New privacy push for HK’s public hospitals

Saturday, 31 July 2010

Healthcare

By Jianggan Li | 8 May 2009

Hong Kong’s Hospital Authority and the Office of Privacy Commissioner for Personal Data (PCPD) have jointly launched a campaign to enhance the awareness of patient data privacy among all the staff members of the territory’s public hospitals and clinics.

Photos

View photos

Related Categories

From this Section

NEWS

The HK$200,000 (US$26.000) programme, entitled “Care for Patients – Protect their Personal Data” will be rolled out through a series of training seminars on the Personal Data (Privacy) Ordinance, supplemented by interactive games and exhibitions.

According the organisers, the campaign aims to ‘instil and strengthen the culture of privacy awareness in the daily routine of hospital staff with particular attention to preventing the loss and possible leakage of patients’ personal data’.

There was a public outcry in the territory when two doctors from United Christian Hospital lost their USB flash drives containing personal details of 55 patients in a space of less than three weeks.

The incidents happened in March and April respectively, roughly a year after a similar incident which was described as ‘the challenge of the year’ by the IT and Medical Informatics departments at the Hospital Authority.

After last year’s incident, a few measures have been enforced to enhance patient data privacy. Hospital staff are required to seek Hospital Chief Executive’s approval prior to using an electronic storage device. The authority’s policies and guidelines on patient privacy protection are circulated to all members of staff via intranet and internal circulars.

According to a statement by the hospital authority, the campaign is an integral part of the “overall improvement plan of the authority to enhance the protection of patient data and privacy”.

In addition to the seminars and exhibitions, an online self-learning programme will be supplied by the Office of the PCPD to facilitating the training.

The first seminar, which was held on Tuesday (7 May 2009), was attended by around 400 hospital staff. In total 40 training seminars will be organised at various public hospitals in the coming months.

Officiating at the launching ceremony, Hospital Authority Chief Executive, Shane Solomon said, “We are committed to protecting the confidentiality of our patients’ personal data since it is an important aspect of high-quality patient care. Protection of patient data is part of our duty. All of us in the authority need to work together and strengthen our culture of privacy awareness.”

Also addressing ceremony was the Privacy Commissioner for Personal Data, Mr Roderick Woo, who said, “Patients’ right to privacy is absolutely essential in the health-care context. From the privacy protection perspective, data protection practices should be designed and adhered to so as to ensure that patients’ privacy and dignity are protected. I am glad to take a first and significant joint initiative with the Hospital Authority in mounting this campaign to enhance the protection of patients’ data. I am confident that together the Hospital Authority and the Office of the Privacy Commissioner for Personal Data can create a culture of protection of personal privacy.”

The statement also said disciplinary action will be taken ‘according to established human resources policy on staff members who were confirmed for loss of patient data’.

It is known that the doctors concerned in the latest incidents were issued with a written warning.