n102y health information technology module privacy security ethics
Post on 23-Feb-2016
46 Views
Preview:
DESCRIPTION
TRANSCRIPT
N102Y Health Information Technology Module
Privacy Security
EthicsProtecting Patient
Information AND
Patients
Patient Privacy and Confidentiality
Health Information Technology
I know about HIPPA!Confidentiality and Privacy
Risks of EHRs • Both paper and electronic records have privacy
issues• Easily accessible info and lots of it• Not well controlled environments• Physical security issues• Data security issues• Where does the information go?
Discussion:HIPAA violations seen in clinical
Data Security
Health Information Technology
Types of Safeguards Physical
• Building security• Equipment security
Administrative• Password, log in monitoring, access control
Technical• Encryption• Auto log off
Protecting the Security of Healthcare Data
Controlling users Passwords (what’s a
“strong password”!?) Authentication
• Biometrics• RFID technology
Auditing Authorizing
Protection from the outside
Antivirus/antispyware Site blockingPhysical Location of
workstations Screen filters
Violations Data for 17,500 patients was
unsecured for at least 10 months, due to the disabling of firewall protections
Fine: $400,000 Unencrypted laptop computer
containing the electronic protected health information (ePHI) of 441 patients was stolen in June 2010
Fine: $50,000
HIPAA violation fines
What Kind of Breach? Unintended disclosure Payment Card Fraud Hacking or malware Insider Physical loss Portable device Stationary device Unknown or other
Patient Rights
Health Information Technology
Current Legislation
HIPAA OMNIBUS ruling• Released March 2013• Enforcement begins end of Sept 2013• Implements a number of provisions of the
HITECH Act Part of the ARRA 2009
Patient’s have the right to: request information (copy of their chart) write a statement of disagreement and place
in record share info among care providers and for
reporting not share info to employers, get a report “accounting of disclosures” choose communication methods file a complaint if a violation is suspected request to share/not share if paying out of
Nursing Ethics and Patient Privacy
Health Information Technology
ANA Code of Ethics The nurse, in all professional relationships,
practices with compassion and respect for the inherent dignity, worth and uniqueness of every individual, unrestricted by considerations of social or economic status, personal attributes, or the nature of health problems.
The nurse promotes, advocates for, and strives to protect the health, safety, and rights of the patient.
Ethics activity What type of data breach is it? What were the consequences? Why is it unethical? What can be done to prevent this
from happening again?
Other HIT Ethical Issues Imaging Treatments Genomics Mobile health Access to technology
The Role of the Nurse:-Privacy-Confidentiality -Security of Patient Information
Health Information Technology
Privacy, Confidentiality and Security Begin with You
Secure your documentation Protect your patient’s privacy
• Social media policies• No cameras in many hospitals
Use strong passwords• Do not write down!
referencesCenters for Medicare and Medicaid Services. (2007) HIPAA Security Series, Security Standards: Technical Safeguards. Retrieved July 9, 2013 from
http://www.hhs.gov/ocr/privacy/hipaa/administrative/securityrule/techsafeguards.pdf Centers for Medicare and Medicaid Services. (2007) HIPAA Security Series, Security Standards: Physical Safeguards. Retrieved July 9, 2013 from
http://www.hhs.gov/ocr/privacy/hipaa/administrative/securityrule/physsafeguards.pdf Centers for Medicare and Medicaid Services. (2007) HIPAA Security Series, Security Standards: Administrative Safeguards. Retrieved July 9, 2013 from
http://www.hhs.gov/ocr/privacy/hipaa/administrative/securityrule/adminsafeguards.pdf Panchadsaram , P. (May 27 2013) TedMed talk: Empowering patients through information design
retrieved July 9, 2013 from http://www.youtube.com/watch?v=7Mv8UzJlUtw&feature=youtu.be
Security Breaches 2005 – Present retrieved July 9, 2013 from http://www.privacyrights.org/data-breach
OnlineTech. (2013) What is a HIPAA violation? Retrieved July 9, 2013 from http://www.onlinetech.com/compliant-hosting/hipaa-compliant-hosting/resources/what-is-a-hipaa-violation
American Nurses Association. (2011) Nursing Code of Ethics. Retrieved July 9, 2013 from http://www.nursingworld.org/codeofethics
top related