Module 10 - 1307 - confidentiality

A set of flashcards reviewing key concepts and regulations regarding privacy and information protection in healthcare.

What is FIPPA?

Freedom of Information and Protection of Privacy Act—applies to public sector bodies in BC.

What is PIPA?

Personal Information Protection Act—applies to private and non-profit organizations in BC.

Who do you refer information requests to?

The FOI (Freedom of Information) Coordinator.

What kind of personal info is protected under PIPA?

Any recorded info about an identifiable individual—e.g., medical, demographic, biometric data.

Can you confirm a patient’s identity over the phone?

Only if you’ve verified the caller’s identity. If unsure, don’t confirm or deny anything.

What should you do if you make a mistake in a chart?

Draw a line through it, write 'error,' initial it. Never use whiteout.

When should documentation occur?

As soon as possible after the procedure or assessment.

What time format is used in patient records?

The 24-hour clock (e.g., 1400 = 2:00 PM).

Who owns the patient record?

The hospital owns the record. The patient owns the information.

What must be on every documentation entry?

Your signature and title (e.g., Student Radiographer).

How do you ensure privacy on a phone call?

Speak in private, confirm the caller’s identity, never release contact info.

What is a routine release of info?

Info shared for continuity of care (e.g., test results to a specialist).

What do you do if you’re unsure about releasing info?

Check the hospital’s policy or ask the FOI Coordinator.

What are the three types of consent?

Expressed, implied, and emergency (for unconscious patients).

Who is ultimately responsible for informed consent?

The physician.

What must be explained to obtain informed consent?

Diagnosis, prognosis, treatment, risks/benefits, and alternatives.

What is therapeutic privilege?

When info is withheld to prevent patient distress (e.g., unstable angina).

What should technologists explain to patients?

Procedure steps, expected discomfort, time, positions.

Can a student witness consent?

No, but can co-witness with a hospital employee.

What if a patient refuses to sign consent?

Ask why, explain again, notify physician if refusal continues.

When should consent be obtained?

Before anesthetizing medications are given.

What does FIPPA govern?

Public bodies like hospitals, regarding privacy and info use.

What does PIPA govern?

Private organizations and non-profits handling personal information.

What is EMR?

Electronic Medical Records – secure, digital patient charts.

What are the 3 types of privacy controls?

Administrative, technical, and physical.

Can you use personal email or USBs for patient data?

No – use only secure, hospital-approved systems.

How should mistakes in records be handled?

One line through, write 'error', initial it.

What is the #1 cause of privacy breaches?

Faxing errors.

Should patient info be shared in elevators or cafes?

No – always maintain discretion.

What’s the best way to protect info off-site?

Avoid names on envelopes; ensure two-lock security.