Pharmaceutical Compliance with Fair Information Practice Principles by John Mack Introduction According to a Pew Internet & American Life Project survey (November, 2000), 89% of health seekers on the Internet are concerned that a health Web site might sell or give away information about what they did online. A 2000 Cyber Dialogue survey commissioned by the Internet Healthcare Coalition and the California Healthcare Foundation, found that only 14% of online health seekers have a “high level of trust” of Pharmaceutical company or product web sites. Fueled by recent privacy laws, such as the Gramm-Leach-Bliley Act and the Health Insurance Portability and Accountability Act, establishing trust and confidence with stakeholders, from regulators to customers, has become a business imperative for the pharmaceutical industry. Fair Information Practice Principles Over the past quarter century, government agencies in the United States, Canada, and Europe have studied the manner in which entities collect and use personal information – their "information practices" – and the safeguards required to assure those practices are fair and provide adequate privacy protection. The result has been a series of reports, guidelines, and model codes that represent widely-accepted principles concerning fair information practices. Common to all of these documents are several core principles, including:
• NOTICE: data collectors must disclose their information practices before collecting
personal information (PI) from consumers
• CHOICE: consumers must be given options with respect to whether and how PI collected
from them may be used for purposes beyond those for which the information was provided
• ACCESS: consumers should be able to view and contest the accuracy and completeness
• SECURITY: data collectors must take reasonable steps to assure that information
collected from consumers is accurate and secure from unauthorized use
• ONWARD TRANSFER (CHAIN OF TRUST): to disclose information to a third party, such
as an advertiser, organizations must apply the NOTICE and CHOICE principles. Where an organization wishes to transfer information to a third party that is acting as an agent, such as a fulfillment vendor, it may do so if it makes sure the third party subscribes to the same principles as the organization.
• DATA INTEGRITY: An organization should take reasonable steps to ensure that data is
reliable for its intended use, accurate, complete, and current.
• ENFORCEMENT: the use of a reliable mechanism to impose sanctions for
procedures have not been implemented in many cases. Therefore, to avoid any trouble with the FTC, companies understandably do not promise what they cannot deliver. Access poses a difficult problem not just for pharma companies, but for “covered entities” (e.g., healthcare providers) under HIPAA (Health Information Portability and Accountability Act). Our analysis only required that privacy policies somehow allow consumers to view voluntarily-supplied personal information companies had about them and correct or delete this information. It didn’t require that any special technology or automated tools be used to allow direct access to databases. Still, many companies, according to their policies, do not provide any means of access even if just a person to call or e-mail. It may be that the flow of data through and out of these companies is not controlled in a manner that would allow access let alone deletion. The Issue of Trust Pharmaceutical product web sites can be more useful to consumers if they interacted more with them and provided personalized services and tools that help consumers manage their chronic conditions and comply with their treatment, including taking their medications and refilling prescriptions. But, in order to provide this level of service, more and more personally identifiable health information needs to be collected and maintained. Pharmaceutical companies may be reluctant to do this on their own sites if they do not have adequate data collection practices and policies in place. Nevertheless, the competitive advantage will go to the company that does follow best privacy and security practices. These companies will engender the highest level of trust among consumers allowing them to fully utilize the benefits of the Internet. Notes 1. For more detailed information about the methodology and scoring system, contact VirSci at 215-504-4164 or send email to [email protected] or visit www.virsci.com. John Mack VirSci Corporation PO Box 760 Newtown, PA 18940 215-504-4164 215-504-5739 FAX [email protected]
PROGRAMA DE ACTOS E INFORMACIÓN DEL CLUB Con motivo de la celebración de la tradicional travesía a remo Santa Pola Tabarca Santa Pola, el Club Náutico de Santa Pola informa de los actos previstos, así como la información necesaria a los clubes para el buen funcionamiento del evento. El Club Náutico de Santa Pola, pondrá a disposición de los clubes participantes, todo aque
Client Name: _________________________ O __ FORMULARY SSN: _________________________ Please check the appropriate box next to any of the following medications you are prescribing for the above- referenced patient. This list is the current OHDAP Formulary through March 2008 . Anti Acids Mental Health Delavirdine, DLV ( Rescriptor ®) Nizatidine ( Axid ®) Amitriptyline ( Elav