The OntarioMD Privacy and Security Training Module covers topics such as safeguarding PHI from breaches and security incidents, and how to comply with obligations under PHIPA.
The OntarioMD Privacy and Security Training Module is available at OntarioMD.ca, and can be accessed from any device that connects to the Internet. You will need a user account for the website. If you are already registered for OntarioMD.ca, simply click on Sign In at the top of your screen and log in with your email and password. Print your completion certificate after you complete the module or log back in to print later.
1. Who can take the online privacy and security training?
The online privacy and security training module is open to all Ontario family physicians, specialists, nurse practitioners, nurses, office managers / Executive Directors, non-IT administrative staff, IT administrative staff, clinic manager, quality improvement / data analysis staff (i.e., QIDSS), dieticians, mental health / social workers, pharmacists and other allied health professionals. Physicians and Office Managers can also sponsor their staff to complete the training.
2. Can my staff do the training on my behalf?
No. In order to be able to access certain provincial digital health assets (including EHR Systems), clinicians must each complete the training on their own. To receive Continuing Medical Education (CME) credits for completing the online privacy and security training module and attestations module from the College of Family Physicians of Canada, it is mandatory for physicians to complete the training themselves. Clinician support staff would also benefit from the training and clinicians can designate them as a sponsored user. Each individual user must register for an account with OntarioMD using their own email address in order to access the online training module. Multiple users cannot access the training module using the same email address or account.
3. Why do I need to take privacy and security training module?
Privacy and security training for clinicians is a critical obligation inherent in the accountability that Health Information Custodians have with respect to the appropriate collection, viewing, use, disclosure and safeguarding of PHI. Educating yourself and your staff enables you to comply with regulatory frameworks. Privacy and security training is also recommended to access provincial digital health assets such as the ConnectingOntario Clinical Viewer, HRM, eNotifications, OLIS and any future digital health assets as they become available and may become a mandatory requirement for access in the future.
4. What does the training cover?
The OntarioMD Privacy and Security Training Module covers:
- the importance of privacy and security, and your legal and professional obligations
- PHI and ownership of medical records
- Ontario's Electronic Health Record ("EHR") systems and your obligations as a user of such systems
- consent and consent directives
- ways to safeguard PHI
- developing acceptable use policies
- system and network controls that must be in place before you access EHR systems
- how to manage relationships with electronic service providers
- identifying and appropriately responding to privacy breaches and security incidents
5. How long does the training module take to complete?
On average, the training should take 45 minutes to complete from start to finish. If you are unable to complete the training in one session, you can log out and log in to resume the training from where you left off.
6. What score do I need to pass the test at the end of the training module to receive the certificate of completion?
To be issued a certificate of completion for the Privacy Training Module, a minimum score of 80% must be achieved. The test can be taken repeatedly until a passing grade has been achieved.
7. How often should I take the training?
OntarioMD recommends that all Ontario physicians, nurse practitioners, nurses, office managers / Executive Directors, non-IT administrative staff, IT administrative staff, quality improvement / data analysis staff (i.e., QIDSS), dieticians, mental health / social workers, pharmacists and other allied health professionals take the training at least once a year or whenever you feel you need to be reminded of the concepts and best practices covered in the online privacy and security module. Annual training ensures that you educated on your obligations under current legislation as well as the most current best practices to protect your practice against privacy breaches and security incidents.
8. Can I claim credit(s) from the Royal College of Physicians and Surgeons of Canada under the Maintenance of Certification Program?
Yes, this module can be claimed for credit(s) under the Royal College Maintenance of Certification (MOC) Program as a Section 2: Personal Learning Project for 2 credits/hour. In order to claim the credit(s), you must record the activity in your MAINPORT ePortfolio and complete at least one learning outcome.