CareConnect Orientation 

CareConnect Quick Reference Guide - For clinics/work sites on PPN

CareConnect Clinical Workflow – New Patient

CareConnect Clinical Workflow – Established Patient

CareConnect Factsheet

DTO Privacy and Security – Doctors of BC 

Infographic - 5 reasons why you need CareConnect in your private practice

Infographic - What are the benefits of CareConnect?

Infographic - How CareConnect Saves you time tracking down patient information

Infographic - What is available in CareConnect?

Online Enrolment Portal

If you have an active Health Authority network account (ex. Vch\vrhb\infosys\phsabc\) and would like to reset your password please visit https://mypass.careconnect.ca.

If you have an HxBC account please visit https://my.careconnect.ca. 

If you have any questions, please contact CareConnect@phsa.ca

How to Reset Your Password

CareConnect is designed to ensure personal information about patients is protected from unauthorized access or use, with the following security features:

• Enrollment and registration processes confirm:

• User identities.

• Permission has been obtained before an access account is created.

• All user activity in CareConnect is recorded on a permanent audit trail that records logon, individual patient records accessed, printed information and log off.

• All internal and external network access attempts are monitored and recorded.

• All CareConnect users must successfully complete an online privacy tutorial before a CareConnect account is activated.

• Users must agree to an online Confidentiality Acknowledgement the first time you log on to CareConnect and periodically reaffirm this acknowledgement.

• All CareConnect users are required to change their password every 90 days. A password standard has been established that ensures passwords are not easy to guess.
  

CareConnect uses a Role-Based Access Model to ensure that each user can access the clinical information they need to do their job, but cannot access the information they do not need.

Every CareConnect user is assigned a Business Role which determines the user's specific access permissions.

Each CareConnect Business Role is made up of two components:

1. Role context  – The type of service / clinical setting in which the user works (e.g., Emergency Services, Community Services)

2. Functional description  – The functional role of the user, i.e., what the user does (e.g., Prescriber, clinical support staff)
   

An audit trail is a security tool that tracks:

• User access and activity
  

• Any creation, modification or deletion of data in an electronic information system
  

CareConnect has an audit trail function that collects information such as username, date and time, patient record(s) accessed, and print requests.

An audit trail can be used to establish the legality of personal information in an EHR. An audit trail can also provide valuable information when unsuccessful attempts have been made to access a record, a privacy breach has occurred, or a complaint about a breach has been filed.

• Do not share your username and password with anyone.

• Do not allow anyone to access any information in CareConnect under your username.

• Always log off when you are finished using a workstation.

• Do not discuss confidential patient information in public areas.

• Ensure personal information printed from CareConnect is properly protected, by placing it in the patient's record or shredding it after use.

• Before accessing a patient's personal information, ask yourself, "Do I need this information in order to do my job?"
  

Your username and password are equivalent to a legal signature, making you accountable for all activity performed under your username, even if someone else used it to access CareConnect. Treat your username and password with the same care as your Personal Identification Number (PIN) for banking.

Anyone with reason to believe a username and password have been compromised should immediately reset the password and notify your supervisor, manager or director.

The primary purpose for accessing a clinical system like CareConnect is to provide care. Consequently, you should only access information you need to know to perform your job caring for patients, clients and residents. If you want to access your own personal medical record, you must go through Health Records.

A privacy breach occurs when someone's privacy and confidentiality have been compromised. Breaches include intentional and unauthorized access to, use, and/or disclosure of personal information. An example would be accessing personal information via CareConnect that you do not need to know to do your job, such as information on your family, friends or colleagues. Confirmed breaches of confidentiality will result in disciplinary action, up to and including removal of access permissions and termination.

Contact the VCH Information Privacy Hotline at (604) 875-5568, or email privacy@vch.ca.

Refer to the Doctors Technology Office website for more resources.

Doctors Technology Office Security Course