privacy and confidentiality
DESCRIPTION
Week 1, Discussion 2 MHA 690 Jared Brady PPT: Privacy and Confidentiality Training ModuleTRANSCRIPT
Privacy and Confidentiality;
Education ModuleJared Brady
MHA 690
Instructor Hwang-Ji Lu
August 6, 2014
Table of Contents Introduction to privacy and confidentiality
Healthcare providers role What is information needs to be protected Definition of breach Factors to confirm when breach is suspected Tools providers can use to keep information safe Most common breach types in the US How to report a breach You don’t know what you don’t know References
Privacy and Confidentiality
As healthcare professionals privacy and confidentiality of patient information should be one of our top priorities. Protecting patient health information is a critical and pivotal role in providing high quality care. Understanding how to protect patient information is a very important skill set that every healthcare provider must understand and master. This training module it aimed to assist healthcare professionals in protecting private patient health information.
What is considered private information? Name and Address Health Background Previous Healthcare Providers Birthday Social Security Number Medical Records Ethical Origin Test results and X-rays Notes Taken by a Doctor or Nurse Medical Diagnosis
(US Department of Health and Human Services, 2005)
Information breach definition
A breach is, generally, an impermissible use or disclosure under the Privacy Rule that compromises the security or privacy of the protected health information.
(U.S Department of Health and Human Services, 2013)
Factors to confirm The nature and extent of the protected health
information involved. The unauthorized person who used the protected health
information or to whom the disclosure was made. Whether the protected health information was actually
acquired or viewed. The extent to which the risk to the protected health
information has been mitigated.(U.S Department of Health and Human Services, 2013)
Tools to keeping information save
(The Office of National Coordinator, 2012)
Most common breach types in the U.S.
(The Office of National Coordinator, 2012)
How to report a potential breach
All healthcare organizations have an internal compliance and legal department that is available for employees to access when they have suspected a breach in patient protected information.
Potential breaches should be reported to immediate supervisors and then pushed up the correct internal chain of command.
Investigations will be launched by internal compliance team. Breaches will then be reported to the appropriate state and
federal regulatory agencies.
You don’t know what you don’t know
Effective understanding and adequate training for all employees and clinicians with annual training is critical. Healthcare organizations must ensure annual training programs exist from within the company to educate all new and existing employees on safe and protected activities related to private patient information. Effective training and education around privacy and confidentiality will protect the patient, the organization, and the employees from potential breaches of private information, legal risks, loss of employment and even criminal charges.
References The Office of the National Coordinator Health Information Technologies.
(2012). Keeping Health Information Private and Secure New Initiatives and Tools. Retrieved from www.healthit.gov/.../KeepingHealthInformationPrivateSecure.pdf
U.S. Department of Health and Human Services. (2005). Information for Patients. National Institutes for Health. Retrieved from http://privacyruleandresearch.nih.gov/patients.asp
U.S. Department of Health and Human Services. (2013). Health Information Privacy. Breach Notification Rule. Retrieved from http://www.hhs.gov/ocr/privacy/hipaa/administrative/breachnotificationrule/