Privacy and Security

The Community Business Intelligence (CBI) Project Team has engaged with Privacy and Security Specialists to complete a Privacy Impact Assessment (PIA) and a Threat Risk Assessment (TRA) on data transmission and reporting environments and processes at Drug and Alcohol Treatment Information System (DATIS).

Members of the Privacy, Security and Data Access Sub-Group meet to review privacy and security issues as required.

Individuals that make up this committee have representation across the community sector. They include:

Name Sector Organization
Paul Geerts CMH Sound Times
Charles Shamess CSS Fife House
Lana Frado CMH Sound Times
Roe Sivanandan CMH PARC
Vonnie Barron CSS SPRINT
Thomas Henderson CMH/CA St. Michael’s Hospital
Tim Guimond CMH/CA St. Michael’s Hospital
Mona Wong CA DATIS

Privacy Impact Assessments & Threat Risk Assessments

PIA Summary

A Privacy Impact Assessment (PIA) was conducted on the Community Business Intelligence (CBI) system. The results are summarized in this document.

TRA Summary

A Threat Risk Assessment (TRA) was conducted on the Community Business Intelligence (CBI) system. The results are summarized in this document.

Reports TRA & PIA Summary, October 29, 2014

A Privacy Impact Assessment (PIA) and a Threat Risk Assessment (TRA) were conducted on the Community Business Intelligence (CBI) reporting portal system. The results are summarized in this document.

Contracts

Data Sharing Agreement Kick-Off

Data Sharing and Health Information Network Provider Agreement

This agreement is signed between parties participating in CBI. The agreement outlines the roles and responsibilities of each HSP, the Health Information Network Provider (Centre for Addiction and Mental Health), and Reconnect as Lead Agency for CBI.

DSA – Schedule D Form

Please use this form to complete section D of the DSA.

DSA Signing Guide

Signing Guide Instructions for HSP Participants to the CBI Data Sharing Agreement

Addendum No. 1

Addendum No. 1 to the ESPA is now a required companion document to the ESPA and outlines the upload of CBI data to the Institute for Clinical Evaluative Sciences (ICES). Please use the signing guide below to complete this document and return it along with your signed ESPA.

Addendum No. 1 Signing Guide

Signing Guide Instructions for Addendum No. 1 to the ESPA.

Institute for Clinical Evaluative Sciences (ICES)

CBI data is now flowing on a semi-annual basis to the Institute for Clinical Evaluative Sciences (ICES). This partnership allows CBI data to be linked to other provincial data, including primary care and hospital data. HSPs will also be provided annual reports and have access to any research conducted using CBI data.

Below please find more information about ICES, including a privacy information sheet and links to the ICES website.

Privacy at ICES

A privacy information sheet for HSPs.

For more information about privacy at ICES, please visit Privacy at ICES

For additional information about ICES, please visit ICES | Institute for Clinical Evaluative Sciences

CBI Policies and Procedures

The following documents outline the policies and procedures to be followed by all Parties in addition to those outlined in the ESPA. The Parties include the Electronic Service Provider, the Lead Agency, Health Service Providers and any Third Party Service Provider and their personnel.

Glossary and Overview for Policies

Policy No.1: Audit and Access Log Review Policy

Policy No.2: Privacy Incident and Breach Management Policy

Policy No.3: Data Retention and Destruction Policy

Frequently Asked Questions

Frequently Asked Questions