All About Privacy Workshop
September 19, 2023, 12:00 pm to 1:30 pm
We invite you to join DASH's special workshop featuring BC's regional health authorities to explore each of their research privacy review processes and how to access their health data. There will be in-depth discussions around the current privacy review systems across jurisdictions, common misunderstandings, plans for future improvement, as well as an open Q&A session. All researchers, clinicians, students, and staff are welcome to attend.
Registration is free for all interested individuals.
Welcome & Land Acknowledgement
Health Data Privacy Overview
Privacy Review Workflow
|Open Discussion Q&A|
ADDITIONAL FAQ RESPONSES FROM HEALTH AUTHORITY REPRESENTATIVES
Why are there discrepancies in the interpretation and review process between institutions?
- In my opinion, there are discrepancies in the interpretation in legislation as each of the health authorities is its own separate legal entity, with its own legal counsel and privacy officers who each have their own perspective on how that legislation is to be applied. Legislation is intended to have ambiguity in order to account for applications in different environments, so it can’t be too prescriptive. The lens applied would reflect the health authority’s own culture and values, which may be more or less risk-tolerant. With regards to operational reviews, these likely reflect local workflows and data governance processes, which similarly vary across the institutions. - Joleen Wright, Vancouver Coastal Health
Can researchers use non-institutional emails and/or storage platforms to communicate and/or store confidential information?
- The Interior Health Authority's Research Ethics Board discourages the use of non-institutional emails and/or storage platforms. If the researcher wants to use either, they must take extra steps to describe how data will be accessed, stored, and transmitted securely throughout its lifecycle, which is sometimes more than most will expect. Similarly, we have no control over the security of personal computers and devices, so that usually generates a proviso or two. We redirect people to institutional devices, addresses, and storage platforms whenever appropriate. - Dorothy Herbert, Interior Health
Recommended Resources from OIPC
- Getting Ahead of the Curve (report on AI and administrative fairness in public sector)
- Securing Personal Information (security self-assessment for public bodies and private organizations)
- 2014 Special Report - A Prescription for Legislative Reform: Improving Privacy Protection in BC's Health Sector