Canada Health Infoway is committed to respecting privacy, safeguarding confidential information, and ensuring the security of personal information. PrescribeIT® is a national e-prescribing service that allows physicians and pharmacies to send messages for the purposes of:
- transmitting prescription information to a pharmacist;
- dispensing medication to the correct patient.
Practices and safeguards to protect personal information
The following safeguards are in place to protect health information in PrescribeIT®:
- Infoway has appointed an individual who is accountable for privacy and security, namely, a Chief Privacy Officer.
- Personnel with access to PrescribeIT® must pass background checks and receive privacy training.
- Security roles and responsibilities of personnel involved in the provision of PrescribeIT® are documented.
- Formal contracts and service level agreements are in place with any third party retained to assist in providing services.
- Privacy and threat risk assessments are conducted. Privacy and security risk mitigation activities are established, assigned to a responsible individual, recorded and tracked as part of each assessment.
- Policies and procedures are in place including a breach management protocol.
- Formal processes have been established for granting and revoking access to PrescribeIT® systems. Such processes include regular reviews of permissions and accounts by accountable personnel.
- Personnel accessing PrescribeIT® must use unique credentials and are only given the level of access necessary and sufficient for them to perform the tasks and functions for which they are responsible.
- A formal password policy relating to PrescribeIT® systems is in place that ensures sufficient complexity, safe storage, and restrictions on access after too many failed attempts.
- PrescribeIT® data is encrypted in transit and at rest using industry standard cryptographic algorithms.
- There is a formal logging and auditing program for all transaction on PrescribeIT® systems.
- Up-to-date antivirus and firewall protections are used.
Canada Health Infoway Inc.
Chief Privacy Officer
150 King St. West, Suite 1100
M5H 1J9 Toronto, Ontario
An individual may also direct complaints to the privacy commissioner of the jurisdiction in which they reside.