Each agency using Catalyst is a Health Information Custodian (HIC) under the Personal Health Information Protection Act (PHIPA) and as such each agency must take appropriate measures to safe guard their clients’ Personal Health Information (PHI). There are a few simple steps all agencies can do to ensure that no PHI is seen or accessed by unauthorized staff or other people.
- Log out of Catalyst. When you are finished your use of Catalyst, or if you are temporarily stepping away from your computer while Catalyst is open, log out of your session by clicking the Logout button at the top right of the screen. Ending your Catalyst sessions correctly when you leave your computer will ensure that anyone accessing your computer when you are away will not have access to your DATIS database.
- Log out of Windows. Logging out of Windows will prevent anyone from accessing your computer's files and/or any internet browsing history that may inadvertently contain PHI.
- Password protect and encrypt all clinical computers. DATIS recommends that all clinical-use computers, for example computers where Catalyst data is entered, be password protected and encrypted. If you do not have password protection, please ask within your agency about putting this in place.