Debates of February 6, 2014 (day 6)
QUESTION 52-17(5): MANAGEMENT OF ELECTRONIC HEALTH RECORDS
Thank you, Mr. Speaker. As I understand it, Bill 4, of course, is before the House and that’s the Health Information Act. What happens, as I’m learning a little more about this, actually it harkens to a question asked to me by a constituent who wanted to know more about electronic health records and how they’re managed from, say, a personal medical record position or perspective.
In the Northwest Territories, if I understand it correctly, we use a program called Wolf. So my question to the Minister of Health and Social Services is: How do we monitor access to this program to know that if you have technical access to the programming, how do we know the appropriate people are only using these files, and what protocols do we have in place to monitor these particular items? Thank you.
Thank you, Mr. Hawkins. The Minister of Health and Social Services, Mr. Abernethy.
Thank you, Mr. Speaker. Around the EMR we actually have a significant number of firewalls and protocols in place to ensure that only people who have access or need to see that information have access to that information. I do know that there are lots of different technical requirements that an individual has to meet in order to get in: passwords, fobs and other items so that the information remains secure and private only to those individuals who need access or have the right to access that information. Thank you.
Thank you. I’ve heard about a complaint that was only observed after the complainant brought it to the attention of Health and Social Services. So I guess what my question would be is: What protocols are in place to ensure that this is being done and monitored without someone having to figure out that their personal files were violated? Thank you.
Thank you. The Member hasn’t shared with me any information on an individual whose rights or information has been violated. I’d certainly like to hear that. We take these types of situations, if they occur, very, very seriously and we’d like to address them, but there are protocols in place to ensure that the information is secure with those protocols. Certainly, we can review them if there’s been an incident and I’d be happy to hear about the incident if the Member would be willing to share it with me. Thank you.
My question was what automatic protocols do we have in place that will inform the system that this violation has taken, or in some cases happened. So I guess without having it to be brought forward by the person who has been… I’ll say potentially their private information has been violated. So that’s the question, not can I sit down with the Minister to talk about this. Thank you.
Thank you. There’s a significant amount of triggers and safeguards, and I’d be happy to share some of the written protocols with the Member if that’s what he’s looking for. Thank you.
Thank you, Mr. Abernethy. Final, short supplementary, Mr. Hawkins.
Thank you, Mr. Speaker. Are there any automatic protocols that brings to the attention of any type of management authority process that informs people that the wrong folks are viewing personal medical files without people having to wait down the road when they realize their personal information has been violated and the only reason the system knows is because they found out about it by accident? Thank you.
Thank you. I haven’t currently or actually haven’t personally used the system, but I will talk to the department and get that additional information provided to the Member. Thank you.
Thank you, Mr. Abernethy. The Member for Hay River South, Mrs. Groenewegen.