FINALS

PHARM INFORMATICS (LEC)

PHARM 221

UNIT 5: ETHICAL ISSUES IN HEALTH INFORMATICS

OUTLINE — duty of an individual to refrain

I. Introduction from sharing confidential
II. RA 10173 information with others, except with
a. Implementing Bodies the express consent of the other
b. Compliance Process party
c. Sanctions —professionals (e.g. doctors,
CONFIDENTIALITY
d. Rights of the Data Subject pharmacists, nurses, social workers,
III. RA 11332 support workers) should not share
a. Unlawful Acts personal details about someone
b. Sanctions with others unless that person gives
the consent to or it is absolutely
necessary
— the method of making data used
I. INTRODUCTION for your research available to others
the pharmacy practice will embrace the through a variety of mechanisms
science of health informatics through the use of — in social and health settings, it is
electronic pharmacy records or electronic health DATA SHARING the key to innovation in health care.
technology showing a patient medication use and This implies that to improve people’s
quality of life and prevent disease,
information about health over time
health systems need to embrace
virtual platforms.
With the advent of health informatics as a
discipline, it is easier to acquire, store, retrieve and
use healthcare information to foster better According to Dr. Shaun O’Hanlon (NHS
collaboration among a patient’s various Confederation)…
healthcare providers. however, this poses some ● data sharing must to be transparent
drawbacks, especially on the patient’s side if not —transparency should include
appropriately controlled or handled leading to making the sharing agreement accessible
numerous ethical issues for the public to view and there should be
clear and prominent information about
to maximize the benefits of the digital how patients can remove themselves from
world and escape the existence of ethical issues, the process if they wish to
one interacts in a way to preserve trust of patients ● good data sharing must be secured
by being transparent and ensuring security, — people accessing the records
offering them the principle of confidentiality and means to have a legitimate reason to do
respecting their privacy so and to have a legitimate relationship
with the patient
— the right of the individual to
determine when, how, and to what
II. RA 10173 “DATA PRIVACY ACT OF 2012”
extent he or she will release personal
— protects and maintains the right of the
PRIVACY information
— enables to create barriers and customer’s confidentiality by providing the
boundaries to prevent unwarranted standards that regulate the collection, handling,
interference and disposal of all personal information
— aims to safeguard the fundamental human the Customers’ proper consent
right of every individual to privacy while ensuring
the free flow of information for innovation, growth, 2. legitimate reason for collection
and national development ● the purpose of gathering data must
—To recognize the vital role of information and be authentic or is necessary or
communications technology in nation-building beneficial for the patient
—To enforce the State’s inherent obligation to
ensure that personal data in information and 3. must be solely used for its intended
communication systems are secured and purpose
protected both in the government and private ● identify the scope and limitation of
sectors of the country processing information, that is, it is
users’ experience in the process of information not more than what is known for the
seeking as a series of thoughts, feelings, and patient
actions. ● the information must be kept
accurate and relevant and is used
A. IMPLEMENTING BODY only for the stated purposes, and
National Privacy Commission (NPC) retained only for as long as
— in charge of implementing and reasonably needed
administering this law
— tasked to monitor and ensure 4. protected and secured
compliance of the Philippines with ● should avoid access from
international standards for personal data unauthorized parties
protection ● personal information must be
discarded in a way that does not
FUNCTIONS make it visible and accessible to
third parties
the process of creating or
RULE-MAKING promulgating regulations
SANCTIONS
ADVISORY related to personal data protection Unauthorized processing, negligent handling, or
launching initiatives to educate the improper disposal of personal information is
PUBLIC public about data privacy, data punishable:
EDUCATION protection, and fair information
● up to Six (6) years imprisonment
rights and responsibilities
● PHP 5,000,000
— to ensure that the personal
● Nature and Degree
information controllers comply with
COMPLIANCE AND the law
MONITORING — manage the legislation of the RIGHTS OF THE DATA SUBJECT
personal information processing the individual sharing their information has to be
systems fully informed about the several factors of the
COMPLAINTS AND data collecting process such as:
INVESTIGATIONS
the patient needs to know why a
implementation of the provisions of
ENFORCEMENT THE REASON FOR piece of certain information is being
the law
USE collected

COMPLIANCE PROCESS involves the use of a software

How do we comply? METHOD FOR component, operating system
ACCESS service, or network interface that
1. all personal data must be collected with
handles the storage or sending of
 receipt of data ○ changes in the disease frequency
THE IDENTITY AND in case the patient wanted to verify or changes in the level of risk
CONTACT DETAILS something, they may easily reach factors are closely monitored
OF THE PERSONAL the person being referred to
INFORMATION
UNLAWFUL ACTS
CONTROLLER
to avoid access from unauthorized of private and confidential
parties that wants the intended information pertaining to a
HOW LONG THE patient’s medical information or
purpose of the data collecting UNAUTHORIZED
INFORMATION treatment unless the disclosure
process has been realized that DISCLOSURE
WILL BE STORED was made to comply with a legal
proper disposal of the information
should be done order issued to by a court of law
with complete jurisdiction
e.g. the patient should be
acquainted up to what extent will Intentionally providing
ACCESS TO THEIR their personal information would be disinformation, for this may
TAMPERING OF
RIGHTS exposed, so they may be properly cause confusion and anxiety to
RECORDS
decided as to whether or not their the public especially since their
personal information be shared health is at risk
of the entities identified as having
the notifiable disease or affected
III. RA 11322 “MANDATORY REPORTING OF NON-COOPERATION
by the health event of public
NOTIFIABLE DISEASES AND HEALTH EVENTS OF concern
PUBLIC HEALTH CONCERN ACT”
—requires the reporting of public health of SANCTIONS
concerns and events such as infectious diseases violators may face:
and epidemics ● fines not less than 20,000 pesos but not
— aims to protect the people from public health higher than 50,000 pesos
threats through efficient and effective disease ● imprisonment of not less than 1 month but
surveillance of diseases of public health concerns not more than 6 months
— recognizes the disease surveillance and
response system of the department of health and
its local counterparts as the 1st line of defense
against epidemics or any events that may pose
health threats to the public. it passes the DOH,
especially its epidemiology bureau to regularly
update and issue a list of nationally notifiable
diseases or ailments that must be reported to the
public

Relevance in Protecting People from Public

Health Threats
● accurate and timely information
○ is made regularly available to the
public and health providers
specifically those notifiable
diseases and health-related events
and conditions
● Active participation of all medically allied
professionals and establishments