The Community Business Intelligence (CBI) Project Team has engaged with Privacy and Security Specialists to complete a Privacy Impact Assessment (PIA) and a Threat Risk Assessment (TRA) on data transmission and reporting environments and processes at Drug and Alcohol Treatment Information System (DATIS).
Members of the Privacy, Security and Data Access Sub-Group meet to review privacy and security issues as required.
Individuals that make up this committee have representation across the community sector. They include:
| Name | Sector | Organization |
|---|---|---|
| Paul Geerts | CMH | Sound Times |
| Charles Shamess | CSS | Fife House |
| Lana Frado | CMH | Sound Times |
| Roe Sivanandan | CMH | PARC |
| Vonnie Barron | CSS | SPRINT |
| Thomas Henderson | CMH/CA | St. Michael’s Hospital |
| Tim Guimond | CMH/CA | St. Michael’s Hospital |
| Mona Wong | CA | DATIS |
Privacy Impact Assessments & Threat Risk Assessments
A Privacy Impact Assessment (PIA) was conducted on the Community Business Intelligence (CBI) system. The results are summarized in this document.
A Threat Risk Assessment (TRA) was conducted on the Community Business Intelligence (CBI) system. The results are summarized in this document.
Reports TRA & PIA Summary, October 29, 2014
A Privacy Impact Assessment (PIA) and a Threat Risk Assessment (TRA) were conducted on the Community Business Intelligence (CBI) reporting portal system. The results are summarized in this document.
Contracts
Data Sharing Agreement Kick-Off
Data Sharing and Health Information Network Provider Agreement
This agreement is signed between parties participating in CBI. The agreement outlines the roles and responsibilities of each HSP, the Health Information Network Provider (Centre for Addiction and Mental Health), and Reconnect as Lead Agency for CBI.
Please use this form to complete section D of the DSA.
Signing Guide Instructions for HSP Participants to the CBI Data Sharing Agreement
Addendum No. 1 to the ESPA is now a required companion document to the ESPA and outlines the upload of CBI data to the Institute for Clinical Evaluative Sciences (ICES). Please use the signing guide below to complete this document and return it along with your signed ESPA.
Signing Guide Instructions for Addendum No. 1 to the ESPA.
Institute for Clinical Evaluative Sciences (ICES)
CBI data is now flowing on a semi-annual basis to the Institute for Clinical Evaluative Sciences (ICES). This partnership allows CBI data to be linked to other provincial data, including primary care and hospital data. HSPs will also be provided annual reports and have access to any research conducted using CBI data.
Below please find more information about ICES, including a privacy information sheet and links to the ICES website.
A privacy information sheet for HSPs.
For more information about privacy at ICES, please visit Privacy at ICES
For additional information about ICES, please visit ICES | Institute for Clinical Evaluative Sciences
CBI Policies and Procedures
The following documents outline the policies and procedures to be followed by all Parties in addition to those outlined in the ESPA. The Parties include the Electronic Service Provider, the Lead Agency, Health Service Providers and any Third Party Service Provider and their personnel.
Glossary and Overview for Policies
Policy No.1: Audit and Access Log Review Policy
Policy No.2: Privacy Incident and Breach Management Policy
Policy No.3: Data Retention and Destruction Policy