purpose of monitoring the impact of the legislation. c. Any “characteristics” of the patient should refer only to the eligibility criteria. If other data will be collected beyond that scope, the justification for doing so, and the characteristics themselves, should be clearly outlined. d. The scope of the information collected about the practitioner could be narrowed. As is, it is very broad – a list of eight items – while the Quebec regulations, as a comparator, have only three-four items that must be collected in relation to the physician who administers MAiD. 3. Additional requirements Schedule 4 [section 2(i)] of the proposed regulations requires that the practitioner opine as to whether the patient met, or did not meet, all of the eligibility criteria outlined in the legislation – with two significantly expanded requirements; the requirements that the practitioner: 1) provide an estimate as to the amount of time MAiD shortened the patient’s life; and 2) indicate the anticipated likely cause of natural death of the patient. These additional requirements are beyond the letter and spirit of the legislation and, in many ways, are in direct contradiction to the legislation. The Legislature was not unaware when it drafted the Act that it did not follow other jurisdictions’ criteria requiring either a terminal illness or a prognosis of time within which the practitioner believed the patient would die, e.g., “within the next 6 months”. It is specifically the lack of a timeframe that makes the legislation unique and provides flexibility for both patients and practitioners. By adding these two additional criteria for reporting, in effect, they become additional criteria for eligibility which is, as stated above, beyond the scope, and in contradiction to, the legislation. 4. Lack of clarity of reasons for ineligibility There is a potential for misunderstanding as to whether reasons are required when the patient does not meet the criteria under Schedule 4, section 2(a) – (h). The introduction to section 2 speaks to the practitioner giving an indication as to (a) whether the patient met or (b) did not meet the criteria. However, in the itemized criteria [2(a)-(h)] it only speaks to the practitioner having to provide reasons when the patient meets the criteria (and not when the patient has not met the criteria). It would be helpful to specify that reasons should be required when the patient does and does not meet the criteria. This is also crucial for the publication of the Minister of Health’s annual report requiring that the reasons, and which eligibility criteria were not met, be addressed. Conclusion The CMA recognizes the importance of regulations to capture the provision, collection, use, and disposal of information for the purpose of monitoring MAiD. The CMA cautions against introducing reporting requirements that are beyond the scope of the legislation. As noted in the legislation, practitioners who fail to provide information under the regulations may be found guilty under the Criminal Code and subject to possible imprisonment. It is thus imperative that the federal government drafts clear regulations that respect the legislation, privacy, research ethics, and a de minimus approach. .
Documents
Less detail

12 records – page 1 of 2.