Scribd
Upload
597 views

Nursing Informatics

Nursing Informatics Privacy of personal and private Domains

Uploaded by

Iresef Lariosa
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
597 views

Nursing Informatics

Nursing Informatics Privacy of personal and private Domains

Uploaded by

Iresef Lariosa
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
You are on page 1/ 3

PRIVACY OF PERSONAL AND PUBLIC DOMAINS

Lariosa, Iresef C. BSN 2-F

Privacy: Refers to the right of an individual to keep his/her health info private.
Confidentiality: Refers to the duty of anyone entrusted with health information to keep that
information private.

Protecting Patients from Harm includes Respect for their Right to Privacy
 Health information is valuable and its unauthorized use or disclosure may put patients at risk for
unwanted publicity, identity theft, discrimination and other acts prejudicial to the patient.

Data Privacy Act of 2012


It is the policy of the State to protect the fundamental human right of privacy, of communication while
ensuring free flow of information to promote innovation and growth.

Personal Data
 Any information from which the identity of an individual is apparent.
 Any information that can be put together with other information to reasonably and directly identify an
individual.
 Includes sensitive personal information such as your health, education, genetic or sexual life.
 Includes information that is classified or Privileged

Personas Defined in the Law Data Subject


DATA SUBJECT
 Individual whose personal information is being processed.

PERSONAL INFORMATION CONTROLLER


 Person or organization who controls collection, holding, processing or use of personal information.

PERSONAL INFORMATION PROCESSOR


 Natural or judicial person to whom a personal information controller may outsource the
 processing of personal data pertaining to data subject

Data Privacy Principles


 Transparency
 Legitimate Purpose
 Proportionality

TRANSPARENCY
 The data subject must be aware of the nature, purpose, and extent of the processing of his or her
personal data, including the risks and safeguards involved, the identity of personal information
controller, his or her rights as a data subject, and how these can be exercised.
 Any information and communication relating to the processing of personal data should be easy to
access and understand, using clear and plain language

RIGHTS OF DATA SUBJECTS


including the right to file a complaint before the National Privacy Commission.

Rights of Data Subject:


 Right to information
 Right to object
 Right to access
 Right to correct
 Right to erase
 Right to damages
 Right to data portability
 Right to file a complaint

Right of Data Subject


1. Description of the personal information to be entered into the system;
2. Purposes for which they are being or are to be processed;
3. Scope and method of the personal information processing;
4. The recipients or classes of recipients to whom they are or may be disclosed;
5. Methods utilized for automated access, if the same is allowed by the data subject, and the extent to
which such access is authorized;
6. The identity and contact details of the personal information controller or its representative;
7. The period for which the information will be stored; and
8. The existence of their rights, i.e., to access, correction, as well as the right to lodge a complaint before
the Commission.

LEGITIMATE PURPOSE
 The processing of information shall be compatible with a declared and specified purpose which must
not be contrary to law, morals, or public policy.
 Processing of personal data should have the individual’s consent, or must be authorized or allowed by
the Constitution or by law.

Consent
 Refers to any freely given, specific, informed indication of will, whereby the data subject agrees to the
collection and processing of personal information about and/or relating to him or her
 The consent shall be evidenced by written, electronic or recorded means.

PROPORTIONALITY
 The processing of information shall be adequate, relevant, suitable, necessary, and not excessive in
relation to a declared and specified purpose.
ORGANIZATIONAL SECURITY MEASURES

Data Protection Officer


 The DPO should possess specialized knowledge and demonstrate reliability necessary for the
performance of his or her duties and responsibilities.

Privacy Manual
 Procedure for collection, use or disclosure, storage and disposal of personal data
 Social media use in hospitals and healthcare facilities.

Physical Security Measures


 Design of office space and work stations, including the physical arrangement of furniture and
equipment, shall provide privacy to anyone processing personal data, taking into consideration the
environment and accessibility to the public
 Records room, work stations and data centers should have limited access.

Technical Security Measures


 Security policy system monitoring
 Safeguards: encryption, authentic process
 Incident response, correct and mitigate breach, restore system

You might also like