200 likes | 343 Views
N102Y Health Information Technology Module Privacy Security Ethics. Protecting Patient Information AND Patients. Patient Privacy and Confidentiality. Health Information Technology. I know about HIPPA! Confidentiality and Privacy . Risks of EHRs
E N D
N102Y Health Information Technology ModulePrivacy Security Ethics Protecting Patient Information AND Patients
Patient Privacy and Confidentiality Health Information Technology
I know about HIPPA!Confidentiality and Privacy • Risks of EHRs • Both paper and electronic records have privacy issues • Easily accessible info and lots of it • Not well controlled environments • Physical security issues • Data security issues • Where does the information go? Discussion: HIPAA violations seen in clinical
Data Security Health Information Technology
Types of Safeguards • Physical • Building security • Equipment security • Administrative • Password, log in monitoring, access control • Technical • Encryption • Auto log off
Protecting the Security of Healthcare Data Controlling users • Passwords (what’s a “strong password”!?) • Authentication • Biometrics • RFID technology • Auditing • Authorizing Protection from the outside • Antivirus/antispyware • Site blocking Physical • Location of workstations • Screen filters
Violations Data for 17,500 patients was unsecured for at least 10 months, due to the disabling of firewall protections Fine: $400,000 Unencrypted laptop computer containing the electronic protected health information (ePHI) of 441 patients was stolen in June 2010 Fine: $50,000
What Kind of Breach? Unintended disclosure Payment Card Fraud Hacking or malware Insider Physical loss Portable device Stationary device Unknown or other
Patient Rights Health Information Technology
Current Legislation • HIPAA OMNIBUS ruling • Released March 2013 • Enforcement begins end of Sept 2013 • Implements a number of provisions of the HITECH Act • Part of the ARRA 2009
Patient’s have the right to: • request information (copy of their chart) • write a statement of disagreement and place in record • share info among care providers and for reporting • not share info to employers, • get a report “accounting of disclosures” • choose communication methods • file a complaint if a violation is suspected • request to share/not share if paying out of pocket
Nursing Ethics and Patient Privacy Health Information Technology
ANA Code of Ethics • The nurse, in all professional relationships, practices with compassion and respect for the inherent dignity, worth and uniqueness of every individual, unrestricted by considerations of social or economic status, personal attributes, or the nature of health problems. • The nurse promotes, advocates for, and strives to protect the health, safety, and rights of the patient.
Ethics activity What type of data breach is it? What were the consequences? Why is it unethical? What can be done to prevent this from happening again?
Other HIT Ethical Issues Imaging Treatments Genomics Mobile health Access to technology
The Role of the Nurse:-Privacy-Confidentiality -Security of Patient Information Health Information Technology
Privacy, Confidentiality and Security Begin with You • Secure your documentation • Protect your patient’s privacy • Social media policies • No cameras in many hospitals • Use strong passwords • Do not write down!
references Centers for Medicare and Medicaid Services. (2007) HIPAA Security Series, Security Standards: Technical Safeguards. Retrieved July 9, 2013 from http://www.hhs.gov/ocr/privacy/hipaa/administrative/securityrule/techsafeguards.pdf Centers for Medicare and Medicaid Services. (2007) HIPAA Security Series, Security Standards: Physical Safeguards. Retrieved July 9, 2013 from http://www.hhs.gov/ocr/privacy/hipaa/administrative/securityrule/physsafeguards.pdf Centers for Medicare and Medicaid Services. (2007) HIPAA Security Series, Security Standards: Administrative Safeguards. Retrieved July 9, 2013 from http://www.hhs.gov/ocr/privacy/hipaa/administrative/securityrule/adminsafeguards.pdf Panchadsaram , P. (May 27 2013) TedMed talk: Empowering patients through information design retrieved July 9, 2013 from http://www.youtube.com/watch?v=7Mv8UzJlUtw&feature=youtu.be Security Breaches 2005 – Present retrieved July 9, 2013 from http://www.privacyrights.org/data-breach OnlineTech. (2013) What is a HIPAA violation? Retrieved July 9, 2013 from http://www.onlinetech.com/compliant-hosting/hipaa-compliant-hosting/resources/what-is-a-hipaa-violation American Nurses Association. (2011) Nursing Code of Ethics. Retrieved July 9, 2013 from http://www.nursingworld.org/codeofethics