23
July 2024 July 2024
Should my organisation use Fax, Email or Post to receive or send patient information?
The simple answer to this question is no, because these methods of communication can put the security and privacy of your patient’s health information at risk and expose your organisation to a potential Data Breach or a Reportable Privacy Breach.
“A data breach happens when personal information is accessed, disclosed without authorisation or is lost. Under the Notifiable Data Breaches scheme, you must be told if a data breach is likely to cause you serious harm.”[1]
The security of patient information being transferred between health service providers is paramount and is a cornerstone of patient relationships and clinical care. Health information by its nature is sensitive and patient data breaches can cause unnecessary patient distress, damage therapeutic relationships and expose healthcare organisations to reputational and financial risk.
The Australian privacy legislation does not prescribe how healthcare organisations should share patient information, however, The Office of the Australian Information Commissioner (OAIC) state that “email is not a secure form of communication and you should develop procedures to manage the transmission of personal information via email”.
Faxing, including eFax solutions, while still used within the health industry is outdated and increasingly unreliable technology. Fax transmissions can be inadvertently sent to a wrong recipient creating at Privacy Breach or a fax may not transmit the full document to the intended recipient leading to a clinical risk exposure as well as wasting administrative time.
There are a range of options that healthcare organisations can use to securely transfer patient information. These include:
In the period July to December 2023 the OAIC reported that health service providers were responsible for more notifiable breaches than any other sector by a factor of two. Data breaches, no matter how small, can result in damaged patient relations, reputational risk and monetary fines.
The risk of a data breach can be minimised by using appropriate technology, having rigorous systems, documented procedures and ongoing staff training so that each team members is aware of how to minimise the risk of patient data being compromised.
The PHN’s Health-e Together Digital Care Toolbox has a range of resources to support healthcare organisations in implementing digital change.
[1] https://www.oaic.gov.au/privacy/your-privacy-rights/data-breaches
Subscribe to our mailing list to get all the latest news updates delivered to your inbox.
The Hunter New England and Central Coast Primary Health Network (PHN) is one of six PHNs to lead a Commonwealth funded initiative to build capacity in primary care providers to recognise, respond, refer and record patients who are experiencing domestic family violence.
The HNECC PHN has been working to reduce the burden of reporting for commissioned service providers by introducing Cemplicity to assist with collecting Participant Reported Experience Measures (PREMs). Cemplicity has recently introduced a handy new feature which will make it easier to share your reporting data with your organisation.
As the data in the PMHC-MDS is used to measure progress towards a provider’s contractual targets, having a method to connect an episode of care to the correct contract is necessary to determine if the program is reaching its goals.