Thank you, Mr. Speaker. I have some questions for the Minister of Health and Social Services. Earlier I spoke about the Health Information Act, and the purpose of the Health Information Act is to govern the collection, use, disclosure, and protection of personal health information while balancing the right to personal privacy with a need to deliver healthcare services.
I will not debate the Minister about whether or not the section of the act that applies to privacy impact assessments. I will not debate whether that applies to the health authority amalgamation. I have done that, but the department clearly disagrees with me and the Privacy Commissioner and the Standing Committee on Social Programs.
So I will just ask the Minister: will the department provide assurance to the public and to Members of this House that all of our rights are being properly protected by undertaking a privacy impact assessment as required by law under the Health Information Act? Thank you, Mr. Speaker.
Masi. Minister for Health and Social Services.
Thank you, Mr. Speaker. Mr. Speaker, under the Health Information Act, the Department of Health and Social Services and its authorities are required to complete privacy impact assessments before implementing a change to or implementing new information systems or communications technology that involved collection, use or disclosure of personal health information.
To be clear, Mr. Speaker, there have been no changes to the Department of Health and Social Services Authorities Health Information Systems as a result of system transformation. These systems were in place and utilized by the authorities prior to amalgamation. So under the legislation we are not required to do a privacy impact assessment on the transformation.
Having said that, Mr. Speaker, we do take privacy very seriously in the Department of Health and Social Services and our authorities. We are currently working towards the implementation of one shared Risk Assessment Management Reporting Information System as well as one shared Clinical Information System, and as per the legislation and our due diligence we are doing PIAs on both of those systems that we are implementing. Thank you, Mr. Speaker.
I guess what it comes down to is the department believes that an information system is an electronic information system, a piece of software. I will post on my website my argument against that because clearly the legislation speaks differently to it. So I will take that as a no for now and I will keep fighting this, but I only heard about the Health Information Act because I am a member of the Standing Committee on Government Operations, and now that I know about it I can attest that it is difficult to comprehend.
Our Information and Privacy Commissioner says that it is one of the most complicated and confusing pieces of legislation she has ever seen and she is a lawyer.
Given this, I ask the Minister what has the department done to inform and advise the public of their new rights and obligations under this act?
When the Member raised this before, I clearly take issues of privacy very seriously and I actually had our policy staff as well as legal do an in-depth review of the Health Information Act, and there appears to be a misunderstanding that the changes to the information systems occurred because of system transformation. The fact is there were no changes to the information systems. Whether they are digital systems or non-digital systems, there were not changes to the systems as a result of health transformation. There are changes to systems coming and we are doing the PIAs accordingly as per our terms and conditions.
Mr. Speaker, when the Health Information Act was going through the House, the Information Privacy Commissioner actually had a number of concerns and they focused around the need for policies and training to ensure compliance with the Health Information Act. The need for more public awareness efforts to ensure clients know their rights, the EMR system and its ability to address client consent conditions needs to be clear and understood.
Mr. Speaker, we have moved on all of those recommendations. Additional privacy policies are being developed to address privacy breaches, Privacy Impact Assessments, masking the types of things that need to be done in order to ensure our residents' privacy is protected.
We have training modules that have been conducted throughout the Northwest Territories for staff and we are rolling out more modules all the time and more training to ensure our staff, new staff as well as existing staff, get the appropriate training.
Mr. Speaker, we have over 1,500 brochures that have been distributed and 1,000 notices that have been distributed throughout the Northwest Territories to residents who are accessing our systems. We are working on e-versions of those brochures to get that information out so the information is widely distributed so people know their rights, know when they can say they do not want their information shared.
We are still in the early days, Mr. Speaker, with the Health Information Act, and we can get better and better and better as we go on; and we will.
I just want to clarify something the Minister said. He said there was no information system changes as a result of the amalgamation, the system transformation as it were. Now, was he referring only to the electronic system because what a system is it? Is a way of organizing, collecting, and storing information. It is not necessarily electronic. It could be handwritten, and my understanding was this Health Transformation System, the health transformation was because there was eight authorities with eight different ways of doing things. So are the eight authorities which are now one, are they still doing things differently or did they change the way they are doing things under the system transformation? So I just want to clear that up with the Minister.
To be clear, once again, under the Health Information Act the Department of Health and Social Services are required to complete Privacy Impact Assessments before implementing a change to or implementing a new information system or communications technology that involves, and I think this is the key point, the collection, use, or disclosure of personal health information.
Mr. Speaker, we already had EMR in the Northwest Territories and we were rolling it out throughout the Northwest Territories. We did not change that; that was still the same. With the health amalgamation moving to a single authority we were able to put in place standard protocols for procedure and actions when people present. That is different than dealing with the personal health information. The Health Information Act is dealing with personal health information.
Masi. Oral questions. Member for Hay River North.
Thank you, Mr. Speaker. Moving on, I understand that the act obligates health information custodians, like the health authorities, to ensure that health information is protected. The electronic information system used to collect and store information doesn't have the functionality to shield or protect information from being accessed when an individual requests that information not be made available to a certain custodian.
If you were to put in a request and say I don't want this pharmacy or this pharmacist having access to this information, you have to write a letter to someone at the department and they are supposed to honour that request, yet the system doesn't allow for that. What steps are being taken to ensure that these sort of requests can be honoured in the future? Thank you, Mr. Speaker.
Thank you, Mr. Speaker. Mr. Speaker, the department has actually been working with TELUS to upgrade our EMR to be able to mask or hide client information to address consent conditions brought forward by clients, those individuals who don't want their information seen. Limited masking is currently available in the EMR but there is an upgrade that is currently being installed and tested. It was put in place in September 2016. We are doing some testing on it now that will do exactly what the Member is asking. Thank you, Mr. Speaker.
Masi. Oral questions. Member for Yellowknife North.
