Question
Who has access to an agency's Case Notes? Are other agencies able to view my agency's Case Notes? Are DATIS employees able to see Case Notes? What security is in place to protect our clients information?
Answer
The same level of encryption (data security) that applies to Catalyst, applies to the Case Notes module; all information entered into and retrieved from Catalyst, including Case Notes, is done via secure and encrypted connections (SSL). The Case Notes entered by staff at your organization can only be accessed by users set up under your Connex number (and who have permission to use the Case Notes module). Catalyst users at other organizations cannot access this data in the same way that you cannot look up clients entered in their databases. It is up to each agency to put policies and procedures in place regarding access to these files by their staff.
DATIS employees are bound by our own policies and procedures when it comes to the access to your agency's Personal Health Information (PHI). In compliance with PHIPA, these procedures permit DATIS staff to access PHI (Case Notes included) in organisations databases in order to fulfill our support and maintenance roles as a Health Information Network Provider. No PHI is ever shared or disclosed by DATIS unless requested by the Health Information Custodian which has authority over the data.
