MHA 690: Health Care Capstone

Instructor: Dr. Hwang-ji Lu

Health Care Capstone

Created by: Seynabou NdiayeMonday, September 23rd, 2013

Introduction

• The need to store electronic health information have raised concerns about the privacy of patients and the security of the data collected.

• Ensuring adequate protection of confidentiality and integrity of patients’ information while at the same time making the information readily available to all authorized healthcare providers has been a dilemma for healthcare organizations.

• In 1996, the United States Congress passed the Health Insurance Portability and Accountability Act (HIPAA) to protect the freedom, security, privacy and confidentiality of individuals.

• Health information data consists of extremely sensitive information, the security of this information has been an important issue since health care information systems have been in use.

Introduction Continued• The increasing need for exchange of healthcare information within

the healthcare industry have revealed issues with system and applications interoperability.

• The interoperability of systems can be improved by developing Health information security standards for all healthcare organizations

• The goal of Health Information Management Systems Society is to have all health organizations who use, send or store health information to meet the requirements for confidentiality, integrity and availability and accountability using sound risk management practices based on recognized standards and protocols by 2014.

Challenges of managing Health Information Systems

• Liability issues• Ethical issues• Security issues• Data access and storage• Ownership of data• Controlling and Monitoring employees behaviors• Ensuring compliance with HIPAA and other

standards of patient privacy and confidentiality• Lack of interoperability of systems and

applications

Research Sources

• Research revealed that there are two categories of security concerns when using Electronic Health information : Inappropriate release of patient information by health organizations and concerns about the flow of information across the healthcare industry.

• Technological security tools are available and they serve five key functions:

1. Availability

2. Accountability

3. Perimeter identification

4. Controlling access

5. Comprehensibility and control

Research sources Continued

• Health Information Portability and Accessibility Act provide a basic framework for handling health information

• The healthcare industry recognized the need for more guidance in protecting health information

• Healthcare providers have access to a range of technical and organizational practices that can help protect patients’ health information

Health Insurance Portability and Accountability Act

• In the light of increasing sharing of patient information within the healthcare industry, the HIPAA rulings were developed to protect the freedom, security, privacy and confidentiality of Individuals

• “In, 1996, Congress passed Public law 104-191 , otherwise known as HIPAA” (Tan, 2010, pg 281)

• HIPAA required the Department of Health and human services to establish new guidelines, key principles and national standards for handling electronic health transactions.

• Adherence to these HIPAA imposed principles, guidelines and standards is required from all healthcare Professionals and all healthcare entities in the US.

HIPAA continued• HIPAA protects all personal health information either stored

on paper or electronically, located in any US-based health organization, regardless of the source of this information.

• HIPAA requires that healthcare organizations educate their employees on how to respect and safeguard the privacy and confidentiality of the information collected from patients.

• Given the current and future advances in data interchange technology, HIPAA establishes strategies for health organizations to stay in compliance with the federal law

Recommendations for Health Information Systems Security

Establish Security Policies and Procedures for healthcare organizations Protecting the confidentiality and integrity of patients’ information.

Train healthcare employee thoroughly on HIPAA regulations and compliance Monitoring and enforcing guidelines and regulations

Control and Monitor employee behaviors

Technical solutions include using role-based access control, encryption and authentication mechanisms

Conclusion• New technologies are being incorporated in the Healthcare Information systems to improve care management and coordination of patients’ care.

• There are many benefits to the use of new technologies but there are also privacy and security issues associated with the use of these technologies.

• Health information security and patient privacy have been a very important issue in healthcare environments

• There are many technical mechanisms available to guarantee privacy, confidentiality and data security as well as policies, practices and procedures that can be put in place to protect patients’ Information• Security law, which is a component of HIPAA can help build a relationship based on trust Between patients and their healthcare providers.

References

• Albena, R. I., & Susan Meyer-Goldstein. (2013). Impact of standards adoption on healthcare transaction performance: The case of HIPAA. International Journal of Production Economics, 141(1), 277. Retrieved from http://search.proquest.com/docview/1197624060?accountid=32521

• Hagland, M. (1997). Confidence and confidentiality. Health Management Technology, 18(12), 20-2, 24, 56. Retrieved from http://search.proquest.com/docview/195637627?accountid=32521

• Klein, R. (2007). Internet-based patient-physician electronic communication applications: Patient acceptance and trust. E - Service Journal, 5(2), 27-38,40-51. Retrieved from http://search.proquest.com/docview/194901474?accountid=32521

• McGraw, D., Dempsey, J. X., Harris, L., & Goldman, J. (2009). Privacy as an enabler, not an impediment: Building trust into health information exchange. Health Affairs, 28(2), 416-27. Retrieved from http://search.proquest.com/docview/204627057?accountid=32521

• Tan, J.K.H. (2010). Adaptive Health Management Information Systems (3rd ed.) Sudbury: Jones and Bartlett. ISBN: 9780763756918.

• Thomas, C. R. (1997). Privacy, information technology, and health care. Association for Computing Machinery. Communications of the ACM, 40(8), 92-100. Retrieved from http://search.proquest.com/docview/237067863?accountid=32521