As a responsible health services provider, Healthfocus is dedicated to protecting the privacy and confidentiality of our clients’ information.
The Office of the Australian Information Commissioner provides policies and guidelines for handling confidential client information (see https://www.oaic.gov.au/privacy/privacy-for-health-service-providers/), which Healthfocus has applied to our manual and digital processes and information storage.
One of the most challenging aspects of handling clients’ personal and confidential information is when we must exchange information with other stakeholders involved in the clients’ care. These stakeholders can include Medical Practitioners, Case Managers, Insurers and Legal Practitioners.
Secure Messaging platforms are the preferred way of exchanging confidential client information (see https://www.digitalhealth.gov.au/healthcare-providers/initiatives-and-programs/secure-messaging). However, the health industry’s journey towards ubiquitous Secure Messaging has so far been a long and complex one and there are still significant challenges, including:
- There are several vendors of Secure Messaging solutions that comply to the standards, but many of the vendors link and package the Secure Messaging capability into their practice management software;
- There is some interoperability between vendors, but it is limited;
- Provider directories are only searchable within one vendor’s solution;
- Not all stakeholders are Health Service Providers and so are not required to have “health compatible” Secure Messaging systems in place; and
- Each message sent/received Secure Messaging is usually subject to a fee, either per transaction, or bundled into a practice management solution pricing.
In the meantime, there has been a move away from paper, postal and fax based communication due to issues with speed, low security, and high costs.
While email is a popular, accessible, efficient and often fee-free way of communicating, the security of private and confidential information cannot be achieved without additional effort.
Healthfocus is committed to upholding the privacy of our clients’ confidential information and Personally Identifiable Information (“PII”). See https://www.oaic.gov.au/privacy/guidance-and-advice/what-is-personal-information for a definition of PII.
Especially for stakeholders who we communicate who are not part of a health industry Secure Messaging service, we utilise encrypted, password protected PDF attachments to emails to protect confidential information. Emails we send this way will have instructions on how to open the attachment and will refer to information about the client that the stakeholder will/should already have that is not contained in the email, for example a Medicare Number, or a Date of Birth.
How do I open a password protected PDF?
Most modern PDF reader software, including Adobe Acrobat, Foxit, Apple Preview and many others already support password protected PDFs. When the file is opened, the software will prompt for the password.
How do I remove the password once I have opened the protected PDF?
Once the file has been opened using the password, there are a number of ways to remove the password protection, for example for storage in a local Practice Management or Records system. See https://www.howtogeek.com/299457/how-to-remove-a-password-from-a-pdf-file/ for instructions on how to remove PDF passwords on a variety of platforms.