Commissioner Applauds Security and Privacy Protection Initiatives for Electronic Health Records System

January 30, 2003

Frank Work, Alberta’s Information and Privacy Commissioner, believes that regular system audits will help ensure patient privacy when paper files are converted into an electronic health records system. Work was commenting on Tuesday’s announcement by Capital Health that the Edmonton region is planning on building an electronic record system for health information.

“Our office has worked closely with all health regions, including Capital Health, to ensure that the privacy of Albertans’ health information is maintained and that strong security features are incorporated into any electronic health system,” Work said today. “Of course Capital Health’s region-wide electronic health record must operate in accordance with the Health Information Act. We are expecting a Privacy Impact Assessment on this initiative, for one thing. For another, if Albertans feel that their health information is being collected, used or disclosed improperly, my Office can investigate and Order compliance with the Act,” Work adds.

The Health Information Act establishes new obligations on custodians to take reasonable steps to establish administrative, technical and physical safeguards to protect health information. The Office of the Information and Privacy Commissioner is available to offer advice, recommendations or assistance to individuals with concerns regarding the handling of their health information whether the records are paper-based or in an electronic format.

The Information and Privacy Commissioner is an independent Officer of the Legislative Assembly. The Commissioner’s mandate includes overseeing the access and privacy provisions of the Freedom of Information and Protection of Privacy Act and the Health Information Act, and to inform and educate the public about access and privacy issues.