Read: Chapter 12.

Additional Readings:

Arenault, W., & Giesinger, N., (2009). Privacy? Security? How can I possibly keep up with all these demands? COACH: Canada’s Health Informatics Association.  COACH Journal, 1st Quarter.   http://coachorg.com/en/publications/resources/Privacy_Security_May_2009.pdf

Blobel, B. (2004). Authorisation and access control for electronic health record systems. International Journal of Medical Informatics, 73, 251-257.

Canadian Standards Association (2006). Privacy and security crucial to health informatics. CSA Newsletter, Fall 2006 available from http://www.csa.ca/standards/health_care/newsletter/archive/issue%204/newsletter.pdf 

Kluge, E.W. (2004). Informed consent and the security of the electronic health record (EHR): Some policy considerations. International Journal of Medical Informatics, 73, 229-234.

Privacy Commissioner of Canada (2004). PIPEDA awareness raising tools (PARTs) initiative for the health sector. Available at http://e-com.ic.gc.ca/epic/internet/inecic-ceac.nsf/en/gv00235e.html

Weitz, M., Drummond, N., Pringle, D., Ferris, L.E., Globerman, J., Hebert, P., Tracy, C.S., & Cohen, C. (2003). In whose interest? Current issues in communicating personal health information: A Canadian perspective. Journal of Law, Medicine & Ethics, 31, 292-301.

Wynia, M. & Dunn, K. (2010). Dreams and nightmares: Practical and ethical issues for patients and physicians using personal health records. Journal of Law, Medicine and Ethics, Spring 2010, 64-73.