1/44
Looks like no tags are added yet.
Name | Mastery | Learn | Test | Matching | Spaced | Call with Kai | Chat |
|---|
No analytics yet
Send a link to your students to track their progress
Data Protection
Act of protecting information, both sensitive and personal sensitive to unauthorized access and use
Confidentiality
Integrity
Availability
3 Main Attributes of Security
Availability
Main attribute of security
“When is it accessible”
Confidentiality
Main attribute of security
“Who is authorized”
Integrity
Main attribute of security
“Is everything accurate & complete”
Autonomy
Beneficence
Non-Maleficence
Justice
Integrity
5 Ethical Principles
Security
Overall ruled policies, systems, and administrative choices that keep the information safe and determine whether a person can use a system
Protection
Specific resources and measures to determine who can access what specific data/information.
Security are overall policies, systems and administrative choices, while protection are specific resources and measures to determine who can access specific data.
What is the difference between security and protection?
Data Privacy Act of 2012 (RA 10173)
Mandates the protection of individual privacy while ensuring the free flow of information to promote innovation and growth. It regulates all processing of personal data and aligns the Philippines with international data protection standards.
National Privacy Commission (NPC)
The country's independent privacy watchdog mandated to administer, implement, monitor, and ensure compliance of the country with international data protection standards.
Section 12
Section of DPA
Consent is just one of the many other lawful criteria for processing personal info.
Section 13
Section of DPA
Governs rules specifically regarding Sensitive Personal Info.
Data Protection Officer (DPO) (aka Data Privacy Officer (DPO))
Appointment of this is a legal requirement for PICs and PIPs
Personal Information Controllers
PICs
Personal Information Processors
PIPs
Privacy Notice
Meant only to inform data subjects; a clear, transparent public statement detailing the intended purpose of collecting data, as well as how an organization collects, uses, retains, and discloses personal information. It is not equivalent to obtaining consent.
Privacy Consent
Free, specific, and informed indication of will where the data subject allows/agrees that a certain organization can get and process their information. The data subject must agree to the collection and processing of personal info about and/or relating to him/her.
Privacy notice simply informs patients regarding the purpose of collection of their data, while privacy consent obtains permission to collect data.
What is the difference between privacy notice and privacy consent?
Privacy Impact Assessment (PIA)
A process used by PICs/PIPs to evaluate and manage privacy risks regarding a specific program, project, or technology product.
Privacy Management Program (PMP)
A strategic framework designed to embed privacy and data protection into daily operations. It serves as a "Blueprint" or plan of protecting patient data and making sure privacy rules are followed.
Description of personal data.
Purpose for which data will be processed.
Basis for processing, especially when it is not based on consent.
Scope and method of the personal data processing.
Recipients to whom data may be disclosed.
How the recipient gets automatic access and what they are allowed to do with it.
Identity and contact details of the PIC or its representative.
Duration for which data will be stored.
Existence of the rights of the data subjects.
Organizations are strictly required to notify their data subjects regarding the following details:
Contact Tracing
Governed by April 17, 2020 – Department Memorandum No. 2020-0189 (and NPC PHE Bulletin No. 13) containing updated guidelines on contact tracing. Successful tracing relies on mutual trust, and its primary core goal is disease control. Public authorities must balance public safety risks against individual privacy
April 17, 2020
When was contact tracing implemented?
Department Memorandum No. 2020-0189 (NPC PHE Bulletin No 13)
What memorandum implemented contact tracing?
Disease Control
Main goal of contact tracing
Collect only necessary info.
Share only with proper authorities.
Protect patient identity.
Contact Tracing Data Gathering Requirements
Transparency
Legitimate Purpose
Proportionality
Privacy Principles for Public Disclosure
Harassment
Discrimination
Physical Harm
Unbridled public disclosure may cause:
Improved Care Coordination
Improved Population Health Management
Improved Patient Education
3 Major Benefits of Healthcare Technology
Improved Care Coordination
Major Benefit of Healthcare Technology
Streamlines communication and healthcare delivery across teams
Improved Population Health Management
Major Benefit of Healthcare Technology
Enhances systemic tracking and medical interventions.
Improved Patient Education
Major Benefit of Healthcare Technology
Provides better information access for patients.
Expenses
Remote monitoring often a compromise rather than a direct cost-saver
Challenges faced by Healthcare Organizations
Improper use (need further training)
Challenges faced by Healthcare Providers
Violation of patient autonomy
Challenges faced by Patients
Privacy & Security
Sociotechnical
Application Software
Material Devices and Supply Chains
Infrastructures
Individual Health-Related Practices
Interpersonal Relationships
Organizational Policies
8 Current Technology: Issues & Dilemma
Privacy & Security
Current Technology: Issues & Dilemma
Autonomy and transparency are constantly challenged regarding what choices a patient can realistically make
Sociotechnical Health
Current Technology: Issues & Dilemma
Highlights that digital health technologies are never isolated; society = technology. They have mutual dependencies with the social arrangements and human interactions in which they are embedded.
Application Software
Current Technology: Issues & Dilemma
Raises ethical issues regarding effectiveness, usability, inclusiveness, transparency, functioning issues, and direct use of the digital health offering
Material Devices & Supply Chains
Current Technology: Issues & Dilemma
Ethical analyses must account for resource extraction and the reliance on low-wage labor in low-income countries by large corporations.
Infrastructures
Current Technology: Issues & Dilemma
A lack of high-speed internet availability physically precludes certain communities from accessing digital health care.
Individual Health-Related Practices
Current Technology: Issues & Dilemma
Self-tracking applications/mechanisms can cause individuals to self-police their habits based on external social norms.
Interpersonal Relationships
Current Technology: Issues & Dilemma
Social media and digital communication tools/applications dramatically alter public understanding and human interaction.
Organizational Policies
Current Technology: Issues & Dilemma
Digitalization fundamentally alters daily work practices and workflow transitions from analog to digital environments.