The Steering Committee should include a privacy officer who can help the hospital understand the implications of demographic data collection and plan for a process that will respect and comply with privacy regulations. These privacy considerations should cover the various stages of the demographic data collection plan including:
- Data Collection Purpose: How will the data be used by the hospital?
- Data Storage: Where will the data be stored so that it remains private?
- Data Retrieval: Who can retrieve and see the data once it has been entered?
Leading up to Mount Sinai Hospital’s implementation of demographic data collection, the hospital’s Corporate Privacy Office & Freedom of Information Coordinator issued a memorandum describing how personal health information can be collected, used and disclosed. To read this resources, refer to the link below.
These resources can be used for consultation and guidance. However, it is up to each hospital’s privacy officer and legal team to ensure that you are collecting and using the data in compliance with the Ontario Personal Health Information Act (2004) and any internal hospital regulations.