Canadian Healthcare Technology Logo
  • Issues
    • Current Print Issue
    • Print Archive
  • Advertise
    • Publishing Schedule
    • Circulation
    • Unit Sizes and Rates
    • Mechanical Requirements
    • Electronic Advertising
    • White Papers
  • Subscribe
    • Print Edition
    • e-Messenger
    • White Papers
  • Events
  • Vendors
  • About Us

Philips

AGFA 1400x150

Petal Health

Petal Health 1400x150

Telehealth

Safeguarding patient data in an era of accelerated virtual care

By Rosalind Stefanac

April 30, 2021


If there is a silver lining to the pandemic, it’s that virtual care is rapidly becoming a viable and more accessible way to bring healthcare treatment to those who need it most.

According to the Canadian Attitudes on Healthcare and Telemedicine Report released in November 2020, 70 percent of Canadians believe virtual care represents the future, especially as COVID-19 makes it more difficult to access in-person healthcare.

But with the rapid deployment of online healthcare resources comes the increased potential for cybersecurity attacks and expensive privacy breaches. According to the global Center for Internet Security, personal health information is more valuable on the black market than credit card credentials or any other personally identifiable information, with the average cost of a data breach incurred by a healthcare agency at US$355 per patient record.

“Hospitals have been providing some form of virtual interaction with patients in the past, even if it’s through a portal,” said Ira Parghi, a lawyer at Borden Ladner Gervais LLP in Toronto who specializes in information privacy and security issues. But there are a lot of other service providers in healthcare for whom virtual care is “unchartered territory,” she adds.

Parghi said many of these virtual care technologies were rolled out quickly during the pandemic, with little attention to the healthcare providers having to use them.

“When you’re feeling stressed, as many providers are right now, it’s hard because you also need to make sure you’re configuring the technology correctly in the first place, so you’re not accidentally exposing data,” she said. “You also want to make sure your staff feel comfortable with using it properly, so there is a lot to think about.”

Getting staff into cybersecurity courses is one way to help ensure employees keep deploying best practices when using these technologies. But Parghi said it’s important for providers to consider the patient’s perspective in terms of truly understanding what virtual healthcare entails and the inherent risks involved.

To that end, healthcare institutions are encouraged to inform patients ahead of time about the potential risks with virtual care – and to obtain express consent in receiving it. “Now that the widespread rollout has taken place, it’s time to pause and consider potential privacy and security risks and how best to manage and mitigate them.”

To help organizations do just that, the Information and Privacy Commissioner of Ontario recently released new guidelines for virtual care providers, Privacy and Security Considerations for Virtual Healthcare Visits: Guidelines for the Health Sector. The guidelines advise on the steps providers, including frontline physicians and practical nurses, should take in laying the groundwork for enhancing privacy and security in virtual care.

Ontario Health, a government agency focused on making the province’s healthcare system more efficient and patient-centred, said ongoing measures to safeguard privacy include conducting privacy impact assessments and threat risk assessments and developing comprehensive virtual care policies and supporting practices.

“As with face-to-face appointments, patient privacy and health information confidentiality must be protected during a virtual care appointment, and providers must comply with applicable privacy laws,” said Sylvie Gaskin, interim chief privacy officer, Ontario Health. “Patients must be informed they can withdraw their consent at any time while participating in a virtual visit.”

In partnership with the Ministry of Health, Ontario Health also initiated changes to the Ontario Virtual Care Program to support more choices for virtual visit solutions for healthcare providers.

The provincial standard aims to foster confidence that virtual care solutions meet privacy, security and technical requirements. For a virtual solution to be certified, vendors must meet the standard requirements and agree to participate in additional risk-based verification testing with Ontario Health within one year.

Meanwhile, technology providers like Microsoft are advocating for the need to be thoughtful and deliberate in how virtual healthcare technologies are deployed. “There are some places where innovation needs to go quickly, but there are other places where innovation needs to be thoughtful and disciplined as the way forward,” said John Weigelt, national technology officer at Microsoft Canada.

Early on in the pandemic, he said Microsoft decided it would deploy technology solutions during COVID-19 only if they adhered to key privacy principles, such as consent by choice when it comes to data storage and the ability to delete data after its use has been exhausted. “These have really guided all our activities as we move forward and deliver solutions like virtual visits.”

For example, Microsoft provides automated tools that allow customers to get a scorecard reading about how well their security has been implemented. “They can watch it over time, and they can really track their progress in terms of some of these critical items.”

PreviousNext

CHT print

CHT print

e-Messenger

  • Susan Brown out as Interior Health CEO
  • Digital Health announces two new board members
  • Ontario invests in 57 surgical and DI centres
  • Mackenzie Health revalidates its Stage 7 status
  • Private DI/surgical centre opens north of Toronto
More from e-Messenger

Subscribe

Subscribe

Weekly blasts are sent each month, via e-mail, to over 7,000 senior managers and executives in hospitals, clinics and health regions. Learn More

Infoway

Infoway

Zebra

Zebra

Zebra

Zebra

Advertise with us

Advertise with us

Sectra KLAS

Sectra KLAS

Stratford Group

Stratford Group

Pure Storage

Pure Storage

Medirex

Medirex

NIHI

NIHI

CHT print

CHT print

Advertise with us

Advertise with us

Sectra KLAS

Sectra KLAS

Stratford Group

Stratford Group

Pure Storage

Pure Storage

Medirex

Medirex

NIHI

NIHI

Contact Us

Canadian Healthcare Technology
1118 Centre Street, Suite 204
Thornhill, Ontario, Canada L4J 7R9
Tel: 905-709-2330
Fax: 905-709-2258
info2@canhealth.com

  • Quick Links
    • Current Print Issue
    • Print Archive
    • Events
    • Vendors
    • About Us
  • Advertise
    • Publishing Schedule
    • Circulation
    • Unit Sizes and Rates
    • Mechanical Requirements
    • Electronic Advertising
    • White Papers
  • Subscribe
    • Print Edition
    • e-Messenger
    • White Papers
  • Resources
    • White Papers
    • Writers’ Guidelines
    • Privacy Policy
  • Topics
    • Administrative Solutions
    • Clinical Solutions
    • Companies
    • Continuing Care
    • Diagnostics
    • Education & Training
  •  
    • Electronic Records
    • Government & Policy
    • Infrastructure
    • Innovation
    • People
    • Privacy and Security

© 2025 Canadian Healthcare Technology

The content of Canadian Healthcare Technology is subject to copyright. Reproduction in whole or in part without prior written permission is strictly prohibited. Send all requests for permission to Jerry Zeidenberg, Publisher.

Search Site

Error: Enter a search term

  • Issues
    • Current Print Issue
    • Print Archive
  • Advertise
    • Publishing Schedule
    • Circulation
    • Unit Sizes and Rates
    • Mechanical Requirements
    • Electronic Advertising
    • White Papers
  • Subscribe
    • Print Edition
    • e-Messenger
    • White Papers
  • Events
  • Vendors
  • About Us