Aggregate data. Summed or categorized data (e.g., total number of visits to the Emergency Department in the last year). The data have been compiled from record-level data to a summary level that ensures the identities of individuals or groups cannot be determined by a reasonably foreseeable method.
Anonymized data. Data that has been irreversibly severed from the identity of the person or group to prevent re-identification, even by data analysts under any condition.
Data Access Agreement. A legal document between PMR and the data requester (usually the Principal Investigator or Project Lead) that describes both parties’ responsibilities around data access, transfer, use, disclosure and security/privacy.
Data Access Risk Assessment Framework. The factors that PMR considers when assessing the risk in a data request. The Framework helps identify where on a continuum the risk sits and what strategies can be employed to mitigate the risk. The Framework helps PMR uphold its responsibilities regarding personal information in its custody and under its control. The Framework is based on Population Data BC’s emerging Proportionate Governance Framework and was tailored for PMR. Factors in the Framework tailored for PMR, which contribute to the level of risk, include: data (the type of data requested), environment (the type of environment in which the data will be accessed and stored), and people (the amount of experience that people have using the data requested).
Data steward. Refers to a public body, such as PHSA, that has ultimate responsibility for a given data source. In practice, an individual is typically named as having the authority to approve or reject research requests involving that data, typically called “the / a Data Steward.”
De-identified data. Records are modified so that the identity of the individual or group cannot be determined by a reasonably foreseeable method. De-identification methods include removing personal identifiers (e.g., names and personal health numbers); providing age groups instead of date of birth; and providing the fiscal period of admission instead of admission date. While the data may undergo de-identification methods, it may include preserving identifying information which could only be re-linked by a trusted party in certain situations.
Highly sensitive data. While all health information is considered sensitive, there are types of health information that have traditionally been considered more sensitive. They are generally in areas where knowledge by others of such information may lead to stigmatization, embarrassment, mistreatment, harassment, denial of employment and/or other prejudicial outcomes. Additional safeguards apply to clinical data areas related to mental health (including forensics), addictions, HIV (Oak Tree Clinic) and other communicable diseases, medical genetics, abortions (CARE program) and sexual health.
Identified data. Data elements include names, addresses, personal health number or other similar identifying numbers. Requests for identifiable information are approved on rare occasions only. In BC, information may not be used for the purposes of contacting individuals without the approval of the Information and Privacy commissioner.
Information Sharing Agreement. Used for external data requests when the data requester has no affiliation with PHSA and is not an employee of another BC health authority or the BC Ministry of Health. This legal agreement allows for the periodic transfer of data between PHSA and another non-PHSA affiliated institution and describes the holding, use, and disclosure of the data by PHSA. Specific processes are in place to secure an Information Sharing Agreement.
Information Sharing Plan. Used for external data requests when the data requester is an employee of another BC health authority or the BC Ministry of Health. This is a legal agreement that allows for the periodic transfer of data between PHSA and another non-PHSA health authority or the BC Ministry of Health and the holding, use, and disclosure of the data by PHSA. Specific processes are in place to secure an Information Sharing Plan.
Operational leader. An individual appointed by PHSA and responsible for clinical or operational services who is granted access to data or analytical reports that are consistent with their functional role within PHSA. Use of data for this purpose is defined within the Freedom of Information and Protection of Privacy Act, Section 32. PMR maintains a list of authorized operational leaders and confirms their compliance annually with PHSA privacy and risk policies.
Privacy Impact Assessment. A Privacy Impact Assessment (PIA) is an assessment of a current or proposed initiative (a system, enactment, project, program, or activity) to evaluate privacy impacts, including evaluating compliance with PHSA’s privacy responsibilities under the Freedom of Information and Protection of Privacy Act.
Proportionate governance. An approach to reviewing and managing data access based on the level of risk associated with a request. In this approach, the extent and stringency of review depends on the potential risk posed by the data request. Higher-risk requests receive more scrutiny. A request for highly sensitive data is an example of a case that would need additional review. The complexity and level of risk affects the time needed to review and fulfill a request. For more background information on Proportionate Governance and its application in other jurisdictions, please see Population Data BC’s Proportionate Governance Stakeholder Interviews Report.
Record-level data. Each individual case or patient encounter represents one record. Privacy issues arise when there is a requirement to conceal the identity of the patient in situations where the data set is to be used for research and patient consent has not been obtained.
Vetted environment. Environments where privacy and security standards meet or exceed PHSA’s requirements for data access and storage. Generally, health authorities or Ministry of Health are considered vetted environments.