New IPC guidelines for healthcare workers working from home during the COVID-19 pandemic
The Information and Privacy Commissioner of Ontario released a new access and privacy fact sheet aimed at helping organizations and their staff navigate the “new normal” called “Working from home during the COVID-19 pandemic“.
In her related blog post, Commissioner Kosseim emphasizes that “it is essential that corporate policies and practices related to access, privacy, and security, be adapted, as needed, to ensure continued compliance when working from home.”
It is vital that healthcare organizations have a work from home policy; and if you already have one, you should review and update it as needed to reflect the current situation. Don’t assume that because you had a policy before the pandemic or adopted one at the start of the pandemic that it continues to adequately cover current risks to access, privacy, and security. The IPC is recommending that organizations create a long-term work-from-home strategy with accompanying polices, practices and remote training.
The Fact Sheet offers detailed advice in relation to:
- Communicating with your staff
- Remote access to networks and information
- Technological devices and related software (work-issued devices and personal devices)
- Communicating by email
- Home workspaces
- Paper and other formats of records
- Access to information rights
Need some help?
In the past few months a lot of healthcare organizations have struggled with going virtual and the privacy risks of working from home. I get a lot of questions about using Zoom or other video platforms for virtual health group activities, how to protect staff privacy when working from home, and how to address privacy issues in shared COVID-19 assessment clinics involving multiple community groups all sharing resources and electronic records.
So, I’ve reworked my team privacy training to address these issues and the perennial favourite questions everyone wants answered. The new interactive online 2-hr privacy webinar is designed to get healthcare organizations interested and engaged in privacy and to meet the IPC’s expectations for team training.
Interested in having me sparkle your people with team privacy training? Please contact me.